Mmaitre314 Picklescan
7 CVEs affecting Mmaitre314 Picklescan. Latest disclosed: 2025-09-17. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-10157 | | 2025-09-17 | A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals… | |
CVE-2025-10156 | | 2025-09-17 | An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass… | |
CVE-2025-10155 | | 2025-09-17 | An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypas… | |
CVE-2025-1945 | | 2025-03-10 | picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specifi… | |
CVE-2025-1944 | | 2025-03-10 | picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives… | |
CVE-2025-1889 | | 2025-03-03 | picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that… | |
CVE-2025-1716 | | 2025-02-26 | picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI packa… |