CVE-2014-0012

Published May 19th, 2014

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.4

MEDIUM

Affected

PROJECT

Description

FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402.

pallets/jinja

A very fast and expressive template engine.

GitHub

11.7K