CVE-2020-13091

CRITICAL

pandas <1.0.3 - Command Injection

Title source: llm

Description

pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the read_pickle() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner

References (2)

[Exploit, Third Party Advisory] https://github.com/0FuzzingQ/vuln/blob/master/pandas%20unserialize.md

[Third Party Advisory] https://pandas.pydata.org/pandas-docs/stable/reference/api/pandas.read_pickle.html

Scores

CVSS v3 9.8

EPSS 0.0114

EPSS Percentile 78.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-502

Status published

Affected Products (1)

numfocus/pandas < 1.0.3

Timeline

Published May 15, 2020

Tracked Since Feb 18, 2026