DEBIAN-CVE-2014-0012

DEBIAN-CVE-2014-0012 PUBLISHED

FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402.

Affected Products

Vendor	Product	Versions
Debian:12	jinja2	0, 0, 0
Debian:11	jinja2	0, 0, 0
Debian:13	jinja2	0, 0, 0
Debian:14	jinja2	0, 0, 0

Timeline

May 19, 2014 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2014-0012 advisory

Open in Interactive Console →