CVE-2014-0012 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-0012 Interim 1 50 2025-11-05T05:14:08Z current 2021-05-30T13:17:13Z 2025-11-05T05:14:08Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-0012 FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-updates/2022-February/021718.html E-Mail link for SUSE-FU-2022:0444-1 https://lists.suse.com/pipermail/sle-updates/2022-February/021715.html E-Mail link for SUSE-FU-2022:0445-1 https://lists.suse.com/pipermail/sle-updates/2022-February/021720.html E-Mail link for SUSE-FU-2022:0447-1 https://lists.suse.com/pipermail/sle-updates/2022-February/021717.html E-Mail link for SUSE-FU-2022:0450-1 https://lists.suse.com/pipermail/sle-updates/2022-February/021719.html E-Mail link for SUSE-FU-2022:0452-1 https://lists.suse.com/pipermail/sle-updates/2022-February/021714.html E-Mail link for SUSE-FU-2022:0454-1 https://lists.suse.com/pipermail/sle-updates/2022-February/021716.html E-Mail link for SUSE-FU-2022:0456-1 https://lists.suse.com/pipermail/sle-security-updates/2015-August/001522.html E-Mail link for SUSE-SU-2015:1336-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RJNH6YK3YXI7X2BE3AQNYL7PA2FETC66/#RJNH6YK3YXI7X2BE3AQNYL7PA2FETC66 E-Mail link for openSUSE-SU-2016:2465-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J6U2NCERMUWAZTZY5VD4C4YB2XD5EDKW/#J6U2NCERMUWAZTZY5VD4C4YB2XD5EDKW E-Mail link for openSUSE-SU-2019:0244-1 https://lists.suse.com/pipermail/neuvector-updates/2023-November/000021.html E-Mail link for unknown https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Enterprise Storage 1.0 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE OpenStack Cloud 6 SUSE Package Hub 12 openSUSE Leap 15.2 openSUSE Tumbleweed python-Jinja2 python-Jinja2-2.7.3-15.1 python-Jinja2-2.7.3-4.1 python-Jinja2-2.8-1.4 python-Jinja2-2.8-2.1 python-Jinja2-emacs-2.8-1.4 python-Jinja2-emacs-2.8-2.1 python-Jinja2-vim-2.8-1.4 python-Jinja2-vim-2.8-2.1 python2-Jinja2-2.10-1.21 python3-Jinja2 python3-Jinja2-2.10-1.21 python3-Jinja2-2.10.1-3.5.1 python3-Jinja2-2.10.1-lp152.2.5 python310-Jinja2-3.1.4-1.1 python311-Jinja2-3.1.2-5.9 python311-Jinja2-3.1.4-1.1 python311-Jinja2-3.1.4-slfo.1.1_1.2 python312-Jinja2-3.1.4-1.1 python313-Jinja2-3.1.6-160000.2.2 python36-Jinja2-3.0.1-3.2 python38-Jinja2-3.0.1-3.2 python39-Jinja2-3.0.1-3.2 python-Jinja2-2.7.3-4.1 as a component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 python-Jinja2-2.7.3-4.1 as a component of SUSE Enterprise Storage 1.0 python3-Jinja2-2.10.1-3.5.1 as a component of SUSE Linux Enterprise Micro 5.0 python2-Jinja2-2.10-1.21 as a component of SUSE Linux Enterprise Module for Basesystem 15 python3-Jinja2-2.10-1.21 as a component of SUSE Linux Enterprise Module for Basesystem 15 python3-Jinja2-2.10.1-3.5.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 python3-Jinja2-2.10.1-3.5.