Lucene search
AlmaLinuxALSA-2024:2348HistoryApr 30, 2024 - 12:00 a.m.
Moderate: python-jinja2 security update
2024-04-3000:00:00
errata.almalinux.org
8
python-jinja2
security update
html attribute injection
cve-2024-22195
sandboxed environment
almalinux
release notes
The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment.
Security Fix(es):
- jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 9 | noarch | python3-jinja2 | < 2.11.3-5.el9 | python3-jinja2-2.11.3-5.el9.noarch.rpm |
Related
nessus
nessus
EulerOS 2.0 SP10 : python-jinja2 (EulerOS-SA-2024-1324)
2024-03-12 00:00:00
EulerOS 2.0 SP11 : python-jinja2 (EulerOS-SA-2024-1245)
2024-03-12 00:00:00
EulerOS 2.0 SP12 : python-jinja2 (EulerOS-SA-2024-1749)
2024-05-30 00:00:00
github
github
fedora
fedora
[SECURITY] Fedora 39 Update: mingw-python-jinja2-3.1.3-1.fc39
2024-01-23 00:58:55
[SECURITY] Fedora 39 Update: python-jinja2-3.1.3-1.fc39
2024-01-25 00:41:41
[SECURITY] Fedora 38 Update: python-jinja2-3.1.3-1.fc38
2024-01-27 02:12:44
openvas
openvas
Fedora: Security Advisory for python-jinja2 (FEDORA-2024-6026572e7d)
2024-01-25 00:00:00
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2024-1346)
2024-03-13 00:00:00
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2024-1223)
2024-03-12 00:00:00
redhat
redhat
(RHSA-2024:2348) Moderate: python-jinja2 security update
2024-04-30 06:15:27
(RHSA-2024:2733) Moderate: Red Hat OpenStack Platform 17.1 (openstack-ansible-core) security update
2024-05-22 20:31:47
(RHSA-2024:3102) Moderate: python-jinja2 security update
2024-05-22 06:35:37
ibm
ibm
debian
debian
[SECURITY] [DLA 3715-1] jinja2 security update
2024-01-23 17:41:27
cvelist
cvelist
osv
osv
CVE-2024-22195
2024-01-11 03:15:11
Moderate: python-jinja2 security update
2024-04-30 00:00:00
almalinux
almalinux
Moderate: python-jinja2 security update
2024-05-22 00:00:00
Moderate: fence-agents security and bug fix update
2024-04-30 00:00:00
Moderate: fence-agents security and bug fix update
2024-05-22 00:00:00
prion
prion
Cross site scripting
2024-01-11 03:15:00
amazon
amazon
Medium: python-jinja2
2024-02-01 19:57:00
Medium: python3-jinja2
2024-02-01 19:57:00
veracode
veracode
Cross Site Scripting (XSS)
2024-01-12 10:04:04
debiancve
debiancve
CVE-2024-22195
2024-01-11 03:15:11
CVE-2024-34064
2024-05-06 15:15:23
wolfi
wolfi
CVE-2024-22195 vulnerabilities
2024-06-01 09:07:38
cgr
cgr
CVE-2024-22195 vulnerabilities
2024-05-19 03:07:16
redhatcve
redhatcve
CVE-2024-22195
2024-01-11 11:04:16
CVE-2024-34064
2024-05-07 06:54:54
ubuntucve
ubuntucve
CVE-2024-22195
2024-01-11 00:00:00
CVE-2024-34064
2024-05-06 00:00:00
cve
cve
CVE-2024-22195
2024-01-11 03:15:11
CVE-2024-34064
2024-05-06 15:15:23
cbl_mariner
cbl_mariner
oraclelinux
oraclelinux
python-jinja2 security update
2024-05-02 00:00:00
python-jinja2 security update
2024-05-23 00:00:00
fence-agents security and bug fix update
2024-05-23 00:00:00
ubuntu
ubuntu
Jinja2 vulnerabilities
2024-01-25 00:00:00
mageia
mageia
Updated python-jinja2 packages fix security vulnerabilities
2024-05-31 18:15:28
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00