CVE-2021-42771

Опубликовано: 20 окт. 2021

Источник: debian

Описание

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
python-babel	fixed	2.8.0+dfsg.1-7		package

Примечания

https://www.tenable.com/security/research/tra-2021-14
https://github.com/python-babel/babel/pull/782

Связанные уязвимости

CVE-2021-42771

CVSS3: 7.8

ubuntu

больше 3 лет назад

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

CVE-2021-42771

CVSS3: 7.8

redhat

около 4 лет назад

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

CVE-2021-42771

CVSS3: 7.8

nvd

больше 3 лет назад

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

CVE-2021-42771

CVSS3: 7.8

msrc

больше 3 лет назад

Описание отсутствует

openSUSE-SU-2021:3945-1

suse-cvrf

больше 3 лет назад

Security update for python-Babel