13 matches found
EUVD-2025-7799
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-27607
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing...
Security Bulletin: IBM Cognos Analytics is affected by a security vulnerability in Python JSON Logger (CVE-2025-27607)
Summary There is a vulnerability in Python JSON Logger used by IBM Cognos Analytics CVE-2025-27607. This Security Bulletin relates only to the direct usage of third-party components by IBM Cognos Analytics, and not any nested dependencies within the product. Vulnerability Details...
CVE-2025-27607
A flaw was found in the Python JSON Logger library python-json-logger. In affected versions, python-json-logger was vulnerable to remote code execution RCE due to a missing dependency. This issue occurred because msgspec-python313-pre was deleted by the owner, leaving the name open to being claim...
CVE-2025-27607
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...
UBUNTU-CVE-2025-27607
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...
backend-ai (=1.4.0), backend-ai-accelerator-cuda-open (>=24.9.5 <=26.4.4rc3) +38 more potentially affected by CVE-2025-27607 via python-json-logger (=3.2.1)
python-json-logger PYPI version =3.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on python-json-logger and may be impacted: - backend-ai =1.4.0 - backend-ai-accelerator-cuda-open =24.9.5, =24.9.5, =24.9.5, =24.9.5, =25.13.0, =25.13.0, =25.13.0,...
CVE-2025-27607
Technical details are not publicly available in the provided connected documents; monitor for updates.
CVE-2025-27607 Python JSON Logger has a Potential RCE via missing `msgspec-python313-pre` dependency
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...
CVE-2025-27607 Python JSON Logger has a Potential RCE via missing `msgspec-python313-pre` dependency
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...
CVE-2025-27607
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...
CVE-2025-27607 Python JSON Logger has a Potential RCE via missing `msgspec-python313-pre` dependency
Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party...
PT-2025-10116 · Unknown · Msgspec-Python313-Pre +1
Name of the Vulnerable Software and Affected Versions: Python JSON Logger versions 3.2.0 through 3.2.1 Description: The issue is related to a missing dependency in the Python JSON Logger library, which could allow an attacker to execute arbitrary code on affected systems. This occurred because th...