CVE-2025-67747
Unknown Unknown - Not Provided
Unsafe Module Import Bypass in Fickling Enables Code Execution

Publication date: 2025-12-16

Last updated on: 2025-12-16

Assigner: GitHub, Inc.

Description
Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing `marshal` and `types` from the block list of unsafe module imports. Fickling started blocking both modules to address this issue. This allows an attacker to craft a malicious pickle file that can bypass fickling since it misses detections for `types.FunctionType` and `marshal.loads`. A user who deserializes such a file, believing it to be safe, would inadvertently execute arbitrary code on their system. This impacts any user or system that uses Fickling to vet pickle files for security issues. The issue was fixed in version 0.1.6.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-16
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-15
NVD
CVE-2025-67747
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
trailofbits fickling 0.1.6
trailofbits fickling 0.1.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
CWE-184 The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-67747 is a vulnerability in the Python package 'fickling' (versions prior to 0.1.6) where the tool fails to block the Python modules 'marshal' and 'types' during its security analysis of pickle files. This omission allows attackers to craft malicious pickle files that use 'marshal.loads' and 'types.FunctionType' to bypass fickling's safety checks. As a result, a user who deserializes such a malicious pickle file, believing it to be safe, could inadvertently execute arbitrary code on their system. The vulnerability was fixed in version 0.1.6 by adding these modules to the blocklist of unsafe imports. [1, 2, 3, 4]

Impact Analysis

This vulnerability can impact you by allowing an attacker to execute arbitrary code on your system if you use fickling to vet pickle files for security and then deserialize a malicious pickle file that bypasses fickling's checks. This could lead to unauthorized system commands being run, potentially compromising your system's integrity, confidentiality, and availability. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by analyzing pickle files with the updated version of the fickling tool (version 0.1.6 or later), which includes 'marshal' and 'types' modules in its blocklist of unsafe imports. Running fickling on suspicious pickle files will help identify malicious usage of marshal.loads and types.FunctionType that were previously missed. For example, you can run the command `fickling check_safety <pickle_file>` to analyze a pickle file. If you are using an older version, the tool may incorrectly classify malicious files as 'LIKELY_SAFE'. There is no direct network detection command provided, but scanning for pickle files and analyzing them with the fixed fickling tool is recommended. [1, 2, 3]

Mitigation Strategies

The immediate mitigation step is to upgrade the fickling tool to version 0.1.6 or later, which includes the fix that adds 'marshal' and 'types' to the blocklist of unsafe modules, preventing the bypass. Avoid deserializing pickle files that have not been vetted with the updated tool. Additionally, review any systems or workflows that rely on fickling for pickle file analysis and ensure they are updated to use the patched version to prevent arbitrary code execution. [3, 4]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67747. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart