VulnerableCode Package Details - pkg:deb/debian/python-babel@1.3%2Bdfsg.1-5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/python-babel@1.3%2Bdfsg.1-5

Essentials
History (2)

purl	pkg:deb/debian/python-babel@1.3%2Bdfsg.1-5

Next non-vulnerable version	2.8.0+dfsg.1-7
Latest non-vulnerable version	2.8.0+dfsg.1-7
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-c973-6cpz-q3cz Aliases: CVE-2021-42771 GHSA-h4m5-qpfp-3mpv PYSEC-2021-421	Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.	2.6.0+dfsg.1-1+deb10u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.8.0+dfsg.1-7 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-c973-6cpz-q3cz
Aliases:
CVE-2021-42771
GHSA-h4m5-qpfp-3mpv
PYSEC-2021-421

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

2.6.0+dfsg.1-1+deb10u1
Affected by 1 other vulnerability.

2.8.0+dfsg.1-7
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T06:21:36.693230+00:00	Debian Oval Importer	Affected by	VCID-c973-6cpz-q3cz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-05T23:24:56.434820+00:00	Debian Oval Importer	Affected by	VCID-c973-6cpz-q3cz	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.6.0