{"url":"http://public2.vulnerablecode.io/api/packages/73134?format=json","purl":"pkg:pypi/picklescan@0.0.34","type":"pypi","namespace":"","name":"picklescan","version":"0.0.34","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.0.4","latest_non_vulnerable_version":"1.0.4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49639?format=json","vulnerability_id":"VCID-afab-1ggb-8faa","summary":"picklescan has Arbitrary file read using `io.FileIO`\nUnsafe pickle deserialization allows unauthenticated attackers to read arbitrary server files and perform SSRF. By chaining io.FileIO and urllib.request.urlopen, an attacker can bypass RCE-focused blocklists to exfiltrate sensitive data (example: /etc/passwd) to an external server.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/mmaitre314/picklescan/commit/a01c58d5dd7960db557b849817c0ab83ab111ef1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/commit/a01c58d5dd7960db557b849817c0ab83ab111ef1"},{"reference_url":"https://github.com/mmaitre314/picklescan/pull/55","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/pull/55"},{"reference_url":"https://github.com/mmaitre314/picklescan/releases/tag/v0.0.35","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/releases/tag/v0.0.35"},{"reference_url":"https://github.com/advisories/GHSA-9726-w42j-3qjr","reference_id":"GHSA-9726-w42j-3qjr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9726-w42j-3qjr"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9726-w42j-3qjr","reference_id":"GHSA-9726-w42j-3qjr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9726-w42j-3qjr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73280?format=json","purl":"pkg:pypi/picklescan@0.0.35","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dz86-5sqp-m3gj"},{"vulnerability":"VCID-ffv8-d2fk-tubb"},{"vulnerability":"VCID-h67b-5y6y-xffd"},{"vulnerability":"VCID-mhm6-27cp-1yhr"},{"vulnerability":"VCID-r3gk-x182-juf5"},{"vulnerability":"VCID-sapx-fzv8-pbcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.35"}],"aliases":["GHSA-9726-w42j-3qjr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afab-1ggb-8faa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50596?format=json","vulnerability_id":"VCID-dz86-5sqp-m3gj","summary":"PickleScan has multiple stdlib modules with direct RCE not in blocklist\npicklescan v1.0.3 (latest) does not block at least 7 Python standard library modules that provide direct arbitrary command execution or code evaluation. A malicious pickle file importing these modules is reported as having 0 issues (CLEAN scan). This enables remote code execution that bypasses picklescan entirely.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/advisories/GHSA-g38g-8gr9-h9xp","reference_id":"GHSA-g38g-8gr9-h9xp","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g38g-8gr9-h9xp"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-g38g-8gr9-h9xp","reference_id":"GHSA-g38g-8gr9-h9xp","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-g38g-8gr9-h9xp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74402?format=json","purl":"pkg:pypi/picklescan@1.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@1.0.4"}],"aliases":["GHSA-g38g-8gr9-h9xp"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dz86-5sqp-m3gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50643?format=json","vulnerability_id":"VCID-ffv8-d2fk-tubb","summary":"PickleScan's pkgutil.resolve_name has a universal blocklist bypass\n`pkgutil.resolve_name()` is a Python stdlib function that resolves any `\"module:attribute\"` string to the corresponding Python object at runtime. By using `pkgutil.resolve_name` as the first REDUCE call in a pickle, an attacker can obtain a reference to ANY blocked function (e.g., `os.system`, `builtins.exec`, `subprocess.call`) without that function appearing in the pickle's opcodes. picklescan only sees `pkgutil.resolve_name` (which is not blocked) and misses the actual dangerous function entirely.\n\nThis defeats picklescan's **entire blocklist concept** — every single entry in `_unsafe_globals` can be bypassed.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/advisories/GHSA-vvpj-8cmc-gx39","reference_id":"GHSA-vvpj-8cmc-gx39","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vvpj-8cmc-gx39"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-vvpj-8cmc-gx39","reference_id":"GHSA-vvpj-8cmc-gx39","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-vvpj-8cmc-gx39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74402?format=json","purl":"pkg:pypi/picklescan@1.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@1.0.4"}],"aliases":["GHSA-vvpj-8cmc-gx39"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffv8-d2fk-tubb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49924?format=json","vulnerability_id":"VCID-h67b-5y6y-xffd","summary":"picklescan vulnerable to arbitrary file create using logging.FileHandler\nUnsafe pickle deserialization allows unauthenticated attackers to perform Arbitrary File Creation. By chaining the logging.FileHandler class, an attacker can bypass RCE-focused blocklists to create empty files on the server. The vulnerability allows creating zero-byte files in arbitrary locations but does not permit overwriting or modifying existing files.