Python 3.x through to 3.9.1 has a buffer overflow in PyCArg_repr in ctypes/callproc.c, which may lead to remote code execution.

Given that it is pure python code execution, an attacker doesn’t have to worry about ASLR, Non-Exec Memory, Stack Canaries and other security features that Ubuntu ships by default.

The PyPI repository has removed a Python package called 'mitmproxy2' that was an identical copy of the official "mitmproxy" library, but with an "artificially introduced" code execution ...

Cython gives faster C-like performance to Python code execution. "The memory leak consisted of a small constant amount of bytes in certain function calls from Cython code," explains Langa.

Developers benefit from features like Python code execution, syntax highlighting, debugging tools, and visualization capabilities, powered by a WebAssembly Python emulator.