Vulnerability Details CVE-2013-4409
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html
- http://www.securityfocus.com/bid/63029
- https://access.redhat.com/security/cve/cve-2013-4409
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88059
- https://security-tracker.debian.org/tracker/CVE-2013-4409
- http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html
- http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html
- http://www.securityfocus.com/bid/63029
- https://access.redhat.com/security/cve/cve-2013-4409
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88059
- https://security-tracker.debian.org/tracker/CVE-2013-4409
Products affected by CVE-2013-4409
-
cpe:2.3:a:reviewboard:djblets:0.7.21
-
cpe:2.3:a:reviewboard:review_board:1.6
-
cpe:2.3:a:reviewboard:review_board:1.6.1
-
cpe:2.3:a:reviewboard:review_board:1.6.10
-
cpe:2.3:a:reviewboard:review_board:1.6.11
-
cpe:2.3:a:reviewboard:review_board:1.6.12
-
cpe:2.3:a:reviewboard:review_board:1.6.13
-
cpe:2.3:a:reviewboard:review_board:1.6.14
-
cpe:2.3:a:reviewboard:review_board:1.6.15
-
cpe:2.3:a:reviewboard:review_board:1.6.16
-
cpe:2.3:a:reviewboard:review_board:1.6.17
-
cpe:2.3:a:reviewboard:review_board:1.6.18
-
cpe:2.3:a:reviewboard:review_board:1.6.19
-
cpe:2.3:a:reviewboard:review_board:1.6.2
-
cpe:2.3:a:reviewboard:review_board:1.6.20
-
cpe:2.3:a:reviewboard:review_board:1.6.21
-
cpe:2.3:a:reviewboard:review_board:1.6.3
-
cpe:2.3:a:reviewboard:review_board:1.6.4
-
cpe:2.3:a:reviewboard:review_board:1.6.5
-
cpe:2.3:a:reviewboard:review_board:1.6.6
-
cpe:2.3:a:reviewboard:review_board:1.6.7
-
cpe:2.3:a:reviewboard:review_board:1.6.8
-
cpe:2.3:a:reviewboard:review_board:1.6.9
-
cpe:2.3:a:reviewboard:review_board:1.7.0
-
cpe:2.3:a:reviewboard:review_board:1.7.0.1
-
cpe:2.3:a:reviewboard:review_board:1.7.1
-
cpe:2.3:a:reviewboard:review_board:1.7.10
-
cpe:2.3:a:reviewboard:review_board:1.7.11
-
cpe:2.3:a:reviewboard:review_board:1.7.12
-
cpe:2.3:a:reviewboard:review_board:1.7.13
-
cpe:2.3:a:reviewboard:review_board:1.7.14
-
cpe:2.3:a:reviewboard:review_board:1.7.2
-
cpe:2.3:a:reviewboard:review_board:1.7.3
-
cpe:2.3:a:reviewboard:review_board:1.7.4
-
cpe:2.3:a:reviewboard:review_board:1.7.5
-
cpe:2.3:a:reviewboard:review_board:1.7.6
-
cpe:2.3:a:reviewboard:review_board:1.7.7
-
cpe:2.3:a:reviewboard:review_board:1.7.8
-
cpe:2.3:a:reviewboard:review_board:1.7.9
-
cpe:2.3:o:fedoraproject:fedora:18
-
cpe:2.3:o:fedoraproject:fedora:19
-
cpe:2.3:o:fedoraproject:fedora:20
-
cpe:2.3:o:redhat:enterprise_linux:6.0