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/mmaitre314/picklescan/commit/4d9bc9cd34bca8672dad3481cd4556d5ba747156","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/commit/4d9bc9cd34bca8672dad3481cd4556d5ba747156"},{"reference_url":"https://github.com/mmaitre314/picklescan/pull/60","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/pull/60"},{"reference_url":"https://github.com/mmaitre314/picklescan/releases/tag/v1.0.1","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/releases/tag/v1.0.1"},{"reference_url":"https://github.com/advisories/GHSA-m7j5-r2p5-c39r","reference_id":"GHSA-m7j5-r2p5-c39r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m7j5-r2p5-c39r"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-m7j5-r2p5-c39r","reference_id":"GHSA-m7j5-r2p5-c39r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-m7j5-r2p5-c39r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73778?format=json","purl":"pkg:pypi/picklescan@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dz86-5sqp-m3gj"},{"vulnerability":"VCID-ffv8-d2fk-tubb"},{"vulnerability":"VCID-mhm6-27cp-1yhr"},{"vulnerability":"VCID-sapx-fzv8-pbcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@1.0.1"}],"aliases":["GHSA-m7j5-r2p5-c39r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h67b-5y6y-xffd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50201?format=json","vulnerability_id":"VCID-mhm6-27cp-1yhr","summary":"Picklescan (scan_pytorch) Bypass via dynamic eval MAGIC_NUMBER\nThis is a scanning bypass to `scan_pytorch` function in `picklescan`. As we can see in the implementation of [get_magic_number()](https://github.com/mmaitre314/picklescan/blob/2a8383cfeb4158567f9770d86597300c9e508d0f/src/picklescan/torch.py#L76C5-L84) that uses `pickletools.genops(data)` to get the `magic_number` with the condition `opcode.name` includes `INT` or `LONG`, but the PyTorch's implemtation simply uses [pickle_module.load()](https://github.com/pytorch/pytorch/blob/134179474539648ba7dee1317959529fbd0e7f89/torch/serialization.py#L1797) to get this `magic_number`. For this implementation difference, we then can embed the `magic_code` into the `PyTorch` file via dynamic `eval` on the `\\_\\_reduce\\_\\_` trick, which can make the `pickletools.genops(data)` cannot get the `magic_code` in `INT` or `LONG` type, but the `pickle_module.load()` can still return the same `magic_code`, eading to a bypass.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/mmaitre314/picklescan/commit/b9997634683a4f4bd0c7e3701e7ce7e90fe70e8c","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/commit/b9997634683a4f4bd0c7e3701e7ce7e90fe70e8c"},{"reference_url":"https://github.com/advisories/GHSA-97f8-7cmv-76j2","reference_id":"GHSA-97f8-7cmv-76j2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-97f8-7cmv-76j2"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-97f8-7cmv-76j2","reference_id":"GHSA-97f8-7cmv-76j2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-97f8-7cmv-76j2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74108?format=json","purl":"pkg:pypi/picklescan@1.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dz86-5sqp-m3gj"},{"vulnerability":"VCID-ffv8-d2fk-tubb"},{"vulnerability":"VCID-sapx-fzv8-pbcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@1.0.3"}],"aliases":["GHSA-97f8-7cmv-76j2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhm6-27cp-1yhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49943?format=json","vulnerability_id":"VCID-r3gk-x182-juf5","summary":"picklescan missing detection by simple obfuscation of a `builtins.eval` call\nAn unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the host loading a pickle payload from an untrusted source.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/mmaitre314/picklescan/commit/173c8f2a869ea9b69b543477525ec70611c3c6f4","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/commit/173c8f2a869ea9b69b543477525ec70611c3c6f4"},{"reference_url":"https://github.com/mmaitre314/picklescan/pull/59","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/pull/59"},{"reference_url":"https://github.com/mmaitre314/picklescan/releases/tag/v1.0.1","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/releases/tag/v1.0.1"},{"reference_url":"https://github.com/advisories/GHSA-9m3x-qqw2-h32h","reference_id":"GHSA-9m3x-qqw2-h32h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9m3x-qqw2-h32h"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9m3x-qqw2-h32h","reference_id":"GHSA-9m3x-qqw2-h32h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9m3x-qqw2-h32h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73778?format=json","purl":"pkg:pypi/picklescan@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dz86-5sqp-m3gj"},{"vulnerability":"VCID-ffv8-d2fk-tubb"},{"vulnerability":"VCID-mhm6-27cp-1yhr"},{"vulnerability":"VCID-sapx-fzv8-pbcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@1.0.1"}],"aliases":["GHSA-9m3x-qqw2-h32h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r3gk-x182-juf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50546?format=json","vulnerability_id":"VCID-sapx-fzv8-pbcw","summary":"PickleScan's