ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape
If an attacker can control the input to the asteval library, they can bypass asteval's restrictions and execute arbitrary Python code in the context of the application using the library.