| by Arround The Web | No comments

Vulnerability in Python that Allows Calling System Commands from Sandboxed Scripts

A method has been published for bypassing Python’s isolated code execution systems, based on the use of a long-known bug that appeared in Python 2.7, identified in 2012 and still not fixed in Python 3. The bug allows using specially linked Python code to initiate a call to already freed memory (Use-After-Free) in Python. Initially, it was assumed that the error does not pose a security threat and only in very rare cases, usually artificially created, can lead to an abnormal termination of the script.

The post Vulnerability in Python that Allows Calling System Commands from Sandboxed Scripts appeared first on Linux Today.

Share Button

no related pages

Source: Linux Today

Leave a Reply