CVE-2025-58367: 
Python vulnerability analysis and mitigation

Python class pollution vulnerability (CVE-2025-58367) affects DeepDiff package versions 5.0.0 through 8.6.0. The vulnerability exists in the Delta class which is susceptible to class pollution via its constructor, potentially leading to Denial of Service (DoS) and Remote Code Execution (RCE) through insecure Pickle deserialization. The issue was discovered by diogotcorreia and has been patched in version 8.6.1 (GitHub Advisory).

The vulnerability allows attackers to bypass existing security filters by passing paths as internal representations to the Delta class. The Delta class accepts different object types including DeltaDiff objects, dictionaries, or bytes that are deserialized via Pickle. While there is a filter in place for string paths, the pathtoelements function returns the input directly if it's already a list/tuple, creating a bypass opportunity. Additionally, the SAFETO_IMPORT allowlist can be modified through class pollution to include dangerous classes like posix.system (GitHub Advisory).

The vulnerability can lead to multiple severe impacts including Denial of Service by polluting built-in Python classes, Remote Code Execution through insecure Pickle deserialization, and potential authentication bypasses in web applications. For example, attackers could override app.secret_key in Flask applications to sign arbitrary cookies (GitHub Advisory).

The vulnerability has been patched in version 8.6.1. For earlier versions, mitigation involves preventing traversal through private keys by implementing checks in deepdiff.path.getnestedobj, deepdiff.path.getnestedobjandforce, and deepdiff.delta.Delta.getelementsanddetails. Alternatively, specifically restricting access to globals and builtins attributes can prevent the most serious exploitation cases (GitHub Advisory).