Insecure Deserialization in NumPy

Description

Functions reliant on pickle can result in arbitrary code execution. Consider using a safer serialization method.

Examples

Insecure Code

numpy.load('example.pkl', allow_pickle=True)

Secure Code

import json; data = json.load(open('example.json'))

Remediation

Use a safer serialization method instead of pickle, such as JSON or MessagePack.

Rule Details

Field	Value
ID	CODE-0498
Category	Deserialization
Severity	CRITICAL
CWE	CWE-502
Confidence	MEDIUM
Impact	HIGH
Likelihood	MEDIUM
Exploitability	EASY
Tags	pickle, deserialization
OWASP	N/A

References

• https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/

---