{"id":"RUSTSEC-2025-0020","summary":"Risk of buffer overflow in `PyString::from_object`","details":"`PyString::from_object` took `&str` arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the `&str` data and potentially leak contents of the out-of-bounds read (by raising a Python exception containing a copy of the data including the overflow).\n\nIn PyO3 0.24.1 this function will now allocate a `CString` to guarantee a terminating nul bytes. PyO3 0.25 will likely offer an alternative API which takes `&CStr` arguments.","aliases":["GHSA-pph8-gcv7-4qj5"],"modified":"2025-10-28T06:29:25.695525Z","published":"2025-04-01T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/pyo3"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0020.html"},{"type":"REPORT","url":"https://github.com/PyO3/pyo3/issues/5005"}],"affected":[{"package":{"name":"pyo3","ecosystem":"crates.io","purl":"pkg:cargo/pyo3"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.24.1"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"arch":[],"os":[],"functions":["pyo3::types::PyString::from_object","pyo3::types::PyString::from_object_bound"]}},"database_specific":{"categories":["memory-exposure"],"informational":null,"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0020.json","cvss":null}}],"schema_version":"1.7.3"}