Hi guys,
It appears that bce-python-sdk is affected by CVE-2025-50817 due to its dependency on future. The vulnerability arises because future can automatically import a local test.py file, which could lead to arbitrary code execution if a malicious file is present in the environment. Could you please take a look and plan a fix or mitigation for this in the library?
Hi guys,
It appears that bce-python-sdk is affected by CVE-2025-50817 due to its dependency on future. The vulnerability arises because future can automatically import a local test.py file, which could lead to arbitrary code execution if a malicious file is present in the environment. Could you please take a look and plan a fix or mitigation for this in the library?