Security Bulletin: The Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree (AST) node for each part of the expression, affects watsonx.data

Summary In scenarios where input size isn't limited, a malicious or inadvertent extremely large expression can consume excessive memory as the parser builds a huge AST. This can ultimately lead toexcessive memory usage and an Out-Of-Memory OOM crash of the process. This issue is relatively uncomm...

Arbitrary Code Execution

ASTEVAL is vulnerable to Arbitrary Code Execution. The vulnerability is due to improper handling of FormattedValue AST nodes due to the use of Python's str.format method, allowing attackers to bypass restrictions and execute arbitrary code...

comrak 安全漏洞

Comrak is a CommonMark+GFM compatible Markdown parser and renderer by Asherah Connor, a personal developer. A security vulnerability exists in versions of comrak prior to 0.17.0 that stems from not validating attacker-controlled data in AST nodes...

Bandit - Tool Designed To Find Common Security Issues In Python Code

Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report. Bandit was originally developed within...