Launchpad.net

CVE 2014-0485

S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

See the CVE page on Mitre.org for more details.

References