metadata
license: mit
modelscan bypass PoC - multiprocessing
multiprocessing.Pool(1) constructor spawns worker processes via fork() during deserialization.
subprocess is blocked at CRITICAL but multiprocessing (which spawns processes) is not.
Pool(100000) = instant DoS. Pool with initializer= parameter = RCE. multiprocessing.connection.Client(address) = outbound TCP connection.
Passes modelscan 0.7.6 with 0 issues detected.