CVE-2014-3539

CVE-2014-3539

EPSS 3.0%

base/oi/doa.py in the Rope library in CPython (aka Python) allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugzilla.redhat.com/show_bug.cgi?id=1116485 http://www.openwall.com/lists/oss-security/2015/02/07/1