CVE-2025-22153: try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter
Via a type confusion bug in the CPython interpreter when using try/except*
RestrictedPython could be bypassed.
We believe this should be fixed upstream in Python itself until that we remove support for try/except*
from RestrictedPython.
(It has been fixed for some Python versions.)
References
Detect and mitigate CVE-2025-22153 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →