| عنوان | erdogant pypickle 1.1.5 File Overwrite Vulnerability |
|---|
| الوصف | Title - File Overwrite Vulnerability in save () function in pypickle.py
Description
The save() function in the pypickle.py module has a vulnerability that allows unintended file overwrites, leading to potential data loss or security risks. This issue occurs when the overwrite parameter is set to True, but there is insufficient validation on the file path, which could lead to overwriting critical files or unauthorized locations on the filesystem.
Affected Component
Path: https://github.com/erdogant/pypickle/blob/master/pypickle/pypickle.py
File: pypickle.py
Function: save()
Version 1.1.5
Vulnerable Code Snippet:
https://github.com/erdogant/pypickle/blob/8d6d00b08cc040bea563ec8bc3ecef98de486094/pypickle/pypickle.py#L21-#L70
Reference
https://github.com/erdogant/pypickle/issues/3 |
|---|
| المصدر | ⚠️ https://github.com/erdogant/pypickle/issues/3 |
|---|
| المستخدم | Prince Raj (UID 85431) |
|---|
| ارسال | 17/05/2025 02:30 PM (11 أشهر منذ) |
|---|
| الاعتدال | 25/05/2025 03:47 PM (8 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 310263 [erdogant pypickle حتى 1.1.5 pypickle/pypickle.py save تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|