beaker

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting beakerpage 1 of 1

CVE-2012-3458NONECVSS 0.0EG 0.0✓ Fixed in 1.6.5.post1
2012-09-15
vulnerable: 0.5 ... 1.6.5 (49 versions)
Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.
CVE-2013-7489MEDIUMCVSS 6.8EG 6.8
2020-06-26
vulnerable: 0.5 ... 1.13.0 (62 versions)
The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.

Check whether beaker is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for beaker CVEs against the assets you own.

Start Free Scan →