CVE-2025-22153
📋 TL;DR
A type confusion bug in CPython 3.11-3.13.1 when using try/except* statements allows bypassing RestrictedPython's security restrictions. This affects systems using RestrictedPython 6.0-7.x to execute untrusted Python code in sandboxed environments. Attackers could potentially execute arbitrary code outside the intended restrictions.
💻 Affected Systems
- RestrictedPython
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete sandbox escape allowing arbitrary code execution with the privileges of the RestrictedPython process, potentially leading to system compromise.
Likely Case
Limited code execution within the sandboxed environment, potentially accessing restricted resources or data the sandbox was meant to protect.
If Mitigated
No impact if proper network segmentation and least privilege principles are followed, limiting blast radius.
🎯 Exploit Status
Exploitation requires understanding of Python's exception handling internals and RestrictedPython's security model. No public exploits are known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: RestrictedPython 8.0
Vendor Advisory: https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-gmj9-h825-chq2
Restart Required: No
Instructions:
1. Update RestrictedPython to version 8.0 or later using pip: 'pip install RestrictedPython>=8.0'. 2. Verify the update completed successfully. 3. Test that your application's functionality remains intact after the update.
🔧 Temporary Workarounds
No known workarounds
allThe vendor advisory states no known workarounds are available. The vulnerability stems from CPython interpreter behavior that RestrictedPython cannot control.
🧯 If You Can't Patch
- Isolate RestrictedPython processes in containers or VMs with minimal privileges and network access
- Implement strict input validation and code review for any Python code processed through RestrictedPython
🔍 How to Verify
Check if Vulnerable:
Check if your Python environment uses RestrictedPython 6.0-7.x and CPython 3.11-3.13.1. Review code for try/except* usage in RestrictedPython contexts.Check Version:
python -c "import RestrictedPython; print(RestrictedPython.__version__)"Verify Fix Applied:
Verify RestrictedPython version is 8.0 or higher and that try/except* statements are no longer accepted in restricted code.📡 Detection & Monitoring
Log Indicators:
- Unexpected process creation from RestrictedPython contexts
- Errors related to try/except* syntax in RestrictedPython logs
- Unusual resource access patterns from sandboxed processes
Network Indicators:
- Outbound connections from RestrictedPython processes to unexpected destinations
- Unusual data exfiltration patterns
SIEM Query:
process_name:python AND parent_process:RestrictedPython* AND (event_type:process_creation OR event_type:network_connection)