Количество 3
Количество 3
CVE-2025-70560
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achieve arbitrary code execution when the file is loaded.
CVE-2025-70560
Boltz 2.0.0 contains an insecure deserialization vulnerability in its ...
GHSA-fjm6-8xp2-4fwc
Boltz contains an insecure deserialization vulnerability in its molecule loading functionality
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-70560 Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achieve arbitrary code execution when the file is loaded. | CVSS3: 8.4 | 0% Низкий | 2 месяца назад |
| CVE-2025-70560 Boltz 2.0.0 contains an insecure deserialization vulnerability in its ... | CVSS3: 8.4 | 0% Низкий | 2 месяца назад |
| GHSA-fjm6-8xp2-4fwc Boltz contains an insecure deserialization vulnerability in its molecule loading functionality | CVSS3: 8.4 | 0% Низкий | 2 месяца назад |
Уязвимостей на страницу