VYPR

PyPI package

deepdiff

pkg:pypi/deepdiff

Vulnerabilities (2)

  • CVE-2026-33155HigMar 20, 2026
    affected >= 5.0.0, < 8.6.2fixed 8.6.2

    DeepDiff is a project focused on Deep Difference and search of any Python data. From version 5.0.0 to before version 8.6.2, the pickle unpickler _RestrictedUnpickler validates which classes can be loaded but does not limit their constructor arguments. A few of the types in SAFE_T

  • CVE-2025-58367CriSep 5, 2025
    affected >= 5.0.0, < 8.6.1fixed 8.6.1

    DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code