VulnerableCode Package Details - pkg:pypi/celery@2.2.4

Search for packages

Vulnerability	Summary	Fixed by
VCID-6ufy-jmp3-vudd Aliases: CVE-2021-23727 GHSA-q4xr-rc97-m4xx PYSEC-2021-858 SNYK-PYTHON-CELERY-2314953	OS Command Injection in celery	5.2.2 Affected by 0 other vulnerabilities.
VCID-mxmr-f6tw-a3aw Aliases: CVE-2011-4356 GHSA-rpc6-h455-3rx5 PYSEC-2011-17	Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.	2.2.8 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-6ufy-jmp3-vudd
Aliases:
CVE-2021-23727
GHSA-q4xr-rc97-m4xx
PYSEC-2021-858
SNYK-PYTHON-CELERY-2314953

OS Command Injection in celery

5.2.2
Affected by 0 other vulnerabilities.

VCID-mxmr-f6tw-a3aw
Aliases:
CVE-2011-4356
GHSA-rpc6-h455-3rx5
PYSEC-2011-17

Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.

2.2.8
Affected by 1 other vulnerability.

2.3.4
Affected by 1 other vulnerability.

2.4.4
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T08:57:14.186707+00:00	GHSA Importer	Affected by	VCID-mxmr-f6tw-a3aw	https://github.com/advisories/GHSA-rpc6-h455-3rx5	38.6.0
2026-06-12T18:15:54.918204+00:00	GitLab Importer	Affected by	VCID-mxmr-f6tw-a3aw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/celery/CVE-2011-4356.yml	38.6.0
2026-06-12T17:54:47.189431+00:00	GitLab Importer	Affected by	VCID-6ufy-jmp3-vudd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/celery/CVE-2021-23727.yml	38.6.0
2026-06-12T04:14:00.363199+00:00	Pypa Importer	Affected by	VCID-6ufy-jmp3-vudd	https://github.com/pypa/advisory-database/blob/main/vulns/celery/PYSEC-2021-858.yaml	38.6.0
2026-06-12T04:00:33.946930+00:00	Pypa Importer	Affected by	VCID-mxmr-f6tw-a3aw	https://github.com/pypa/advisory-database/blob/main/vulns/celery/PYSEC-2011-17.yaml	38.6.0
2026-06-11T20:55:46.513805+00:00	PyPI Importer	Affected by	VCID-6ufy-jmp3-vudd	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:41:54.812197+00:00	PyPI Importer	Affected by	VCID-mxmr-f6tw-a3aw	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0