Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
Sandbox escape via various forms of "format". High
CVE-2023-41039 was published for RestrictedPython (pip) Aug 30, 2023
ankush Credited to ankush, abhishekg999, d-maurer, icemac, and Quasar0147 abhishekg999 abhishekg999
d-maurer d-maurer icemac icemac Quasar0147 Quasar0147
Zope vulnerable to Stored Cross Site Scripting with SVG images Low
CVE-2023-42458 was published for Zope (pip) Sep 21, 2023
mauritsvanrees Credited to mauritsvanrees and icemac icemac icemac
dataflake Credited to dataflake, drfho, icemac, and d-maurer drfho drfho
icemac icemac d-maurer d-maurer
RestrictedPython information leakage via `AttributeError.obj` and the `string` module High
CVE-2024-47532 was published for RestrictedPython (pip) Sep 30, 2024
Quasar0147 Credited to Quasar0147, dronex7070, d-maurer, dataflake, and icemac dronex7070 dronex7070
d-maurer d-maurer dataflake dataflake icemac icemac
try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter High
CVE-2025-22153 was published for RestrictedPython (pip) Jan 23, 2025
icemac Credited to icemac, Nico-Posada, dataflake, and tseaver Nico-Posada Nico-Posada
dataflake dataflake tseaver tseaver
ProTip! Advisories are also available from the GraphQL API