The host is installed with Python 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.7, 3.9.x before 3.9.1 and is prone to buffer overflow vulnerability. A flaw is present in PyCArg_repr in _ctypes/callproc.c module, which fails to properly handle unknown vectors. Successful exploitation allows attackers to cause remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param.