CVE Record: CVE-2014-0485

Required CVE Record Information

Description

S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

Product Status

Learn more

Information not provided

References 3 Total

https://bitbucket.org/nikratio/s3ql/commits/091ac263809b4e8
external site
debian.org: DSA-3013
external site
vendor-advisory
openwall.com: [oss-security] 20140828 CVE-2014-0485: unsafe Python pickle in s3ql
external site
mailing-list

Updated: 2024-08-06

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

https://bitbucket.org/nikratio/s3ql/commits/091ac263809b4e8
external site
x_transferred
debian.org: DSA-3013
external site
vendor-advisoryx_transferred
openwall.com: [oss-security] 20140828 CVE-2014-0485: unsafe Python pickle in s3ql
external site
mailing-listx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Debian GNU/Linux

Description

Product Status

References 3 Total

CVE Program

References 3 Total