{"id":"PYSEC-2020-73","details":"** DISPUTED ** pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the read_pickle() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner.","aliases":["CVE-2020-13091"],"modified":"2023-11-08T04:02:12.263851Z","published":"2020-05-15T19:15:00Z","references":[{"type":"WEB","url":"https://github.com/0FuzzingQ/vuln/blob/master/pandas%20unserialize.md"},{"type":"WEB","url":"https://pandas.pydata.org/pandas-docs/stable/reference/api/pandas.read_pickle.html"}],"affected":[{"package":{"name":"pandas","ecosystem":"PyPI","purl":"pkg:pypi/pandas"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.4"}]}],"versions":["0.1","0.2beta","0.2b1","0.2","0.3.0.beta","0.3.0.beta2","0.3.0","0.4.0","0.4.1","0.4.2","0.4.3","0.5.0","0.6.0","0.6.1","0.7.0","0.7.1","0.7.2","0.7.3","0.8.0rc1","0.8.0rc2","0.8.0","0.8.1","0.9.0","0.9.1","0.10.0","0.10.1","0.11.0","0.12.0","0.13.0","0.13.1","0.14.0","0.14.1","0.15.0","0.15.1","0.15.2","0.16.0","0.16.1","0.16.2","0.17.0","0.17.1","0.18.0","0.18.1","0.19.0rc1","0.19.0","0.19.1","0.19.2","0.20.0rc1","0.20.0","0.20.1","0.20.2","0.20.3","0.21.0rc1","0.21.0","0.21.1","0.22.0","0.23.0rc2","0.23.0","0.23.1","0.23.2","0.23.3","0.23.4","0.24.0rc1","0.24.0","0.24.1","0.24.2","0.25.0rc0","0.25.0","0.25.1","0.25.2","0.25.3","1.0.0rc0","1.0.0","1.0.1","1.0.2","1.0.3"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/pandas/PYSEC-2020-73.yaml"}}],"schema_version":"1.7.3"}