Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Remote code execution in Kodiak #5
1849 import pickle
I would like to report a remote code execution potential vulnerability in Singledop. Pickle module enables binary serialization and loading of Python datatypes and any user supplied sample file can lead to remote code execution on any researches machine processing a serialized file.
Attack binary a valid dop file:
Please let me know if you have any questions. You can also reach back to me at firstname.lastname@example.org