Remote Code Execution Vulnerability in Python JSON Logger from NHairs
CVE-2025-27607

8.8HIGH

Key Information:

Vendor
Nhairs
Status
Python-json-logger
Vendor
CVE Published:
7 March 2025

Badges

πŸ“ˆ TrendedπŸ“ˆ Score: 4,210πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

What is CVE-2025-27607?

CVE-2025-27607 is a critical remote code execution (RCE) vulnerability affecting the Python JSON Logger, a JSON formatting tool used to enhance logging capabilities in Python applications. The vulnerability arose due to a missing dependency caused by the deletion of the msgspec-python313-pre package, which inadvertently opened the door for third parties to claim the package name. If exploited, this flaw could lead to unauthorized RCE on any user who installed the development dependencies of Python JSON Logger on Python version 3.13. This severe risk poses significant threats to organizations relying on this logging framework, as it could allow attackers to execute arbitrary code within their environments.

Technical Details

The vulnerability specifically stems from improper dependency management in the Python JSON Logger package. Between December 30, 2024, and March 4, 2025, the offending dependency, msgspec-python313-pre, was removed by its owner. This action left the package name available for potential exploitation by malicious entities. If an adversary were to claim this name, they could insert harmful code, impacting any system that inadvertently installs the malicious version through regular dependency installations, such as pip install python-json-logger[dev]. The issue has since been addressed in version 3.3.0 of the Python JSON Logger.

Potential Impact of CVE-2025-27607

  1. Remote Code Execution: The most immediate and severe impact of CVE-2025-27607 is the potential for remote code execution, allowing attackers to run arbitrary commands on affected systems. This level of access could lead to full system compromise.

  2. Data Integrity and Confidentiality Risks: With RCE, attackers could manipulate or exfiltrate sensitive data from the affected systems, leading to significant data breaches and potential loss of critical information for organizations.

  3. Operational Disruptions: If exploited, this vulnerability could lead to system outages or disruptions in service, affecting business operations and customer trust, ultimately resulting in financial losses and reputational damage.

Affected Version(s)

python-json-logger >= 3.2.0, < 3.3.0

News Articles

favicon imageGridinsoft

Python JSON Logger Vulnerability Exposes Millions of Users

Python JSON Logger, a popular logging tool, appears to contain a severe RCE vulnerability that currently exposes 1M+ users

2 weeks ago

References

https://github.com/nhairs/python-json-logger/security/adv...
x_refsource_CONFIRM
https://github.com/nhairs/python-json-logger/commit/2548e...
x_refsource_MISC
https://github.com/nhairs/python-json-logger/commit/e7761...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by Gridinsoft

  • πŸ“ˆ

    Vulnerability started trending

  • Vulnerability published

  • Vulnerability Reserved

.