6 matches found
CVE-2026-41693 i18next-fs-backend: Path traversal via unsanitised lng/ns allows arbitrary file read/overwrite
i18next-fs-backend is a backend layer for i18next using in Node.js and for Deno to load translations from the filesystem. Prior to version 2.6.4, i18next-fs-backend substitutes the lng and ns options directly into the configured loadPath / addPath templates and then read / write the resulting fil...
CVE-2026-41693
i18next-fs-backend is a backend layer for i18next using in Node.js and for Deno to load translations from the filesystem. Prior to version 2.6.4, i18next-fs-backend substitutes the lng and ns options directly into the configured loadPath / addPath templates and then read / write the resulting fil...
CLSA-2024-1731599555 Fix CVE(s): CVE-2023-25815
SECURITY UPDATE: gettext machinery might get auto-initialized using an unintended locale directory - debian/patches/CVE-2023-25815.patch: avoid using gettext if the locale dir is not present - CVE-2023-25815...
CLSA-2023-1688675103 git: Fix of CVE-2023-25815
CVE-2023-25815: gettext: avoid using gettext if the locale dir is not present...
CLSA-2023-1688673526 git: Fix of CVE-2023-25815
CVE-2023-25815: gettext: avoid using gettext if the locale dir is not present...
python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code
A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...