Azure Linux 3.0 Security Update: nodejs (CVE-2019-10906)

The version of nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-10906 advisory. - In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. CVE-2019-10906 Note that Nessus has n...

Alibaba Cloud Linux 3 : 0066: python-jinja2 (ALINUX3-SA-2022:0066)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by a vulnerability as referenced in the ALINUX3-SA-2022:0066 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-10906: In Pallets Jinja before 2.10.1,...

CVE-2019-10906 affecting package nodejs for versions less than 20.14.0-1

CVE-2019-10906 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...

Important: python3-jinja2

Issue Overview: In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. CVE-2019-10906 Affected Packages: python3-jinja2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories...

Important: python3-jinja2

Issue Overview: In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. CVE-2019-10906 Affected Packages: python3-jinja2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories...

python-jinja2 security update

2.10.1-4 - Security fix for CVE-2024-22195 Resolves: RHEL-21347 2.10.1-3 - Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern Resolves: rhbz1928707 2.10.1-2 - Rebuild of package to go through gating - Resolves: rhbz1701301 2.10.1-1 - Rebase to 2.10.1 security update to fix...

RHEL 6 / 7 : rh-python36-python-jinja2 (RHSA-2019:1329)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1329 advisory. The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but support...

RHEL 6 / 7 : rh-python35-python-jinja2 (RHSA-2019:1237)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1237 advisory. The rh-python35-python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-X...

Rocky Linux 8 : python-jinja2 (RLSA-2019:1152)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2019:1152 advisory. - In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. CVE-2019-10906 Note that Nessus has not tested for this issue but has instead relied onl...

Ubuntu: Security Advisory (USN-4011-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0177)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 6.02 : python-jinja2 Vulnerability (NS-SA-2021-0131)

The remote NewStart CGSL host, running version MAIN 6.02, has python-jinja2 packages installed that are affected by a vulnerability: - In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. CVE-2019-10906 Note that Nessus has not tested for this issue but has instead relied only o...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2021-2430)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3096-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2021-1838)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : python-jinja2 (EulerOS-SA-2021-1838)

According to the version of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape.CVE-2019-10906 Note that Tenable Network Security has extracted the...

CentOS 8 : python-jinja2 (CESA-2019:1152)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2019:1152 advisory. - python-jinja2: str.formatmap allows sandbox escape CVE-2019-10906 Note that Nessus has not tested for this issue but has instead relied only on the...

SUSE-SU-2020:3096-1 Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: - CVE-2019-10906: Fixed a sandbox escape due to information disclosure via str.format bsc1132323. - CVE-2019-8341: Fixed a command injection in function fromstring bsc1125815...

EulerOS Virtualization 3.0.2.2 : python-jinja2 (EulerOS-SA-2020-2202)

According to the version of the python-jinja2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape.CVE-2019-10906 Note that Tenable Network Security has...