Описание
Deserialization of Untrusted Data in Beaker
The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-7489
- https://github.com/bbangert/beaker/issues/191
- https://bugzilla.redhat.com/show_bug.cgi?id=1850105
- https://github.com/advisories/GHSA-3cwm-7jmm-774w
- https://github.com/pypa/advisory-database/tree/main/vulns/beaker/PYSEC-2020-216.yaml
- https://www.openwall.com/lists/oss-security/2020/05/14/11
Пакеты
Наименование
Beaker
pip
Затронутые версииВерсия исправления
<= 1.11.0
Отсутствует
Связанные уязвимости
CVSS3: 6.8
ubuntu
больше 5 лет назад
The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.
CVSS3: 5.7
redhat
больше 5 лет назад
The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.
CVSS3: 6.8
nvd
больше 5 лет назад
The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.
CVSS3: 6.8
debian
больше 5 лет назад
The Beaker library through 1.11.0 for Python is affected by deserializ ...