Author Iman Sharafaldin
Recipients Iman Sharafaldin
Date 2020-07-04.11:56:29
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
It seems that all versions of Python 3 are vulnerable to de-marshaling the attached file (Python file is included). I've tested on Python 3.10.0a0 (heads/master:b40e434, Jul  4 2020), Python 3.6.11 and Python 3.7.2. This is due to lack of proper validation at Objects/tupleobject.c:413 (heads/master:b40e434).
This is the result of GDB's Exploitable plugin (it's exploitable):
Description: Access violation during branch instruction
Short description: BranchAv (4/22)
Hash: e04b830dfb409a8bbf67bff96ff0df44.4d31b48b56e0c02ed51520182d91a457
Exploitability Classification: EXPLOITABLE
Explanation: The target crashed on a branch instruction, which may indicate that the control flow is tainted.
Other tags: AccessViolation (21/22)
Date User Action Args
2020-07-04 11:56:29Iman Sharafaldinsetrecipients: + Iman Sharafaldin
2020-07-04 11:56:29Iman Sharafaldinsetmessageid: <>
2020-07-04 11:56:29Iman Sharafaldinlinkissue41208 messages
2020-07-04 11:56:29Iman Sharafaldincreate