PT-2025-44585 · Cryptidy · Cryptidy
Published
2025-10-31
·
Updated
2025-11-03
·
CVE-2025-63675
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
cryptidy versions through 1.2.4
Description
The software allows code execution due to the use of
pickle.loads with untrusted data. This issue occurs within the aes decrypt message function located in the symmetric encryption.py file.Recommendations
Update cryptidy to a version later than 1.2.4.
Exploit
Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cryptidy