—
PYSEC-2026-742
Py2Play Unpickles Untrusted Objects
상세
Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / py2play
최초 영향 버전:
0 No fixed version published yet for py2play (pip). Pin to a known-safe version or switch to an alternative.
참고
- https://nvd.nist.gov/vuln/detail/CVE-2005-2875 [ADVISORY]
- https://bugs.gentoo.org/show_bug.cgi?id=103524 [WEB]
- https://web.archive.org/web/20040824010038/http://home.gna.org/oomadness/fr/slune/index.html [WEB]
- https://web.archive.org/web/20050213041706/http://soya.literati.org [WEB]
- https://web.archive.org/web/20161225000907/http://www.securityfocus.com/bid/14864 [WEB]
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326976 [WEB]
- http://www.debian.org/security/2005/dsa-856 [WEB]
- http://www.gentoo.org/security/en/glsa/glsa-200509-09.xml [WEB]
- https://pypi.org/project/py2play [PACKAGE]
- https://github.com/advisories/GHSA-wcpc-f63g-x26q [ADVISORY]