cvedb.io
CVE-2024-47532
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2024-09-30T16:15:09.960 · Last modified 2026-06-17T07:57:15.220

Summary

RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment.

Affected products

zope — restrictedpython

Does this affect you?

Add your gear to cvedb and we'll alert you only when zope ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.