DevGuard Logo

🛡️ DevGuard
Group
/🧩 DevGuard Action
Repository

Overview
Compliance
Artifacts
Code Risks
Dependency Risks
License Risks
Dependencies

CVE-2025-4516

There is an issue in CPython when using `bytes.decode("unicode_escape", error="ignore|replace")`. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.

Open
LOW (0.5)
  • logo

    System detected CVE-2025-4516

    main
  • logo

    System updated the risk assessment from 0 to 0.52

    0.12.0

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0 to 0.52

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0 to 0.52

    attesting

    System recalculated raw risk assessment

  • logo

    System fixed CVE-2025-4516

    0.12.0
  • logo

    System fixed CVE-2025-4516

    attesting
  • logo

    System fixed CVE-2025-4516

    attest
  • logo

    System detected CVE-2025-4516 with a risk of 0.52

    0.12.0

Add a comment

Mark as False Positive
Last calculated at:

Affected component

debian/python3.11

Installed version:
3.11.2-6
Fixed in:
no patch available
Show in dependency graph

Management decisions across the organization

GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 2ab7b793efd72421aea8c3a994ac60202bf1b3a5