CNNVD-202601-1764 Information

CNNVD ID

CNNVD-202601-1764

Related CVE

CVE-2026-22608

• CNNVD Published: 2026-01-10

Description (Chinese)

Fickling是Trail of Bits开源的一个Python的反编译器和静态分析器。 Fickling 0.1.7之前版本存在代码问题漏洞，该漏洞源于未明确阻止ctypes和pydoc模块，可能导致远程代码执行。

Description (English)

Pickling is a Python back compiler and static analyser of Trail of Bits open source. There was a code problem gap in the previous version of Pickling 0.1.7 that resulted from the lack of a clear stop to the ctypes and pydoc modules, which could lead to remote code implementation.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Trail of Bits

Published

2026-01-10

Last Modified

2026-02-24

References

https://github.com/trailofbits/fickling/commit/b793563e60a5e039c5837b09d7f4f6b92e6040d1 https://github.com/trailofbits/fickling/releases/tag/v0.1.7 https://github.com/trailofbits/fickling/security/advisories/GHSA-5hvc-6wx8-mvv4

Patch

https://github.com/trailofbits/fickling/releases