Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2021-23727
- EPSS 1.15%
- Published 29.12.2021 17:15:07
- Last modified 21.11.2024 05:51:52
This affects the package celery before 5.2.2. It by default trusts the messages and metadata stored in backends (result stores). When reading task metadata from the backend, the data is deserialized. Given that an attacker can gain access to, or some...
6.9
CVE-2011-4356
- EPSS 0.05%
- Published 05.12.2011 11:55:07
- Last modified 11.04.2025 00:51:21
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local use...
1