3 matches found
PT-2021-15547 · Celery +2 · Celery +2
Name of the Vulnerable Software and Affected Versions: celery versions prior to 5.2.2 Description: The issue affects the package by default trusting messages and metadata stored in backends, which can lead to a stored command injection vulnerability when an attacker gains access to or manipulates...
DEBIAN-CVE-2011-4356
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryddetach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving...
PYSEC-2011-17
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryddetach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving...