| Title | pytries datrie 0.8.3 Deserialization |
|---|
| Description | RCE via Insecure Deserialization in datrie.Trie.load() using pickle
The datrie.Trie class relies on pickle.load() to restore its internal state when loading trie files through methods such as Trie.load(), Trie.read(), and Trie.__setstate__(). Because Python’s pickle mechanism allows execution of arbitrary code during deserialization, a specially crafted .trie file can include a malicious payload that gets executed as soon as it is loaded. This behavior is not obvious to users, since the deserialization happens implicitly within what appears to be a standard data-loading API. As a result, applications may unknowingly introduce a critical security risk.
It’s important to note that the datrie.BaseTrie class is not affected, as it does not use pickle for deserialization. However, any application that processes .trie files from untrusted sources—such as user uploads, shared storage, or external datasets—can be vulnerable to arbitrary code execution.
Note: The vendor has been notified through github public issue 15 days ago but it seems the repo is not maintained. |
|---|
| Source | ⚠️ https://github.com/pytries/datrie/issues/109 |
|---|
| User | dhabaleshwar (UID 58737) |
|---|
| Submission | 04/05/2026 18:18 (3 days ago) |
|---|
| Moderation | 04/06/2026 23:23 (1 day later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 355483 [pytries datrie up to 0.8.3 trie File src/datrie.pyx Trie.load/Trie.read/Trie.__setstate__ deserialization] |
|---|
| Points | 0 |
|---|