vulnerability

Amazon Linux AMI 2: CVE-2021-42771: Security patch for babel (ALAS-2023-2010)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 20, 2021
Added
Apr 6, 2023
Modified
Nov 26, 2024

Description

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

Solution(s)

amazon-linux-ami-2-upgrade-babelamazon-linux-ami-2-upgrade-python-babel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.