高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| picklescan | picklescan | 0 ~ 0.0.28 | - |
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
| CVE-2025-71356 | 8.1 HIGH | picklescan - Arbitrary Code Execution via torch.fx.experimental.symbolic_shapes.ShapeEnv.e |
| CVE-2025-71372 | 8.1 HIGH | Picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.getlincoef Gadget |
| CVE-2025-71367 | 8.1 HIGH | picklescan - Remote Code Execution via _operator.attrgetter Detection Bypass |
| CVE-2025-71347 | 8.1 HIGH | picklescan - Undetected Remote Code Execution via numpy.f2py.crackfortran.param_eval |
| CVE-2025-71366 | 8.1 HIGH | picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_cprofile |
| CVE-2025-71369 | 8.1 HIGH | picklescan - Unsafe Deserialization via torch.utils.data.datapipes.utils.decoder.basichand |
| CVE-2025-71373 | 8.1 HIGH | picklescan - Remote Code Execution via operator.methodcaller Detection Bypass |
| CVE-2025-71362 | 8.1 HIGH | picklescan - Arbitrary Code Execution via Unsafe Deserialization in numpy.f2py.crackfortra |
| CVE-2025-71375 | 8.1 HIGH | picklescan - Undetected Remote Code Execution via _operator.methodcaller |
| CVE-2025-71360 | 8.1 HIGH | picklescan - Remote Code Execution via Undetected idlelib.calltip.get_entity |
| CVE-2025-71364 | 8.1 HIGH | picklescan - Arbitrary Code Execution via Undetected asyncio.unix_events._UnixSubprocessTr |
| CVE-2025-71359 | 8.1 HIGH | picklescan - Unsafe Deserialization via lib2to3.pgen2.grammar.Grammar.loads |
| CVE-2025-71342 | 8.1 HIGH | picklescan - Undetected Remote Code Execution via idlelib.run.Executive.runcode |
| CVE-2025-71343 | 8.1 HIGH | picklescan - Arbitrary Code Execution via lib2to3.pgen2.pgen.ParserGenerator.make_label De |
| CVE-2025-71345 | 8.1 HIGH | picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_autograd_pro |
まだコメントはありません