{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36985?format=json","vulnerability_id":"VCID-w2h9-74te-tqhc","summary":"picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection.","aliases":[{"alias":"CVE-2025-1944"},{"alias":"GHSA-7q5r-7gvp-wc82"},{"alias":"PYSEC-2025-20"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/44604?format=json","purl":"pkg:pypi/picklescan@0.0.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.23"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/44391?format=json","purl":"pkg:pypi/picklescan@0.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/44392?format=json","purl":"pkg:pypi/picklescan@0.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/44393?format=json","purl":"pkg:pypi/picklescan@0.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/44394?format=json","purl":"pkg:pypi/picklescan@0.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/44395?format=json","purl":"pkg:pypi/picklescan@0.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/44396?format=json","purl":"pkg:pypi/picklescan@0.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/44397?format=json","purl":"pkg:pypi/picklescan@0.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/44398?format=json","purl":"pkg:pypi/picklescan@0.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/44399?format=json","purl":"pkg:pypi/picklescan@0.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/44400?format=json","purl":"pkg:pypi/picklescan@0.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/44401?format=json","purl":"pkg:pypi/picklescan@0.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/44402?format=json","purl":"pkg:pypi/picklescan@0.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/44403?format=json","purl":"pkg:pypi/picklescan@0.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/44404?format=json","purl":"pkg:pypi/picklescan@0.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/44405?format=json","purl":"pkg:pypi/picklescan@0.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/44406?format=json","purl":"pkg:pypi/picklescan@0.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/44407?format=json","purl":"pkg:pypi/picklescan@0.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/44408?format=json","purl":"pkg:pypi/picklescan@0.0.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/44409?format=json","purl":"pkg:pypi/picklescan@0.0.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/44410?format=json","purl":"pkg:pypi/picklescan@0.0.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/44411?format=json","purl":"pkg:pypi/picklescan@0.0.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-nvvk-8a8j-43gw"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.21"},{"url":"http://public2.vulnerablecode.io/api/packages/44475?format=json","purl":"pkg:pypi/picklescan@0.0.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2syv-syp1-6yhk"},{"vulnerability":"VCID-ag3v-g92v-kbde"},{"vulnerability":"VCID-auku-kbg2-2ybg"},{"vulnerability":"VCID-avk4-jaz6-m3gw"},{"vulnerability":"VCID-jfcq-vpg2-pkdn"},{"vulnerability":"VCID-w2h9-74te-tqhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/picklescan@0.0.22"}],"references":[{"reference_url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"},{"reference_url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82"},{"reference_url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944"}],"weaknesses":[],"exploits":[],"severity_range_score":"6.5 - 6.5","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w2h9-74te-tqhc"}