An eval() vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code.
lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html
lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html
lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html
lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html
lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html
www.securityfocus.com/bid/63029
access.redhat.com/security/cve/cve-2013-4409
bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409
exchange.xforce.ibmcloud.com/vulnerabilities/88059
github.com/djblets/djblets
github.com/djblets/djblets/blob/release-0.7.19/NEWS
nvd.nist.gov/vuln/detail/CVE-2013-4409
security-tracker.debian.org/tracker/CVE-2013-4409
www.reviewboard.org/docs/releasenotes/reviewboard/1.7.15