GHSA-44vg-5wv2-h2hgHighCVSS 9.8

SimpleEval: Objects (including modules) can leak dangerous modules through to direct access inside the sandbox

Published
March 13, 2026
Last Modified
June 8, 2026

🔗 CVE IDs covered (1)

📋 Description

Impact

If the objects passed in as names to SimpleEval have modules or other disallowed / dangerous objects available as attrs. Additionally, dangerous functions or modules could be accessed by passing them as callbacks to other safe functions to call.

Examples (found by @ByamB4):

Any module where non-underscore attribute chains reach os or sys:

  • os.path, pathlib, shutil, glob (direct .os / .sys attributes)
  • statistics (has .sys)
  • numpy (has .ctypeslib.os and .f2py.sys)
  • urllib.parse (has .warnings.sys)

Patches

The latest version 1.0.5 has this issue fixed.

Workarounds

Don't pass in objects or modules which have direct attributes to potentially dangerous items. Use a wrapper to wrap the potentially vulnerable items (See the ModuleWrapper in version 1.0.5)

🎯 Affected products1

  • pip/simpleeval:< 1.0.5

🔗 References (6)