| CVE-2025-10155 |
unknown |
— |
— |
|
|
|
9mo ago |
Picklescan Bypass is Possible via File Extension Mismatch |
| CVE-2025-10156 |
unknown |
— |
— |
|
|
|
9mo ago |
Picklescan: ZIP archive scan bypass is possible through non-exhaustive Cyclic Redundancy Check |
| CVE-2025-10157 |
unknown |
— |
— |
|
|
|
9mo ago |
Picklescan is Vulnerable to Unsafe Globals Check Bypass through Subclass Imports |
| CVE-2025-46417 |
unknown |
— |
— |
|
|
|
1y ago |
The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserialization. |
| CVE-2025-1944 |
unknown |
— |
— |
|
|
|
1y ago |
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP he… |
| CVE-2025-1945 |
unknown |
— |
— |
|
|
|
1y ago |
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attac… |
| CVE-2025-1889 |
unknown |
— |
— |
|
|
|
1y ago |
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pic… |
| CVE-2025-1716 |
unknown |
— |
— |
|
|
|
1y ago |
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pic… |
