An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file incorrectly considered safe is loaded, it can lead to the execution of malicious code.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| picklescan(PyPI) | 0 | 0.0.31 | N/A |
CVSS Metrics
