openSUSE Security Advisory (SUSE-SU-2026:1203-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:1203-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:20917-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3220 (ALAS-2026-3220)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3220 advisory. A flaw was found in ImageMagick. An integer overflow vulnerability exists in the SIXEL decoder, which allows a...

CVE-2026-28493

creationtimestamp| type| source ---|---|--- 2026-03-30 07:02:33+00:00| seen| https://infosec.exchange/users/certvde/statuses/116316841599408182...

CVE-2026-28493

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerabili...

Linux Distros Unpatched Vulnerability : CVE-2026-28493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability...

CVE-2026-28493

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerabili...

CVE-2020-28493 affecting package nodejs24 for versions less than 24.13.0-1

CVE-2020-28493 affecting package nodejs24 for versions less than 24.13.0-1. A patched version of the package is available...

MiracleLinux 8 : python-jinja2-2.10.1-3.el8 (AXSA:2021-2728:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2728:01 advisory. python-jinja2: ReDoS vulnerability due to the sub-pattern CVE-2020-28493 Tenable has extracted the preceding description block directly from the MiracleLinux...

TencentOS Server 3: python-jinja2 (TSSA-2022:0187)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0187 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2023-28493

Auth subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Macho Themes NewsMag theme = 2.4.4 versions...

Azure Linux 3.0 Security Update: nodejs / python-jinja2 (CVE-2020-28493)

The version of nodejs / python-jinja2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-28493 advisory. - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is...

CVE-2020-28493 affecting package nodejs for versions less than 20.14.0-1

CVE-2020-28493 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...

Advisory ROSA-SA-2024-2506

Software: python-jinja2 2.10.1 OS: ROSA Virtualization 2.1 packageevrstring: python-jinja2-2.10.1-5.rv3 CVE-ID: CVE-2020-28493 BDU-ID: 2022-05230 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python programming language interpreter html-template tool jinja2 is related to incorrect resource...

Oracle Linux 8 : python-jinja2 (ELSA-2024-3102)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3102 advisory. - Security fix for CVE-2024-22195 Resolves: RHEL-21347 - Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern Resolves: rhbz1928707 - Rebase to 2.10.1...

python-jinja2 security update

2.10.1-4 - Security fix for CVE-2024-22195 Resolves: RHEL-21347 2.10.1-3 - Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern Resolves: rhbz1928707 2.10.1-2 - Rebuild of package to go through gating - Resolves: rhbz1701301 2.10.1-1 - Rebase to 2.10.1 security update to fix...

RHEL 6 : python-jinja2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-jinja2: Sandbox escape due to information disclosure via str.format CVE-2016-10745 - This affects...

USN-6599-1: Jinja2 vulnerabilities

Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2020-28493 It was discovered that Jinja incorrectly handled certain HTM...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : Jinja2 vulnerabilities (USN-6599-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6599-1 advisory. Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue ...