[issue41944] [security] Python testsuite calls eval() on content received via HTTP
STINNER Victor
report at bugs.python.org
Tue Oct 6 05:24:54 EDT 2020
STINNER Victor <vstinner at python.org> added the comment:
I don't think that a CVE is justified.
I don't know anyone running the Python test suite on production. Only developers of Python itself run Python.
----------
title: Python testsuite calls eval() on content received via HTTP -> [security] Python testsuite calls eval() on content received via HTTP
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue41944>
_______________________________________
More information about the Python-bugs-list
mailing list