Babel.Locale in Babel prior to 2.9.1 allows malicious users to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pocoo babel |
||
debian debian linux 10.0 |