VulnerableCode Package Details - pkg:pypi/fickling@0.1.5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/fickling@0.1.5

Essentials
History (1)

purl	pkg:pypi/fickling@0.1.5

Next non-vulnerable version	0.1.6
Latest non-vulnerable version	0.1.9
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-dp66-vtjz-b7ad Aliases: CVE-2025-67748 GHSA-r7v6-mfhq-g3m2 PYSEC-2025-113	Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by `pty` missing from the block list of unsafe module imports. This led to unsafe pickles based on `pty.spawn()` being incorrectly flagged as `LIKELY_SAFE`, and was fixed in version 0.1.6. This impacted any user or system that used Fickling to vet pickle files for security issues.	0.1.6 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:23:36.013919+00:00	Pypa Importer	Affected by	VCID-dp66-vtjz-b7ad	https://github.com/pypa/advisory-database/blob/main/vulns/fickling/PYSEC-2025-113.yaml	38.6.0