First published: Mon Nov 04 2019(Updated: )
An eval() vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
pip/ReviewBoard | <1.7.15 | 1.7.15 |
pip/djblets | >=0.7.0<0.7.19 | 0.7.19 |
pip/djblets | <0.6.30 | 0.6.30 |
Reviewboard Djblets | =0.7.21 | |
Reviewboard Review Board | <1.7.15 | |
Fedoraproject Fedora | =18 | |
Fedoraproject Fedora | =19 | |
Fedoraproject Fedora | =20 | |
Redhat Enterprise Linux | =6.0 | |
debian/djblets | ||
debian/python-django-djblets |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.