cryptidy allows code execution via untrusted data due to pickle.loads
cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aes_decrypt_message in symmetric_encryption.py.
Advisories for Pypi/Cryptidy package
2025