bbangert/beaker

Releases50

Frequency4 months 2 weeks

Last Release 18 days ago

Stars546

WSGI middleware for sessions and caching

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2013-7489 ↗	Jun 26, 2020Friday, 26 June 2020, 20:15	6.8 MEDIUM	5.2 MEDIUM
The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.
CVE-2012-3458 ↗	Sep 15, 2012Saturday, 15 September 2012, 17:55	—	4.3 MEDIUM
Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.