Home > Vulnerability Database > CVE-2025-1716

Mend.io Vulnerability Database

CVE-2025-1716

Good to know:

Date: February 26, 2025

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package (hosted, for example, on pypi.org or GitHub) via "pip.main()". Because pip is not a restricted global, the model, when scanned with picklescan, would pass security checks and appear to be safe, when it could instead prove to be problematic.

Severity Score

4.3

Related Resources (9)

Url: https://github.com/mmaitre314/picklescan/commit/baf03faf88fece56a89534d12ce048e5ee36e50e

Url: https://github.com/mmaitre314/picklescan

Url: https://github.com/mmaitre314/picklescan/security/advisories/GHSA-769v-p64c-89pr

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-1716

Url: https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-1889

Url: https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v

Url: https://github.com/pypa/advisory-database/tree/main/vulns/picklescan/PYSEC-2025-18.yaml

Url: https://www.mend.io/vulnerability-database/CVE-2025-1716

Severity Score

4.3

Weakness Type (CWE)

Incomplete List of Disallowed Inputs

CWE-184

Reliance on File Name or Extension of Externally-Supplied File

CWE-646

Top Fix

Upgrade Version

Upgrade to version picklescan - 0.0.22

Learn More

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-1716

Good to know:

Date: February 26, 2025

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?