4.5
CVSSv3

CVE-2021-20095

Published: 29/04/2021 Updated: 16/06/2021

Vulnerability Summary

Relative Path Traversal in Babel 2.9.0 allows an malicious user to load arbitrary locale files on disk and execute arbitrary code.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vendor Advisories

Debian Bug report logs - #987824 python-babel: CVE-2021-20095 Package: src:python-babel; Maintainer for src:python-babel is Debian Python Team <team+python@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 30 Apr 2021 12:15:01 UTC Severity: important Tags: security, upstream Found ...
Relative Path Traversal in Babel 290 allows an attacker to load arbitrary locale files on disk and execute arbitrary code ...
Arch Linux Security Advisory ASA-202105-15 ========================================== Severity: Medium Date : 2021-05-19 CVE-ID : CVE-2021-20095 Package : python-babel Type : arbitrary code execution Remote : No Link : securityarchlinuxorg/AVG-1894 Summary ======= The package python-babel before version 291-1 is vulnerable ...
Relative Path Traversal in Babel 290 allows an attacker to load arbitrary locale files on disk and execute arbitrary code ...