Описание
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with _jinja2 in /tmp.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.7.2-2 |
| esm-infra-legacy/trusty | not-affected | 2.7.2-2 |
| lucid | ignored | end of life |
| precise | released | 2.6-1ubuntu0.1 |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | ignored | end of life |
| trusty | not-affected | 2.7.2-2 |
| trusty/esm | not-affected | 2.7.2-2 |
| upstream | released | 2.7.2 |
Показывать по
4.4 Medium
CVSS2
Связанные уязвимости
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.
The default configuration for bccache.FileSystemBytecodeCache in Jinja ...
ELSA-2014-0747: python-jinja2 security update (MODERATE)
4.4 Medium
CVSS2