picklescan

Security scanner detecting Python Pickle files performing suspicious actions

v1.0.4by Matthieu Maitre

69.6K

downloads (30d)

Project Homepage

HIGH

Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran.myeval

MODERATE

Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcode

MODERATE

Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem

HIGH

Picklescan does not block ctypes

HIGH

Picklescan is vulnerable to RCE via missing detection when calling built-in python _operator.attrgetter

MODERATE

Picklescan is missing detection when calling built-in python cProfile.run

MODERATE

Picklescan missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_cprofile

MODERATE

Picklescan is missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_autograd_prof

MODERATE

Picklescan has a missing detection when calling built-in python trace.Trace.run

MODERATE

Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran._eval_length

MODERATE

Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis

CVE-2025-1716 · CVE-2025-1889 · GHSA-769v-p64c-89pr · PYSEC-2025-18 · PYSEC-2025-19

MODERATE

Picklescan has a missing detection when calling built-in python profile.Profile.runctx

MODERATE

Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity

MODERATE

PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions

CVE-2025-1716 · CVE-2025-1889 · GHSA-655q-fx9r-782v · PYSEC-2025-18 · PYSEC-2025-19

MODERATE

Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.fetch_completions

MODERATE

Zip Exploit Crashes Picklescan But Not PyTorch

CVE-2025-1944 · PYSEC-2025-20

CRITICAL

PickleScan's profile.run blocklist mismatch allows exec() bypass

HIGH

Picklescan has Incomplete List of Disallowed Inputs

MODERATE

Picklescan missing detection when calling pytorch function torch._dynamo.guards.GuardBuilder.get

MODERATE

Picklescan has a missing detection when calling built-in python idlelib.calltip.Calltip

HIGH

Picklescan Vulnerable to Exfiltration via DNS via linecache and ssl.get_server_certificate

CVE-2025-46417 · PYSEC-2025-34

HIGH

Picklescan is vulnerable to RCE via missing detection when calling built-in python _operator.methodcaller

HIGH

picklescan has Arbitrary file read using `io.FileIO`

HIGH

Picklescan (scan_pytorch) Bypass via dynamic eval MAGIC_NUMBER

HIGH

Picklescan has pickle parsing logic flaw that leads to malicious pickle file bypass

HIGH

picklescan missing detection by simple obfuscation of a `builtins.eval` call

MODERATE

Picklescan is missing detection when calling built-in python cProfile.runctx

MODERATE

Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity

MODERATE

Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.param_eval

MODERATE

Picklescan has a missing detection when calling built-in python code.InteractiveInterpreter

MODERATE

Picklescan missing detection when calling pytorch function torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression

MODERATE

Picklescan has a missing detection when calling built-in python lib2to3.pgen2.grammar.Grammar.loads

MODERATE

Picklescan missing detection when calling pytorch function torch.utils.collect_env.run

CRITICAL

Picklescan is Vulnerable to Unsafe Globals Check Bypass through Subclass Imports

CVE-2025-10157

MODERATE

Picklescan failed to detect to some unsafe global function in Numpy library

MODERATE

Picklescan is missing detection when calling built-in python doctest.debug_script

MODERATE

Picklescan has a missing detection when calling built-in python trace.Trace.runctx

CRITICAL

PickleScan has multiple stdlib modules with direct RCE not in blocklist

MODERATE

Picklescan missing detection when calling pytorch function torch.utils.data.datapipes.utils.decoder.basichandlers

HIGH

Picklescan Bypasses Unsafe Globals Check using pty.spawn

MODERATE

Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcommand

CRITICAL

Picklescan Bypass is Possible via File Extension Mismatch

CVE-2025-10155

HIGH

Picklescan vulnerable to Arbitrary File Writing

MODERATE

picklescan vulnerable to arbitrary file create using logging.FileHandler

MODERATE

Picklescan is missing detection when calling built-in python idlelib.run.Executive.runcode

CRITICAL

Picklescan: ZIP archive scan bypass is possible through non-exhaustive Cyclic Redundancy Check

CVE-2025-10156

MODERATE

Picklescan is missing detection when calling built-in python lib2to3.pgen2.pgen.ParserGenerator.make_label

MODERATE

Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start

HIGH

Picklescan missing detection when calling numpy.f2py.crackfortran.getlincoef

HIGH

Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.getlincoef

MODERATE

Picklescan missing detection when calling built-in python library function timeit.timeit()

HIGH

Picklescan missing detection when calling pty.spawn

MODERATE

Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper

MODERATE

Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config

CRITICAL

PickleScan's pkgutil.resolve_name has a universal blocklist bypass

MODERATE

Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

CVE-2025-1945 · PYSEC-2025-21

MODERATE

Picklescan has a missing detection when calling built-in python profile.Profile.run

HIGH

Picklescan is vulnerable to RCE through missing detection when calling built-in python operator.methodcaller

MODERATE

Picklescan is missing detection when calling built-in python ensurepip._run_pip

UNKNOWN

PYSEC-2025-18

CVE-2025-1716 · CVE-2025-1889 · GHSA-655q-fx9r-782v · GHSA-769v-p64c-89pr · PYSEC-2025-19

UNKNOWN

PYSEC-2025-19

CVE-2025-1716 · CVE-2025-1889 · GHSA-655q-fx9r-782v · GHSA-769v-p64c-89pr · PYSEC-2025-18

UNKNOWN

PYSEC-2025-20

CVE-2025-1944 · GHSA-7q5r-7gvp-wc82

UNKNOWN

PYSEC-2025-21

CVE-2025-1945 · GHSA-w8jq-xcqf-f792

UNKNOWN

PYSEC-2025-34

CVE-2025-46417 · GHSA-93mv-x874-956g

Exclude CI/CDPRO

Best Day

4.1K

Mar 22

Worst Day

1.5K

Mar 19

Peaks On

Suns

2.7K avg

Quietest

Thus

2.0K avg

Download Trend

Badge

Markdown

[![PyPI Stats](/api/badges/picklescan?period=month)](/packages/picklescan)

HTML

<a href="/packages/picklescan"><img src="/api/badges/picklescan?period=month" alt="PyPI Stats"></a>

Package Info

Latest Version: 1.0.4
Author: Matthieu Maitre
First Release: 2022-09-05

PyPI Compare