Celery local privilege escalation vulnerability

Description

Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.

Basic information

Type
reviewed
Severity
medium
Advisory on GitHub
Open advisory ↗
Repository advisory
Source code
Browse source ↗
Published (advisory)
2022-05-17 05:36:00 UTC
Updated
2024-09-06 16:36:29 UTC
GitHub reviewed
2024-05-01 16:44:52 UTC
NVD published
2011-12-05

EPSS Score

Score Percentile
0.05% 14.45%

CVSS Scores

No CVSS scores in this advisory.

Identifiers

CWEs

CWE id Name
CWE-269 Improper Privilege Management

Affected packages (3)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
pip celery >= 2.1.0, < 2.2.8 2.2.8
pip celery >= 2.3.0, < 2.3.4 2.3.4
pip celery >= 2.4.0, < 2.4.4 2.4.4

References

cvelogic Threat Intelligence