RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
CVE-2023-37271
What is CVE-2023-37271?
RestrictedPython is designed to limit the execution of Python code within a secure, controlled environment. A significant vulnerability exists in versions prior to 6.1 and 5.3 due to insufficient checks on stack frame access. This flaw allows an attacker with access to the RestrictedPython environment to extract the current stack frame through a generator, enabling them to traverse beyond the sandbox's boundaries. Consequently, this could lead to arbitrary code execution within the Python interpreter. This issue particularly impacts deployments in Zope and Plone where administrators inadvertently permit untrusted users to alter or create certain object types like 'Script (Python)', 'DTML Method', or 'Zope Page Template'. It's advisable to upgrade to the latest versions to mitigate this risk.
Affected Version(s)
RestrictedPython >= 6.0a1.dev0, < 6.1 < 6.0a1.dev0, 6.1
RestrictedPython < 5.3 < 5.3
