Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2025/03/20 12:0 a.m.10 views

Ubuntu: Security Advisory (USN-7355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS7.1AI score0.0084EPSS
Exploits1References2
OSV
OSV
added 2025/03/18 11:59 p.m.4 views

USN-7355-1 restrictedpython vulnerabilities

Nakul Choudhary and Robert Xiao discovered that RestrictedPython did not properly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-37271 Abhishek Govindarasu, Ankush Menat and War...

9.9CVSS6.1AI score0.0084EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2023-37271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment...

9.9CVSS8.8AI score0.0084EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/07/11 6:15 p.m.19 views

CVE-2023-37271

RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...

9.9CVSS7.5AI score0.0084EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/07/11 5:14 p.m.14 views

CVE-2023-37271 RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape

RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...

8.4CVSS7.5AI score0.0084EPSS
Exploits0References2
CVE
CVE
added 2023/07/11 5:14 p.m.76 views

CVE-2023-37271

CVE-2023-37271 concerns RestrictedPython, a tool for sandboxing Python code. The vulnerability arises because RestrictedPython does not sanitize access to stack frames, allowing code inside generators/generator expressions to access the current stack frame and walk the stack beyond the sandbox bo...

9.9CVSS9AI score0.0084EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2023/07/10 9:53 p.m.3 views

aimmo (>=0.4.0b3098 <=0.27.4b5229), battlehack20 (>=1.0.0 <=1.1.0) +6 more potentially affected by CVE-2023-37271 via restrictedpython (>=4.0.0b4 <=5.2.0)

restrictedpython PYPI version =4.0.0b4, =0.4.0b3098, =1.0.0, =1.0.1, =1.1.1, =0.1.0, =0.3.4, =0.0.41, =0.1047.0, =1.7.36 Source cves: CVE-2023-37271 Source advisory: OSV:GHSA-WQC8-X2PR-7JQH...

9.9CVSS7.2AI score0.0084EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/07/10 9:53 p.m.5 views

a2grunnerp (>=0.1.0 <=0.1.8), dcicsnovault (>=2.0.0b4 <=2.0.0b7) +5 more potentially affected by CVE-2023-37271 via restrictedpython (>=6.0.0 <=6.0.0a1.dev0)

restrictedpython PYPI version =6.0.0, =0.1.0, =2.0.0b4, =0.0.42a3, =2.10.0, =2025.9.5, =4.8.4, =4.8.11 Source cves: CVE-2023-37271 Source advisory: OSV:GHSA-WQC8-X2PR-7JQH...

9.9CVSS7.7AI score0.0084EPSS
Exploits0
Rows per page
Query Builder