CNNVD-202512-3123 Information

CNNVD ID

CNNVD-202512-3123

Related CVE

CVE-2025-67748

• CNNVD Published: 2025-12-16

Description (Chinese)

Fickling是Trail of Bits开源的一个Python的反编译器和静态分析器。 Fickling 0.1.6之前版本存在代码问题漏洞，该漏洞源于缺少pty模块的安全检查，可能导致执行任意代码。

Description (English)

Pickling is a Python back compiler and static analyser of Trail of Bits open source. There was a code gap in the pre-Fickling 0.1.6 version, which stemmed from the lack of security checks in the pty module and could lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Trail of Bits

Published

2025-12-16

Last Modified

2026-02-24

References

https://github.com/trailofbits/fickling/pull/108 https://github.com/trailofbits/fickling/pull/187 https://github.com/trailofbits/fickling/security/advisories/GHSA-r7v6-mfhq-g3m2 https://access.redhat.com/security/cve/cve-2025-67748