CVE-2025-58367: DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more
(updated )
Python class pollution is a novel vulnerability categorized under CWE-915. The Delta
class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution (via insecure Pickle deserialization).
The gadget available in DeepDiff allows deepdiff.serialization.SAFE_TO_IMPORT
to be modified to allow dangerous classes such as posix.system
, and then perform insecure Pickle deserialization via the Delta class. This potentially allows any Python code to be executed, given that the input to Delta
is user-controlled.
Depending on the application where DeepDiff is used, this can also lead to other vulnerabilities. For example, in a web application, it might be possible to bypass authentication via class pollution.
References
- github.com/advisories/GHSA-mw26-5g2v-hqw3
- github.com/dgilland/pydash/commit/2015f0a4bcdbc3a5b27652e38fe97b3ee13ac15f
- github.com/dgilland/pydash/issues/180
- github.com/seperman/deepdiff
- github.com/seperman/deepdiff/commit/c69c06c13f75e849c770ade3f556cd16209fd183
- github.com/seperman/deepdiff/releases/tag/8.6.1
- github.com/seperman/deepdiff/security/advisories/GHSA-mw26-5g2v-hqw3
- nvd.nist.gov/vuln/detail/CVE-2025-58367
Code Behaviors & Features
Detect and mitigate CVE-2025-58367 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →