CVE-2013-7489 – beaker

Package

Manager: pip
Name: beaker
Vulnerable Version: >=0 <=1.11.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00052 pctl0.15995

Details

Deserialization of Untrusted Data in Beaker The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.

Metadata

Created: 2022-05-05T00:29:41Z
Modified: 2022-07-07T23:11:39Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3cwm-7jmm-774w/GHSA-3cwm-7jmm-774w.json
CWE IDs: ["CWE-502"]
Alternative ID: GHSA-3cwm-7jmm-774w
Finding: F096
Auto approve: 1