Bounties
Partners
Community
Info
uqfoundation / dill
Project repository
serialize all of Python
Submit a report
FIRST INTERACTION
WITHIN
51 DAYS
REVIEW
WITHIN
51 DAYS
FIX
WITHIN
N/A DAYS
A publicly available export function exists for code execution
Feb 12th 2024
carnival-z
•
informative
Critical
An unverified deserialized data stream of function trust was found in dill pro...
Feb 12th 2024
carnival-z
•
informative
High
Code Execution via Unvalidated Deserialization in Python's pickle Module
Nov 22nd 2023
sachin141
•
informative
High
Dynamic Attribute Access and Code Execution in Python Functions
Feb 2nd 2024
sachin141
•
not applicable
Remote Code Execution (RCE) in dill
Oct 5th 2023
ready-research
•
self closed
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
