121 matches found
ROOT-APP-PYPI-CVE-2024-34064 CVE-2024-34064 in rootio-Jinja2 - Patched by Root
Root has patched CVE-2024-34064 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available...
RHCOS 9 : OpenShift Container Platform 4.15.25 (RHSA-2024:4958)
The remote Red Hat Enterprise Linux CoreOS 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4958 advisory. - jinja2: accepts keys containing non-attribute characters CVE-2024-34064 Note that Nessus has not tested for this issue but has instead reli...
RHCOS 4 / 9 : OpenShift Container Platform 4.16.4 (RHSA-2024:4616)
The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4616 advisory. - golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 - jinja2: accepts keys containing non-attribute...
nimiq-accounts (>=0.1.0 <=0.2.0), nimiq-block (>=0.1.0 <=0.2.0) +13 more potentially affected by CVE-2026-34064 via nimiq-account (>=0.1.0 <=0.2.0)
nimiq-account CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-34064 Source advisory: OSV:GHSA-VC34-39Q2-M6Q3...
CVE-2024-34064
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...
CVE-2024-34064 affecting package nodejs24 for versions less than 24.13.0-1
CVE-2024-34064 affecting package nodejs24 for versions less than 24.13.0-1. A patched version of the package is available...
MiracleLinux 9 : fence-agents-4.10.0-62.el9_4.3 (AXSA:2024-8287:07)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8287:07 advisory. jinja2: accepts keys containing non-attribute characters CVE-2024-34064 CVE-2024-34064 Jinja is an extensible templating engine. The xmlattr filter in affect...
MiracleLinux 8 : python-jinja2-2.10.1-5.el8_10 (AXSA:2024-8524:03)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8524:03 advisory. jinja2: accepts keys containing non-attribute characters CVE-2024-34064 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : python-jinja2-2.11.3-6.el9 (AXSA:2024-9263:04)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9263:04 advisory. jinja2: accepts keys containing non-attribute characters CVE-2024-34064 Tenable has extracted the preceding description block directly from the MiracleLinux...
TencentOS Server 3: python-jinja2 (TSSA-2024:0306)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0306 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2025-34064
creationtimestamp| type| source ---|---|--- 2025-07-01 15:07:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/20043 2025-07-01 15:58:48+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114778801913249591 2025-08-06 13:54:20+00:00| seen|...
Security Bulletin: Vulnerability in jinja2 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-34064]
Summary The jinja2 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-34064 Vulnerability Details CVEID:CVE-2024-34064 DESCRIPTION: Jinja is vulnerable to cross-site scripting, caused by the acceptance of keys...
Security Bulletin: Vulnerability in Jinja2 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-34064].
Summary The Jinja2 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-34064. Vulnerability Details CVEID:CVE-2024-34064 DESCRIPTION: Jinja is vulnerable to cross-site scripting, caused by the acceptance of keys...
CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...
RockyLinux 9 : python-jinja2 (RLSA-2024:9150)
The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:9150 advisory. jinja2: accepts keys containing non-attribute characters CVE-2024-34064 Tenable has extracted the preceding description block directly from the RockyLinux securit...
python-jinja2 security update
An update is available for python-jinja2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-jinja2 package contains Jinja2, a template engine written in...
RLSA-2024:9150 Moderate: python-jinja2 security update
The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: jinja2: accepts keys containing non-attribute characters CVE-2024-34064 For...
Security Bulletin: Vulnerability in Jinja affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.
Summary Potential vulnerability in Jinja has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.. The vulnerability have been addressed. Refer to details for additional information. Vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2024-34064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes...
CVE-2024-34064 affecting package nodejs18 for versions less than 18.20.3-4
CVE-2024-34064 affecting package nodejs18 for versions less than 18.20.3-4. A patched version of the package is available...