ReportLab, a widely used Python library for converting HTML to PDF with approximately 3.5 million monthly downloads on PyPI, contains a critical vulnerability that enables the bypassing of sandbox restrictions. This write-up provides detailed insights into the discovery and exploitation of CVE-2023-33733 – a remote code execution (RCE) vulnerability in ReportLab. Given the library’s prevalence… Continue reading How to fix CVE-2023-33733 in ReportLab