Home

Description

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing `marshal` and `types` from the block list of unsafe module imports. Fickling started blocking both modules to address this issue. This allows an attacker to craft a malicious pickle file that can bypass fickling since it misses detections for `types.FunctionType` and `marshal.loads`. A user who deserializes such a file, believing it to be safe, would inadvertently execute arbitrary code on their system. This impacts any user or system that uses Fickling to vet pickle files for security issues. The issue was fixed in version 0.1.6.

PUBLISHED Reserved 2025-12-11 | Published 2025-12-16 | Updated 2025-12-16 | Assigner GitHub_M




HIGH: 7.1CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Problem types

CWE-184: Incomplete List of Disallowed Inputs

CWE-502: Deserialization of Untrusted Data

Product status

< 0.1.6
affected

References

github.com/...ckling/security/advisories/GHSA-565g-hwwr-4pp3

github.com/trailofbits/fickling/pull/186

github.com/...ommit/4e34561301bda1450268d1d7b0b2b151de33b913

github.com/trailofbits/fickling/releases/tag/v0.1.6

cve.org (CVE-2025-67747)

nvd.nist.gov (CVE-2025-67747)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.