CVE-2021-20095

Beschreibung:
Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbitrary locale files on disk and execute arbitrary code.

CWE: CWE-22

CVSS-Bewertung
CVSS 2: MEDIUM – 4.6 (Version: 2.0)
CVSS 3: HIGH – 7.8 (Version: 3.1)

Links:

NVD – CVE-2021-20095
CVE – CVE-2021-20095

Link (max. 20) Quelle Tags
https://www.tenable.com/security/research/tra-2021-14 MISC Exploit Third Party Advisory
FEDORA-2021-7e2a143808 FEDORA Patch Third Party Advisory Third Party Advisory Third Party Advisory
FEDORA-2021-a499f89369 FEDORA Patch Third Party Advisory
https://github.com/PHPFusion/PHPFusion/commit/1c2b32321cf11ed1cd3ff835f8da0d172c849ce6 MISC Patch Third Party Advisory
https://github.com/PHPFusion/PHPFusion/commit/08d6c2ea49bd06fcce32275252f5f25abe61965c MISC Patch Third Party Advisory

Quelle: NVD – CVE-2021-20095
Datum Veröffentlichung: 2021-04-29T15:15Z, Datum letzte Änderung: 2021-05-09T03:15Z