315 matches found
Improper Isolation or Compartmentalization
Overview dspy is a DSPy Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization via the PythonInterpreter class. An attacker can access arbitrary files by executing untrusted code within the sandbox. Remediation Upgrade dspy to version 3.1.2 or higher...
CVE-2025-12695 Insecure configuration in DSPy lead to arbitrary file read when running untrusted code inside the sandbox
The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class...
EUVD-2025-37741
The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class...
CVE-2025-12695 Insecure configuration in DSPy lead to arbitrary file read when running untrusted code inside the sandbox
The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class...
CVE-2025-12695
The CVE-2025-12695 vulnerability affects DSPy where an overly permissive sandbox around the PythonInterpreter allows reading sensitive files when running untrusted code in an AI agent. Public sources describe an arbitrary-file-read risk via the sandbox, with the affected component being DSPy’s sa...
[SECURITY] Fedora 42 Update: python3.10-3.10.19-1.fc42
Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...
EUVD-2015-4254
Malware in sbrugna...
EUVD-2015-4257
Malware in sbrugna...
EUVD-2015-2055
Malware in sbrugna...
EUVD-2019-0149
Malware in sbrugna...
EUVD-2019-0150
Malware in sbrugna...
EUVD-2022-0334
Malicious code in bioql PyPI...
EUVD-2024-17999
Malicious code in bioql PyPI...
EUVD-2024-18001
Malicious code in bioql PyPI...
EUVD-2025-24141
Malicious code in bioql PyPI...
EUVD-2024-18000
Malicious code in bioql PyPI...
EUVD-2022-52519
Malicious code in bioql PyPI...
EUVD-2025-16108
Malicious code in bioql PyPI...
ROS-20250925-03
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...
ROS-20250925-01
Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...