Critical severity9.8NVD Advisory· Published Nov 4, 2019· Updated Jun 16, 2026
CVE-2013-4409
CVE-2013-4409
Description
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
djbletsPyPI | < 0.6.30 | 0.6.30 |
djbletsPyPI | >= 0.7.0, < 0.7.19 | 0.7.19 |
ReviewBoardPyPI | < 1.7.15 | 1.7.15 |
Affected products
4- ghsa-coords2 versions
< 0.6.30+ 1 more
- (no CPE)range: < 0.6.30
- (no CPE)range: < 1.7.15
- Python Software Foundation; Beanbag/Djbletsv5Range: 0.7.21
- Python Software Foundation; Beanbag/Review Boardv5Range: before 1.7.15
Patches
Vulnerability mechanics
References
16- lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.htmlnvdMailing ListThird Party AdvisoryWEB
- lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.htmlnvdMailing ListThird Party AdvisoryWEB
- www.securityfocus.com/bid/63029nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/88059nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-58h8-44mg-r43xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-4409ghsaADVISORY
- security-tracker.debian.org/tracker/CVE-2013-4409nvdThird Party AdvisoryWEB
- access.redhat.com/security/cve/cve-2013-4409nvdBroken LinkWEB
- github.com/djblets/djblets/blob/release-0.7.19/NEWSghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/djblets/PYSEC-2019-175.yamlghsaWEB
- web.archive.org/web/20200228151135/https://www.securityfocus.com/bid/63029ghsaWEB
- www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15ghsaWEB
News mentions
0No linked articles in our index yet.