logo

Database

Lack of data validation In picklescan

Description

Duplicate Advisory: Picklescan Bypass is Possible via File Extension Mismatch

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-jgw4-cr84-mqxg. This link is maintained to preserve external references.

Original Description

An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file incorrectly considered safe is loaded, it can lead to the execution of malicious code.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. NVD-2025-101552. GHSA-jgw4-cr84-mqxg3. GCVE-GHSA-j424-mc44-f4hj

References

1. https://github.com/mmaitre314/picklescan/security/advisories/GHSA-jgw4-cr84-mqxg2. https://github.com/mmaitre314/picklescan/blob/58983e1c20973ac42f2df7ff15d7c8cd32f9b688/src/picklescan/scanner.py#L463

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.