Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-1402

Опубликовано: 19 мая 2014
Источник: debian

Описание

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jinja2fixed2.7.2-1package
jinja2no-dsasqueezepackage
jinja2no-dsawheezypackage

Примечания

  • 2.7.2 does not create safely temporary files, new CVE-2014-0012 was assigned for this issue

Связанные уязвимости

ubuntu логотип

CVE-2014-1402

ubuntu
больше 11 лет назад

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.

redhat логотип

CVE-2014-1402

redhat
почти 12 лет назад

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.

nvd логотип

CVE-2014-1402

nvd
больше 11 лет назад

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.

github логотип

GHSA-8r7q-cvjq-x353

CVSS3: 8.4
github
больше 3 лет назад

Incorrect Privilege Assignment in Jinja2

oracle-oval логотип

ELSA-2014-0747

oracle-oval
больше 11 лет назад

ELSA-2014-0747: python-jinja2 security update (MODERATE)