GHSA-538V-3WQ9-4H3R

Vulnerability from github – Published: 2025-10-01 12:30 – Updated: 2025-11-05 20:47
VLAI?
Summary
Apache Pyfory python is vulnerable to deserialization of untrusted data
Details

Deserialization of untrusted data in python in pyfory versions 0.12.0 through 0.12.2, or the legacy pyfury versions from 0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources. An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of pickle.loads, which is vulnerable to remote code execution.

Users are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.

Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pyfory"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.12.0"
            },
            {
              "fixed": "0.12.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pyfury"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.1.0"
            },
            {
              "last_affected": "0.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-61622"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-01T19:38:16Z",
    "nvd_published_at": "2025-10-01T10:15:34Z",
    "severity": "CRITICAL"
  },
  "details": "Deserialization of untrusted data in\u00a0python in pyfory\u00a0versions 0.12.0 through 0.12.2, or the\u00a0legacy\u00a0pyfury versions from\u00a00.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources.\u00a0An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of `pickle.loads`, which is\u00a0vulnerable to\u00a0remote code execution.\n\nUsers are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.",
  "id": "GHSA-538v-3wq9-4h3r",
  "modified": "2025-11-05T20:47:02Z",
  "published": "2025-10-01T12:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61622"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/fory/pull/2629"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/fory/commit/379b948ecae5c3b849e5bdb3997978c9a163e40b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/fory"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/fory/releases/tag/v0.12.3"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/vfn9hp9qt06db5yo1gmj3l114o3o2csd"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/09/29/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Pyfory python is vulnerable to deserialization of untrusted data"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.