Vulnerabilities > Celeryproject

DATE CVE VULNERABILITY TITLE RISK
2021-12-29 CVE-2021-23727 Command Injection vulnerability in multiple products
This affects the package celery before 5.2.2.
network
high complexity
celeryproject fedoraproject CWE-77
7.5
2011-12-05 CVE-2011-4356 Permissions, Privileges, and Access Controls vulnerability in Celeryproject Celery
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.
6.9