GHSA-gphx-c88f-73gwHighCVSS 8.1
picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data...
🔗 CVE IDs covered (1)
📋 Description
picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, allowing attackers to bypass safety checks. Remote attackers can embed undetected malicious code in pickle files that executes during deserialization, enabling remote code execution.
🔗 References (4)
- https://github.com/mmaitre314/picklescan/security/advisories/GHSA-h3qp-7fh3-f8h4
- https://nvd.nist.gov/vuln/detail/CVE-2025-71369
- https://www.vulncheck.com/advisories/picklescan-unsafe-deserialization-via-torch-utils-data-datapipes-utils-decoder-basichandlers
- https://github.com/advisories/GHSA-gphx-c88f-73gw