Duplicate Advisory: Picklescan Bypass is Possible via File Extension Mismatch

GHSA-j424-mc44-f4hj

Published Sep 17, 2025 · Modified Sep 17, 2025

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-jgw4-cr84-mqxg. This link is maintained to preserve external references.

Original Description

An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file incorrectly considered safe is loaded, it can lead to the execution of malicious code.

References

WEB https://github.com/mmaitre314/picklescan/security/advisories/GHSA-jgw4-cr84-mqxg
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-10155
WEB https://github.com/mmaitre314/picklescan/blob/58983e1c20973ac42f2df7ff15d7c8cd32f9b688/src/picklescan/scanner.py#L463

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes