Arbitrary Locale File Loading Vulnerability in Babel
CVE-2021-42771 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
Learn more about our Web Application Penetration Testing UK.