exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2025-1889

11 месяцев назад

picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic.

CVSS3: 9.8

EPSS: Низкий

GHSA-769v-p64c-89pr

11 месяцев назад

PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions

EPSS: Низкий

BDU:2025-15447

11 месяцев назад

Уязвимость метода reduce сканера безопасности для анализа файлов Pickle Python Picklescan, позволяющая нарушителю выполнить произвольный код

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-1889 picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic.	CVSS3: 9.8	0% Низкий	11 месяцев назад
GHSA-769v-p64c-89pr PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions		0% Низкий	11 месяцев назад
BDU:2025-15447 Уязвимость метода reduce сканера безопасности для анализа файлов Pickle Python Picklescan, позволяющая нарушителю выполнить произвольный код	CVSS3: 4.3	0% Низкий	11 месяцев назад

Уязвимостей на страницу