PyPI · pypi.org
cirq-core
Py Runtime Subprocess: subprocess call — process spawning.
Why PkgRadar flagged 1.7.0.dev20260526195242
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Runtime Subprocess | subprocess call — process spawning. · cirq/contrib/quantikz/circuit_to_latex_render.py |
| medium | Py Runtime Eval Exec | Python eval()/exec() called on a string. · cirq/_compat_test.py |
| medium | Py Runtime Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · cirq/circuits/insert_strategy_test.py |
| medium | Py Runtime Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · cirq/devices/grid_qubit_test.py |
| medium | Py Runtime Eval Exec | Python eval()/exec() called on a string. · cirq/experiments/two_qubit_xeb_test.py |
| medium | Py Runtime Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · cirq/protocols/hash_from_pickle_test.py |
| medium | Py Runtime Eval Exec | Python eval()/exec() called on a string. · cirq/protocols/json_serialization_test.py |
| medium | Py Runtime Eval Exec | Python eval()/exec() called on a string. · cirq/testing/equivalent_repr_eval.py |
| medium | Py Runtime Eval Exec | Python eval()/exec() called on a string. · cirq/value/linear_dict_test.py |
| medium | Py Runtime Eval Exec | Python eval()/exec() called on a string. · cirq/value/product_state_test.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.7.0.dev20260613151434 | Low risk | 0 | 2026-06-13 |
1.7.0.dev20260612235300 | Low risk | 0 | 2026-06-13 |
1.7.0.dev20260608233335 | Low risk | 0 | 2026-06-08 |
1.7.0.dev20260605181515 | Low risk | 0 | 2026-06-05 |
1.7.0.dev20260604221749 | Low risk | 0 | 2026-06-04 |
1.7.0.dev20260604022051 | Low risk | 0 | 2026-06-04 |
1.7.0.dev20260601223209 | Low risk | 0 | 2026-06-01 |
1.7.0.dev20260530040123 | Low risk | 0 | 2026-05-30 |
1.7.0.dev20260530000804 | Low risk | 0 | 2026-05-30 |
1.7.0.dev20260529222919 | Low risk | 0 | 2026-05-29 |
1.7.0.dev20260527204322 | Low risk | 0 | 2026-05-27 |
1.7.0.dev20260527161107 | Low risk | 0 | 2026-05-27 |
1.7.0.dev20260526195242 | Review | 34 | 2026-05-26 |
Block this in CI
pkgradar gate --ecosystem pypi cirq-core==1.7.0.dev20260526195242