PyPI · pypi.org
aps-beamline-driver
Py Runtime Pickle Loads: pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled.
Why PkgRadar flagged 1.0.27
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Runtime Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · aps_beamline_driver-1.0.27/aps/beamline_driver/beam_management/facade.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.41 | Low risk | 0 | 2026-06-12 |
1.0.40 | Low risk | 0 | 2026-06-12 |
1.0.39 | Low risk | 0 | 2026-06-12 |
1.0.38 | Low risk | 0 | 2026-06-12 |
1.0.37 | Low risk | 0 | 2026-06-12 |
1.0.36 | Low risk | 0 | 2026-06-11 |
1.0.35 | Low risk | 0 | 2026-06-11 |
1.0.34 | Low risk | 0 | 2026-06-11 |
1.0.33 | Low risk | 0 | 2026-06-11 |
1.0.32 | Low risk | 0 | 2026-06-10 |
1.0.31 | Low risk | 0 | 2026-06-09 |
1.0.30 | Low risk | 0 | 2026-06-09 |
1.0.29 | Low risk | 0 | 2026-06-09 |
1.0.28 | Low risk | 0 | 2026-05-26 |
1.0.27 | Review | 20 | 2026-05-26 |
1.0.26 | Review | 20 | 2026-05-26 |
Block this in CI
pkgradar gate --ecosystem pypi aps-beamline-driver==1.0.27