ГлавнаяУязвимости → CVE-2025-1716
9.8критическая

CVE-2025-1716

Описание

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package (hosted, for example, on pypi.org or GitHub) via `pip.main()`. Because pip is not a restricted global, the model, when scanned with picklescan, would pass security checks and appear to be safe, when it could instead prove to be problematic.

Затрагиваемое ПО
Mmaitre314 Picklescan
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3dhttps://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782vhttps://www.sonatype.com/security-advisories/cve-2025-1716