Jinja xmlattr filter allows injection of attributes leading to XSS vulnerability CVE-2024-34064. Fixed in version 3.1.4
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Updated python-jinja2 packages fix security vulnerabilities | 31 May 202418:15 | – | mageia |
![]() | Medium: python3-jinja2 | 19 Jun 202419:15 | – | amazon |
![]() | Medium: python-jinja2 | 19 Jun 202419:15 | – | amazon |
![]() | Medium: python-jinja2 | 1 Feb 202419:57 | – | amazon |
![]() | Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2024-644) | 24 Jun 202400:00 | – | nessus |
![]() | EulerOS Virtualization 2.10.0 : python-jinja2 (EulerOS-SA-2024-2127) | 19 Aug 202400:00 | – | nessus |
![]() | EulerOS Virtualization 2.10.1 : python-jinja2 (EulerOS-SA-2024-2147) | 19 Aug 202400:00 | – | nessus |
![]() | FreeBSD : Jinja2 -- Vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter (04c9c3f8-5ed3-11ef-8262-b0416f0c4c67) | 20 Aug 202400:00 | – | nessus |
![]() | EulerOS 2.0 SP10 : python-jinja2 (EulerOS-SA-2024-1919) | 15 Jul 202400:00 | – | nessus |
![]() | EulerOS 2.0 SP11 : python-jinja2 (EulerOS-SA-2024-2109) | 8 Aug 202400:00 | – | nessus |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo