Here's a great post that covers some issues in Python modules and why they're extra exploitable because they execute under CPython.
This is a particularly relevant quote:
> Perhaps less recognized is the fact that memory corruption bugs are reported in popular Python modules all the time without so much as a CVE, a security advisory, or even a mention of security fixes in release notes.
It's just bias. Python code is riddled with vulns - especially since it's all C under the hood.
https://hackernoon.com/python-sandbox-escape-via-a-memory-co...
Here's a great post that covers some issues in Python modules and why they're extra exploitable because they execute under CPython.
This is a particularly relevant quote:
> Perhaps less recognized is the fact that memory corruption bugs are reported in popular Python modules all the time without so much as a CVE, a security advisory, or even a mention of security fixes in release notes.