Create a draft advisory to notify of vulnerabilities, false positives, false negatives, etc.
Security: mmaitre314/picklescan
Security
SECURITY.md
-
Arbitrary file create using logging.FileHandlerGHSA-m7j5-r2p5-c39r published
Feb 2, 2026 by mmaitre314Moderate -
Arbitrary file read using `io.FileIO`GHSA-9726-w42j-3qjr published
Jan 7, 2026 by mmaitre314High -
Arbitrary File WritingGHSA-m273-6v24-x4m4 published
Dec 26, 2025 by mmaitre314High -
ctypes not being blockedGHSA-4675-36f9-wf6r published
Dec 26, 2025 by mmaitre314Critical -
Incomplete List of Disallowed Inputs in picklescanGHSA-84r2-jw7c-4r5q published
Dec 26, 2025 by mmaitre314Critical -
Missing detection when calling pty.spawnGHSA-vqmv-47xg-9wpr published
Dec 26, 2025 by mmaitre314Moderate -
Bypassing Unsafe Globals Check using pty.spawnGHSA-hgrh-qx5j-jfwx published
Dec 26, 2025 by mmaitre314High -
Security Disclosure: Multiple Scanner Bypass VulnerabilitiesGHSA-gx77-x2pv-48v7 published
Nov 14, 2025 by mmaitre314Critical -
Missing detection by simple obfuscation of a `builtins.eval` callGHSA-9m3x-qqw2-h32h published
Feb 2, 2026 by mmaitre314High -
Missing detection when calling `numpy.f2py.crackfortran.getlincoef`GHSA-r8g5-cgf2-4m4m published
Dec 26, 2025 by mmaitre314Moderate
Learn more about advisories related to mmaitre314/picklescan in the GitHub Advisory Database