Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

102 matches found

Github Security Blog
Github Security Blogadded 2025/03/20 12:32 p.m.5 views

Aim Improper Access Control

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

8.1CVSS7.3AI score0.0039EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2025/03/20 10:15 a.m.1 views

CVE-2024-8238

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

8.1CVSS7.6AI score
Exploits0References1
CVE
CVEadded 2025/03/20 10:11 a.m.43 views

CVE-2024-8238

CVE-2024-8238 affects aimhubio/aim v3.22.0 where AimQL uses an outdated safer_getattr() from RestrictedPython, failing to block str.format_map() and allowing access to arbitrary Python attributes (e.g., os.environ) and potential unrestricted code execution if a malicious .dll/.so is loaded. Multi...

8.1CVSS7.4AI score0.0039EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/03/20 12:0 a.m.5 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : RestrictedPython vulnerabilities (USN-7355-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7355-1 advisory. Nakul Choudhary and Robert Xiao discovered that RestrictedPython did not properly sanitize certain inputs. An attacker...

9.9CVSS8.6AI score0.01117EPSS
Exploits1References5
OpenVAS
OpenVASadded 2025/03/20 12:0 a.m.10 views

Ubuntu: Security Advisory (USN-7355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS7.1AI score0.01117EPSS
Exploits1References2
OSV
OSVadded 2025/03/18 11:59 p.m.0 views

USN-7355-1 restrictedpython vulnerabilities

Nakul Choudhary and Robert Xiao discovered that RestrictedPython did not properly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-37271 Abhishek Govindarasu, Ankush Menat and War...

9.9CVSS6.1AI score0.01117EPSS
Exploits1References5
Ubuntu
Ubuntuadded 2025/03/18 11:59 p.m.12 views

USN-7355-1: RestrictedPython vulnerabilities

Nakul Choudhary and Robert Xiao discovered that RestrictedPython did not properly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-37271 Abhishek Govindarasu, Ankush Menat and War...

9.9CVSS8.4AI score0.01117EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-37271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment...

9.9CVSS8.8AI score0.00347EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-41039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's format functionality allows someone controlling the format...

8.3CVSS7.5AI score0.00219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2024-47532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected and potentially sensible informatio...

8.7CVSS5.7AI score0.01117EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/02/06 2:24 a.m.9 views

CVE-2025-22153

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS6.4AI score0.00049EPSS
Exploits0References1
Veracode
Veracodeadded 2025/01/29 2:31 a.m.11 views

Sandbox Escape

restrictedpython is vulnerable to Sandbox Escape. The vulnerability is due to a type confusion bug in CPython when using try/except, which allows an attacker to bypass the security restrictions in RestrictedPython...

7.9CVSS7.6AI score0.00049EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2025/01/23 6:15 p.m.10 views

CVE-2025-22153

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS0.00049EPSS
Exploits0References2
OSV
OSVadded 2025/01/23 6:15 p.m.1 views

DEBIAN-CVE-2025-22153

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS5.3AI score0.00049EPSS
Exploits0References1
OSV
OSVadded 2025/01/23 6:15 p.m.1 views

UBUNTU-CVE-2025-22153

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS5.8AI score0.00049EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/01/23 5:34 p.m.17 views

CVE-2025-22153 try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS0.00049EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2025/01/23 5:34 p.m.14 views

CVE-2025-22153

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS5.3AI score0.00049EPSS
Exploits0
CVE
CVEadded 2025/01/23 5:34 p.m.80 views

CVE-2025-22153

CVE-2025-22153 describes a type-confusion vulnerability in RestrictedPython exploitable via CPython 3.11–3.12 when using try/except*. The flaw allows bypassing RestrictedPython protections in versions 6.0 up to, but not including, 8.0. The fix is in RestrictedPython 8.0, which removes support for...

7.9CVSS7.4AI score0.00049EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/01/23 5:34 p.m.12 views

CVE-2025-22153 try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS7.4AI score0.00049EPSS
Exploits0References2
OSV
OSVadded 2025/01/23 5:34 p.m.7 views

CVE-2025-22153 try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

7.9CVSS6.3AI score0.00049EPSS
Exploits0References4
Rows per page
Query Builder