PYSEC-2019-175
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/djblets/PYSEC-2019-175.yaml
- JSON Data
- https://api.test.osv.dev/v1/vulns/PYSEC-2019-175
- Aliases
-
- CVE-2013-4409
- GHSA-58h8-44mg-r43x
- Published
- 2019-11-04T21:15:00Z
- Modified
- 2023-11-01T04:45:13.413400Z
- Summary
- [none]
- Details
-
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.
- References
-
- https://access.redhat.com/security/cve/cve-2013-4409
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html
- https://security-tracker.debian.org/tracker/CVE-2013-4409
- http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88059
- http://www.securityfocus.com/bid/63029
Affected packages
PyPI / djblets
Package
- Name
- djblets
- View open source insights on deps.dev
- Purl
- pkg:pypi/djblets
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.7.21
Affected versions
0.*
0.5rc2
0.5
0.5.1
0.5.2
0.5.3
0.5.4
0.5.5
0.5.6
0.5.7
0.5.8
0.5.9
0.6
0.6.1
0.6.2
0.6.3
0.6.4
0.6.5
0.6.6
0.6.7
0.6.8
0.6.9
0.6.10
0.6.11
0.6.12
0.6.13
0.6.14
0.6.15
0.6.16
0.6.17
0.6.18
0.6.19
0.6.20
0.6.21
0.6.22
0.6.23
0.6.24
0.6.25
0.6.26
0.6.27
0.6.28
0.6.29
0.6.30
0.6.31
0.7
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.7.8
0.7.9
0.7.10
0.7.11
0.7.12
0.7.13
0.7.14
0.7.15
0.7.16
0.7.17
0.7.18
0.7.19
0.7.20