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 python313-Jinja2-3.1.6-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 python311-Jinja2-3.1.2-5.9 as a component of SUSE Linux Micro 6.0 python311-Jinja2-3.1.4-slfo.1.1_1.2 as a component of SUSE Linux Micro 6.1 python-Jinja2-2.7.3-15.1 as a component of SUSE OpenStack Cloud 6 python-Jinja2-2.8-2.1 as a component of SUSE Package Hub 12 python-Jinja2-emacs-2.8-2.1 as a component of SUSE Package Hub 12 python-Jinja2-vim-2.8-2.1 as a component of SUSE Package Hub 12 python3-Jinja2-2.10.1-lp152.2.5 as a component of openSUSE Leap 15.2 python-Jinja2-2.8-1.4 as a component of openSUSE Tumbleweed python-Jinja2-emacs-2.8-1.4 as a component of openSUSE Tumbleweed python-Jinja2-vim-2.8-1.4 as a component of openSUSE Tumbleweed python310-Jinja2-3.1.4-1.1 as a component of openSUSE Tumbleweed python311-Jinja2-3.1.4-1.1 as a component of openSUSE Tumbleweed python312-Jinja2-3.1.4-1.1 as a component of openSUSE Tumbleweed python36-Jinja2-3.0.1-3.2 as a component of openSUSE Tumbleweed python38-Jinja2-3.0.1-3.2 as a component of openSUSE Tumbleweed python39-Jinja2-3.0.1-3.2 as a component of openSUSE Tumbleweed python3-Jinja2 as a component of SUSE Linux Enterprise Micro 5.2 python-Jinja2 as a component of SUSE Linux Enterprise Micro 5.2 python3-Jinja2 as a component of SUSE Linux Enterprise Micro 5.3 python-Jinja2 as a component of SUSE Linux Enterprise Micro 5.3 python3-Jinja2 as a component of SUSE Linux Enterprise Micro 5.4 python-Jinja2 as a component of SUSE Linux Enterprise Micro 5.4 python3-Jinja2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 python-Jinja2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402. CVE-2014-0012 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-Jinja2-2.7.3-4.1 SUSE Enterprise Storage 1.0:python-Jinja2-2.7.3-4.1 SUSE Linux Enterprise Micro 5.0:python3-Jinja2-2.10.1-3.5.1 SUSE Linux Enterprise Module for Basesystem 15:python2-Jinja2-2.10-1.21 SUSE Linux Enterprise Module for Basesystem 15:python3-Jinja2-2.10-1.21 SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-Jinja2-2.10.1-3.5.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-Jinja2-2.10.1-3.5.1 SUSE Linux Enterprise Server 16.0:python313-Jinja2-3.1.6-160000.2.2 SUSE Linux Micro 6.0:python311-Jinja2-3.1.2-5.9 SUSE Linux Micro 6.1:python311-Jinja2-3.1.4-slfo.1.1_1.2 SUSE OpenStack Cloud 6:python-Jinja2-2.7.3-15.1 SUSE Package Hub 12:python-Jinja2-2.8-2.1 SUSE Package Hub 12:python-Jinja2-emacs-2.8-2.1 SUSE Package Hub 12:python-Jinja2-vim-2.8-2.1 openSUSE Leap 15.2:python3-Jinja2-2.10.1-lp152.2.5 openSUSE Tumbleweed:python-Jinja2-2.8-1.4 openSUSE Tumbleweed:python-Jinja2-emacs-2.8-1.4 openSUSE Tumbleweed:python-Jinja2-vim-2.8-1.4 openSUSE Tumbleweed:python310-Jinja2-3.1.4-1.1 openSUSE Tumbleweed:python311-Jinja2-3.1.4-1.1 openSUSE Tumbleweed:python312-Jinja2-3.1.4-1.1 openSUSE Tumbleweed:python36-Jinja2-3.0.1-3.2 openSUSE Tumbleweed:python38-Jinja2-3.0.1-3.2 openSUSE Tumbleweed:python39-Jinja2-3.0.1-3.2 SUSE Linux Enterprise Micro 5.2:python-Jinja2 SUSE Linux Enterprise Micro 5.2:python3-Jinja2 SUSE Linux Enterprise Micro 5.3:python-Jinja2 SUSE Linux Enterprise Micro 5.3:python3-Jinja2 SUSE Linux Enterprise Micro 5.4:python-Jinja2 SUSE Linux Enterprise Micro 5.4:python3-Jinja2 SUSE Linux Enterprise Module for Basesystem 15 SP4:python-Jinja2 SUSE Linux Enterprise Module for Basesystem 15 SP4:python3-Jinja2 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P