{"id":"PYSEC-2019-102","details":"Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.","aliases":["CVE-2019-19010","GHSA-6g88-vr3v-76mf"],"modified":"2023-11-08T04:01:27.252439Z","published":"2019-11-16T01:15:00Z","references":[{"type":"FIX","url":"https://github.com/ProgVal/Limnoria/commit/3848ae78de45b35c029cc333963d436b9d2f0a35"},{"type":"WEB","url":"https://github.com/ProgVal/Limnoria/wiki/math-eval-vulnerability"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/54CQM2TEXRADLE77VOMCPHL5PBHR3ZWJ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P2AGND54UIJV3WHOYO2YINIXSDGAAPO/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRNOUHFEN75QAIKT4Y3HDN3TT5LSIWN2/"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-6g88-vr3v-76mf"}],"affected":[{"package":{"name":"limnoria","ecosystem":"PyPI","purl":"pkg:pypi/limnoria"},"ranges":[{"type":"GIT","repo":"https://github.com/ProgVal/Limnoria","events":[{"introduced":"0"},{"fixed":"3848ae78de45b35c029cc333963d436b9d2f0a35"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2019.11.09"}]}],"versions":["2013-01-21T20:33:09+0100","2013-01-23T17:11:52+0100","2013-02-01T20:50:46+0100","2013-02-02T19:59:03+0100","2013-02-02T20:23:17+0100","2013-02-08T17:40:57+0000","2013-03-27T16:32:26+0100","2013-05-09T12:47:53+0200","2013-05-10T17:55:56+0200","2013-05-14T20:16:05+0200","2013-06-01T10:32:51+0200","2013-07-19T09:11:08+0000","2013-08-12T21:48:56+0200","2013-09-11T19-27-10","2013-12-23T17-51-15","2014-01-12T15-52-10","0.2016.03.21","2014.03.03","2014.05.08","2014.05.17","2014.05.29","2014.06.04","2014.06.26","2014.07.19","2014.10.09","2014.11.24","2014.12.07","2014.12.22","2015.03.10","2015.04.29","2015.05.20","2015.07.08","2015.08.17","2015.08.29","2015.09.16","2015.10.04","2015.11.30","2015.12.02","2015.12.12","2016.01.05","2016.02.23","2016.02.24","2016.03.21","2016.03.21.1","2016.03.21.2","2016.05.06","2016.06.27","2016.06.29","2016.08.07","2016.09.26","2016.10.01","2016.10.02","2016.11.28","2016.12.08","2017.01.10","2017.03.30","2017.08.03","2017.08.18","2017.10.01","2018.01.25","2018.04.14","2018.06.20","2018.06.25","2018.09.01","2018.09.09","2018.12.19","2019.02.14","2019.02.21","2019.02.21.1","2019.02.22","2019.02.23","2019.05.28","2019.08.25","2019.09.08","2019.10.22"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/limnoria/PYSEC-2019-102.yaml"}}],"schema_version":"1.7.3"}