Astra Linux - уязвимость в python-babel

In Babel.Locale before version 2.9.1, attackers could load arbitrary locale .dat files containing serialized Python objects through directory traversal, resulting in code execution...

vue-i18n 跨站脚本漏洞

vue-i18n is an application from intlify open source. A cross-site scripting vulnerability exists in vue-i18n, which stems from the fact that vue-i18n can pass locale information to createI18n or useI18n. When generating a locale information AST in development mode, this could lead to a cross-site...

SUSE-SU-2023:3563-2 Security update for icu73_2

This update for icu732 fixes the following issues: - Update to release 73.2 CLDR extends the support for “short” Chinese sort orders to cover some additional, required characters for Level 2. This is carried over into ICU collation. ICU has a modified character conversion table, mapping some...

SUSE-SU-2023:3563-1 Security update for icu73_2

This update for icu732 fixes the following issues: - Update to release 73.2 CLDR extends the support for “short” Chinese sort orders to cover some additional, required characters for Level 2. This is carried over into ICU collation. ICU has a modified character conversion table, mapping some...

SUSE CVE-2021-42771

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via directory traversal, leading to code execution...

[SECURITY] Fedora 36 Update: golang-github-nicksnyder-i18n-2-2.1.2-6.fc36

go-i18n is a Go package and a command that helps you translate Go programs in to multiple languages. - Supports pluralized strings for all 200+ languages in the Unicode Common Locale Data Repository CLDR. - Code and tests are automatically generated from CLDR data. - Supports strings with named...

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal leading to code execution.

...

CVE-2021-42771

A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...

GHSA-H4M5-QPFP-3MPV Directory Traversal in Babel

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via directory traversal, leading to code execution...

AZL-6325 CVE-2021-42771 affecting package babel for versions less than 2.9.1-1

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via directory traversal, leading to code execution...

DEBIAN-CVE-2021-42771

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via directory traversal, leading to code execution...

PYSEC-2021-421

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via directory traversal, leading to code execution...

UBUNTU-CVE-2021-42771

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via directory traversal, leading to code execution...

EulerOS 2.0 SP5 : babel (EulerOS-SA-2021-2319)

According to the version of the babel packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel,...

EulerOS 2.0 SP8 : babel (EulerOS-SA-2021-2287)

According to the version of the babel packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel,...

CVE-2021-20095

A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...

PT-2021-23681 · Babel +8 · Babel +8

Name of the Vulnerable Software and Affected Versions: Babel versions prior to 2.9.1 Description: The issue is related to errors in input validation when handling directory traversal sequences in locale .dat files within Babel.Locale. This can allow an attacker to load arbitrary locale .dat files...

USN-1348-1: ICU vulnerability

It was discovered that ICU did not properly handle invalid locale data during Unicode conversion. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program...