vulnerability

Alma Linux: CVE-2021-42771: Moderate: python38:3.8 and python38-devel:3.8 security update (Multiple Advisories)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 20, 2021
Added
May 4, 2022
Modified
Nov 26, 2024

Description

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

Solution(s)

alma-upgrade-babelalma-upgrade-python-nose-docsalma-upgrade-python-psycopg2-docalma-upgrade-python-sqlalchemy-docalma-upgrade-python2-attrsalma-upgrade-python2-babelalma-upgrade-python2-backportsalma-upgrade-python2-backports-ssl_match_hostnamealma-upgrade-python2-bsonalma-upgrade-python2-chardetalma-upgrade-python2-coveragealma-upgrade-python2-cythonalma-upgrade-python2-dnsalma-upgrade-python2-docsalma-upgrade-python2-docs-infoalma-upgrade-python2-docutilsalma-upgrade-python2-funcsigsalma-upgrade-python2-idnaalma-upgrade-python2-ipaddressalma-upgrade-python2-jinja2alma-upgrade-python2-markupsafealma-upgrade-python2-mockalma-upgrade-python2-nosealma-upgrade-python2-numpyalma-upgrade-python2-numpy-docalma-upgrade-python2-numpy-f2pyalma-upgrade-python2-pluggyalma-upgrade-python2-psycopg2alma-upgrade-python2-psycopg2-debugalma-upgrade-python2-psycopg2-testsalma-upgrade-python2-pyalma-upgrade-python2-pygmentsalma-upgrade-python2-pymongoalma-upgrade-python2-pymongo-gridfsalma-upgrade-python2-pymysqlalma-upgrade-python2-pysocksalma-upgrade-python2-pytestalma-upgrade-python2-pytest-mockalma-upgrade-python2-pytzalma-upgrade-python2-pyyamlalma-upgrade-python2-requestsalma-upgrade-python2-rpm-macrosalma-upgrade-python2-scipyalma-upgrade-python2-setuptoolsalma-upgrade-python2-setuptools-wheelalma-upgrade-python2-setuptools_scmalma-upgrade-python2-sixalma-upgrade-python2-sqlalchemyalma-upgrade-python2-urllib3alma-upgrade-python2-virtualenvalma-upgrade-python2-wheelalma-upgrade-python2-wheel-wheelalma-upgrade-python3-babelalma-upgrade-python38-asn1cryptoalma-upgrade-python38-atomicwritesalma-upgrade-python38-attrsalma-upgrade-python38-babelalma-upgrade-python38-cffialma-upgrade-python38-chardetalma-upgrade-python38-cryptographyalma-upgrade-python38-cythonalma-upgrade-python38-idnaalma-upgrade-python38-jinja2alma-upgrade-python38-markupsafealma-upgrade-python38-mod_wsgialma-upgrade-python38-more-itertoolsalma-upgrade-python38-numpyalma-upgrade-python38-numpy-docalma-upgrade-python38-numpy-f2pyalma-upgrade-python38-packagingalma-upgrade-python38-pluggyalma-upgrade-python38-plyalma-upgrade-python38-psutilalma-upgrade-python38-psycopg2alma-upgrade-python38-psycopg2-docalma-upgrade-python38-psycopg2-testsalma-upgrade-python38-pyalma-upgrade-python38-pycparseralma-upgrade-python38-pymysqlalma-upgrade-python38-pyparsingalma-upgrade-python38-pysocksalma-upgrade-python38-pytestalma-upgrade-python38-pytzalma-upgrade-python38-pyyamlalma-upgrade-python38-requestsalma-upgrade-python38-scipyalma-upgrade-python38-setuptoolsalma-upgrade-python38-setuptools-wheelalma-upgrade-python38-sixalma-upgrade-python38-urllib3alma-upgrade-python38-wcwidthalma-upgrade-python38-wheelalma-upgrade-python38-wheel-wheel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.