Lucene search
Veracode Vulnerability DatabaseVERACODE:32679HistoryOct 21, 2021 - 4:31 a.m.
Directory Traversal
2021-10-2104:31:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
babel
directory traversal
locale identifiers
EPSS
0.001
Percentile
47.7%
babel is vulnerable to directory traversal. The library does not clean the locale identifiers properly before loading from file, allowing a malicious user to load arbitrary locale .dat files.
References
github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8
github.com/python-babel/babel/pull/782
lists.debian.org/debian-lts-announce/2021/10/msg00018.html
lists.debian.org/debian-lts/2021/10/msg00040.html
www.debian.org/security/2021/dsa-5018
www.tenable.com/security/research/tra-2021-14
Related
nessus
nessus
Debian DSA-5018-1 : python-babel - security update
2021-12-10 00:00:00
Amazon Linux 2 : babel (ALAS-2023-2010)
2023-04-05 00:00:00
Oracle Linux 8 : babel (ELSA-2021-4201)
2021-11-17 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2244
2023-10-10 09:49:57
osv
osv
Directory Traversal in Babel
2021-10-21 17:49:59
python310-Babel-2.14.0-1.5 on GA media
2024-07-12 00:00:00
PYSEC-2021-421
2021-10-20 21:15:00
openvas
openvas
openSUSE: Security Advisory for python-Babel (openSUSE-SU-2021:3945-1)
2021-12-07 00:00:00
Huawei EulerOS: Security Advisory for babel (EulerOS-SA-2022-1218)
2022-02-26 00:00:00
Debian: Security Advisory (DSA-5018-1)
2021-12-10 00:00:00
debiancve
debiancve
CVE-2021-42771
2021-10-20 21:15:07
ibm
ibm
Security Bulletin: Vulnerability in babel affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2021-42771]
2024-03-13 07:42:33
Security Bulletin: CVE-2021-42771
2022-02-17 12:07:59
alpinelinux
alpinelinux
CVE-2021-42771
2021-10-20 21:15:07
amazon
amazon
Medium: python-babel
2023-03-30 22:50:00
Medium: babel
2023-03-30 18:56:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0123
2021-11-03 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0123
2021-11-04 00:00:00
github
github
Directory Traversal in Babel
2021-10-21 17:49:59
prion
prion
Directory traversal
2021-10-20 21:15:00
cbl_mariner
cbl_mariner
CVE-2021-42771 affecting package babel for versions less than 2.9.1-1
2022-04-09 06:51:57
CVE-2021-42771 affecting package babel 2.6.0-9
2021-11-06 00:29:51
cvelist
cvelist
CVE-2021-42771
2021-10-20 20:05:35
cve
cve
CVE-2021-42771
2021-10-20 21:15:07
suse
suse
Security update for python-Babel (important)
2021-12-10 00:00:00
Security update for python-Babel (important)
2021-12-06 00:00:00
nvd
nvd
CVE-2021-42771
2021-10-20 21:15:07
redhatcve
redhatcve
CVE-2021-42771
2021-10-22 17:14:16
rocky
rocky
babel security and bug fix update
2021-11-09 08:37:19
python27:2.7 security update
2021-11-09 08:24:39
python38:3.8 and python38-devel:3.8 security update
2021-11-09 12:47:54
debian
debian
[SECURITY] [DLA 2790-1] python-babel security update
2021-10-21 09:56:09
oraclelinux
oraclelinux
babel security and bug fix update
2021-11-16 00:00:00
python27:2.7 security update
2021-11-16 00:00:00
python38:3.8 and python38-devel:3.8 security update
2021-11-16 00:00:00
redhat
redhat
(RHSA-2021:4201) Moderate: babel security and bug fix update
2021-11-09 08:37:19
(RHSA-2021:3252) Moderate: python27 security update
2021-08-24 07:29:51
(RHSA-2021:4151) Moderate: python27:2.7 security update
2021-11-09 08:24:39
almalinux
almalinux
Moderate: babel security and bug fix update
2021-11-09 08:37:19
Moderate: python27:2.7 security update
2021-11-09 08:24:39
Moderate: python38:3.8 and python38-devel:3.8 security update
2021-11-09 12:47:54
ubuntucve
ubuntucve
CVE-2021-42771
2021-10-20 00:00:00