High severityNVD Advisory· Published Dec 23, 2009· Updated Apr 23, 2026
CVE-2009-4405
CVE-2009-4405
Description
Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6."
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tracPyPI | < 0.11.6 | 0.11.6 |
Affected products
45cpe:2.3:a:edgewall:trac:*:*:*:*:*:*:*:*+ 44 more
- cpe:2.3:a:edgewall:trac:*:*:*:*:*:*:*:*range: <=0.11.5
- cpe:2.3:a:edgewall:trac:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10:beta1:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.10.5:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11:b1:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11:b2:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11:rc1:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11:rc2:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.4:rc2:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.11.5:rc2:*:*:*:*:*:*
- cpe:2.3:a:edgewall:trac:0.50.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- secunia.com/advisories/37807nvdVendor Advisory
- secunia.com/advisories/37901nvdVendor Advisory
- www.vupen.com/english/advisories/2009/3615nvdVendor Advisory
- github.com/advisories/GHSA-f9qv-j5g6-g5crghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2009-4405ghsaADVISORY
- trac.edgewall.org/browser/tags/trac-0.11.6/RELEASEnvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/54983nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/trac/PYSEC-2009-7.yamlghsaWEB
- web.archive.org/web/20130417170303/http://secunia.com/advisories/37901ghsaWEB
- web.archive.org/web/20130513235205/http://secunia.com/advisories/37807ghsaWEB
- www.redhat.com/archives/fedora-package-announce/2009-December/msg01169.htmlnvdWEB
News mentions
0No linked articles in our index yet.