NIXPKGS-2025-0005 published on 1 Nov 2025 CVE-2025-9959 updated 2 months, 3 weeks ago by @LeSuisse Activity log Created automatic suggestion 4 months ago @LeSuisse accepted as draft 2 months, 3 weeks ago @LeSuisse published on GitHub 2 months, 3 weeks ago Sandbox escape in smolagents Local Python execution environment via dunder attributes Incomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sandbox, enforced by smolagents. The attack requires a Prompt Injection in order to trick the agent to create malicious code. Affected products smolagents <1.21.0 Matching in nixpkgs pkgs.python312Packages.smolagents Barebones library for agents nixos-unstable - nixpkgs-unstable 1.21.3 pkgs.python313Packages.smolagents Barebones library for agents nixos-unstable - nixpkgs-unstable 1.21.3 Package maintainers: 1 @fabaff Fabian Affolter <mail@fabian-affolter.ch>
CVE-2025-9959 updated 2 months, 3 weeks ago by @LeSuisse Activity log Created automatic suggestion 4 months ago @LeSuisse accepted as draft 2 months, 3 weeks ago @LeSuisse published on GitHub 2 months, 3 weeks ago Sandbox escape in smolagents Local Python execution environment via dunder attributes Incomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sandbox, enforced by smolagents. The attack requires a Prompt Injection in order to trick the agent to create malicious code. Affected products smolagents <1.21.0 Matching in nixpkgs pkgs.python312Packages.smolagents Barebones library for agents nixos-unstable - nixpkgs-unstable 1.21.3 pkgs.python313Packages.smolagents Barebones library for agents nixos-unstable - nixpkgs-unstable 1.21.3 Package maintainers: 1 @fabaff Fabian Affolter <mail@fabian-affolter.ch>
pkgs.python312Packages.smolagents Barebones library for agents nixos-unstable - nixpkgs-unstable 1.21.3
pkgs.python313Packages.smolagents Barebones library for agents nixos-unstable - nixpkgs-unstable 1.21.3