Vigil@nce - Python : code execution via _xxsubinterpreters

mai 2021 par Vigil@nce

SYNTHESIS OF THE VULNERABILITY

Impacted products : Python.

Severity : 1/4.

Consequences : user access/rights.

Provenance : user shell.

Confidence : confirmed by the editor (5/5).

Creation date : 22/04/2021.

DESCRIPTION OF THE VULNERABILITY

An attacker can use a vulnerability via _xxsubinterpreters of Python, in order to run code.

ACCESS TO THE FULL VIGIL@NCE BULLETIN

