CVE-2013-7489: Deserialization of Untrusted Data

May 5, 2022 (updated July 7, 2022)

The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.

References

bugzilla.redhat.com/show_bug.cgi?id=1850105
github.com/advisories/GHSA-3cwm-7jmm-774w
github.com/bbangert/beaker/issues/191
nvd.nist.gov/vuln/detail/CVE-2013-7489
www.openwall.com/lists/oss-security/2020/05/14/11

Code Behaviors & Features

Detect and mitigate CVE-2013-7489 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →