Количество 2
Количество 2
CVE-2025-1945
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model.
GHSA-w8jq-xcqf-f792
Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-1945 picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model. | CVSS3: 9.8 | 0% Низкий | 11 месяцев назад |
| GHSA-w8jq-xcqf-f792 Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу