The default configuration for bccache.FileSystemBytecodeCache in Jinja2 prior to 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pocoo jinja2 2.5.5 |
||
pocoo jinja2 2.5.4 |
||
pocoo jinja2 |
||
pocoo jinja2 2.5.1 |
||
pocoo jinja2 2.5 |
||
pocoo jinja2 2.1 |
||
pocoo jinja2 2.0 |
||
pocoo jinja2 2.5.3 |
||
pocoo jinja2 2.5.2 |
||
pocoo jinja2 2.2 |
||
pocoo jinja2 2.1.1 |
||
pocoo jinja2 2.7 |
||
pocoo jinja2 2.6 |
||
pocoo jinja2 2.4.1 |
||
pocoo jinja2 2.4 |
||
pocoo jinja2 2.3.1 |
||
pocoo jinja2 2.3 |
||
pocoo jinja2 2.2.1 |