CNNVD-202512-3124 Information

Dec 16, 2025 cve

CNNVD ID

CNNVD-202512-3124

CVE-2025-67747

  • CNNVD Published: 2025-12-16

Description (Chinese)

Fickling是Trail of Bits开源的一个Python的反编译器和静态分析器。 Fickling 0.1.6之前版本存在代码问题漏洞,该漏洞源于缺少marshal和types模块的安全检查,可能导致执行任意代码。

Description (English)

Pickling is a Python back compiler and static analyser of Trail of Bits open source. There was a code gap in the previous version of Pickling 0.1.6, which stemmed from the lack of security checks in the Marshall and types modules, which could lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Trail of Bits

Published

2025-12-16

Last Modified

2026-02-24

References

https://github.com/trailofbits/fickling/commit/4e34561301bda1450268d1d7b0b2b151de33b913 https://github.com/trailofbits/fickling/pull/186 https://github.com/trailofbits/fickling/releases/tag/v0.1.6 https://github.com/trailofbits/fickling/security/advisories/GHSA-565g-hwwr-4pp3 https://access.redhat.com/security/cve/cve-2025-67747

Share on: