PyPI · pypi.org
geocif
Py Runtime Pickle Loads: pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled.
Why PkgRadar flagged 0.4.705
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Runtime Pickle Loads | pickle/marshal.loads — deserializes arbitrary objects, RCE if attacker-controlled. · geocif-0.4.705/geocif/ml/outlook.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.4.729 | Low risk | 0 | 2026-06-07 |
0.4.728 | Low risk | 0 | 2026-06-07 |
0.4.727 | Low risk | 0 | 2026-06-07 |
0.4.726 | Low risk | 0 | 2026-06-07 |
0.4.725 | Low risk | 0 | 2026-06-07 |
0.4.724 | Low risk | 0 | 2026-06-05 |
0.4.723 | Low risk | 0 | 2026-06-05 |
0.4.722 | Low risk | 0 | 2026-06-05 |
0.4.721 | Low risk | 0 | 2026-06-04 |
0.4.720 | Low risk | 0 | 2026-06-04 |
0.4.719 | Low risk | 0 | 2026-06-04 |
0.4.718 | Low risk | 0 | 2026-06-04 |
0.4.717 | Low risk | 0 | 2026-06-04 |
0.4.716 | Low risk | 0 | 2026-05-31 |
0.4.715 | Low risk | 0 | 2026-05-30 |
0.4.714 | Low risk | 0 | 2026-05-30 |
0.4.713 | Low risk | 0 | 2026-05-30 |
0.4.712 | Low risk | 0 | 2026-05-29 |
0.4.711 | Low risk | 0 | 2026-05-29 |
0.4.710 | Low risk | 0 | 2026-05-29 |
0.4.709 | Low risk | 0 | 2026-05-29 |
0.4.708 | Low risk | 0 | 2026-05-29 |
0.4.707 | Low risk | 0 | 2026-05-29 |
0.4.706 | Low risk | 0 | 2026-05-28 |
0.4.705 | Review | 10 | 2026-05-26 |
0.4.704 | Review | 10 | 2026-05-26 |
0.4.703 | Review | 10 | 2026-05-26 |
Block this in CI
pkgradar gate --ecosystem pypi geocif==0.4.705