VDB

GCVE-VVD-MAGEIA-2014-28

GCVE-VVD-MAGEIA-2014-28
Advisory Published
Vulnetix · Advisory published February 11, 2014
Updated python-jinja2 packages fix security vulnerability: Jinja2, a template engine written in pure python, was found to use /tmp as a default directory for jinja2.bccache.FileSystemBytecodeCache, which is insecure because the /tmp directory is world-writable and the filenames used like 'FileSystemBytecodeCache' are often predictable. A malicious user could exploit this bug to execute arbitrary code as another user. (CVE-2014-1402)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiapython-jinja20 (affected), 2.5.5-8.2.mga3 (unaffected)
Mageianetworkmanager0 (affected), 0.9.8.8-3.1.mga4 (unaffected)

Aliases

CVE-2014-1402

Transitive aliases

GSD-2014-1402RHSA-2014:0747RHSA-2014:0748GHSA-8r7q-cvjq-x353PYSEC-2014-8

References

Updated python-jinja2 package fixes two security vulnerabilities
advisory
Updated python-jinja2 package fixes two security vulnerabilities
issue
Updated python-jinja2 package fixes two security vulnerabilities
issue
Updated python-jinja2 package fixes two security vulnerabilities
issue
Updated python-jinja2 package fixes two security vulnerabilities
issue
Updated python-jinja2 package fixes two security vulnerabilities
advisory
Updated networkmanager package fixes modemmanager log spamming
advisory
Updated networkmanager package fixes modemmanager log spamming
issue
Updated networkmanager package fixes modemmanager log spamming
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›