profile.run blocklist mismatch allows exec() bypass\npicklescan v1.0.3 blocks `profile.Profile.run` and `profile.Profile.runctx` but does NOT block the module-level `profile.run()` function. A malicious pickle calling `profile.run(statement)` achieves arbitrary code execution via `exec()` while picklescan reports 0 issues. This is because the blocklist entry `\"Profile.run\"` does not match the pickle global name `\"run\"`.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/advisories/GHSA-7wx9-6375-f5wh","reference_id":"GHSA-7wx9-6375-f5wh","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7wx9-6375-f5wh"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7wx9-6375-f5wh","reference_id":"GHSA-7wx9-6375-f5wh","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7wx9-6375-f5wh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74402?format=json","purl":"pkg:pypi/picklescan@1.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@1.0.4"}],"aliases":["GHSA-7wx9-6375-f5wh"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sapx-fzv8-pbcw"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49540?format=json","vulnerability_id":"VCID-mp69-7jdd-8yhe","summary":"Picklescan is vulnerable to RCE via missing detection when calling built-in python _operator.attrgetter\nPicklescan uses _operator.attrgetter, which is a built-in python library function to execute remote pickle files.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/mmaitre314/picklescan/commit/f2dea43e0c838e09ace1e62994143254b51de927","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/commit/f2dea43e0c838e09ace1e62994143254b51de927"},{"reference_url":"https://github.com/mmaitre314/picklescan/releases/tag/v0.0.34","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/releases/tag/v0.0.34"},{"reference_url":"https://github.com/advisories/GHSA-46h3-79wf-xr6c","reference_id":"GHSA-46h3-79wf-xr6c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-46h3-79wf-xr6c"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-46h3-79wf-xr6c","reference_id":"GHSA-46h3-79wf-xr6c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-46h3-79wf-xr6c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73134?format=json","purl":"pkg:pypi/picklescan@0.0.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-afab-1ggb-8faa"},{"vulnerability":"VCID-dz86-5sqp-m3gj"},{"vulnerability":"VCID-ffv8-d2fk-tubb"},{"vulnerability":"VCID-h67b-5y6y-xffd"},{"vulnerability":"VCID-mhm6-27cp-1yhr"},{"vulnerability":"VCID-r3gk-x182-juf5"},{"vulnerability":"VCID-sapx-fzv8-pbcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.34"}],"aliases":["GHSA-46h3-79wf-xr6c"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mp69-7jdd-8yhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49534?format=json","vulnerability_id":"VCID-sht8-2uh8-eydw","summary":"Picklescan is vulnerable to RCE via missing detection when calling built-in python _operator.methodcaller\nPicklescan uses  _operator.methodcaller, which is a built-in python library function to execute remote pickle files.","references":[{"reference_url":"https://github.com/mmaitre314/picklescan","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan"},{"reference_url":"https://github.com/mmaitre314/picklescan/commit/f2dea43e0c838e09ace1e62994143254b51de927","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/commit/f2dea43e0c838e09ace1e62994143254b51de927"},{"reference_url":"https://github.com/mmaitre314/picklescan/releases/tag/v0.0.34","reference_id":"","reference_type":"","scores":[{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/releases/tag/v0.0.34"},{"reference_url":"https://github.com/advisories/GHSA-955r-x9j8-7rhh","reference_id":"GHSA-955r-x9j8-7rhh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-955r-x9j8-7rhh"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-955r-x9j8-7rhh","reference_id":"GHSA-955r-x9j8-7rhh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-955r-x9j8-7rhh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73134?format=json","purl":"pkg:pypi/picklescan@0.0.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-afab-1ggb-8faa"},{"vulnerability":"VCID-dz86-5sqp-m3gj"},{"vulnerability":"VCID-ffv8-d2fk-tubb"},{"vulnerability":"VCID-h67b-5y6y-xffd"},{"vulnerability":"VCID-mhm6-27cp-1yhr"},{"vulnerability":"VCID-r3gk-x182-juf5"},{"vulnerability":"VCID-sapx-fzv8-pbcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.34"}],"aliases":["GHSA-955r-x9j8-7rhh"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sht8-2uh8-eydw"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.34"}