PyPi: Picklescan

CVE-2025-1716

Safety vulnerability ID: 75734

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 26, 2025 Updated at Mar 09, 2025

Scan your Python projects for vulnerabilities →

Advisory

Affected versions of Picklescan are vulnerable to Incomplete List of Disallowed Inputs. An unsafe deserialization vulnerability in Python’s pickle module allows an attacker to bypass static analysis tools like Picklescan and execute arbitrary code during deserialization. This can be exploited to run pip install and fetch a malicious package, enabling remote code execution (RCE) upon package installation.

Affected package

picklescan

Latest version: 0.0.24

Security scanner detecting Python Pickle files performing suspicious actions

Affected versions

Fixed versions

Vulnerability changelog

What's Changed
* Picklescan fails to detect unsafe globals in PyTorch models with non-standard Pickle file extensions by madgetr in https://github.com/mmaitre314/picklescan/commit/baf03faf88fece56a89534d12ce048e5ee36e50e https://github.com/mmaitre314/picklescan/security/advisories/GHSA-769v-p64c-89pr
* Picklescan fails to detect some unsafe globals by madgetr in https://github.com/mmaitre314/picklescan/commit/93764d62af72b0ec3e2dd693ab6a9774abbed953 https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v

**Full Changelog**: https://github.com/mmaitre314/picklescan/compare/v0.0.21...v0.0.22

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1716

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application