102 matches found
MiracleLinux 9 : python-jinja2-2.11.3-5.el9 (AXSA:2024-7960:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7960:01 advisory. jinja2: HTML attribute injection when passing user input as keys to xmlattr filter CVE-2024-22195 Tenable has extracted the preceding description block...
Security Bulletin: IBM Storage Ceph is vulnerable to Cross-site Scripting in Jinja2 (CVE-2024-22195)
Summary Jinja2 is used by IBM Storage Ceph and by the RHEL UBI in multiple components. CVE-2024-22195 This bulletin identifies the steps to take to address the vulnerability in Jinja2. Affected components include nvme, grafana, keepalived, haproxy, promtail. snmp, ansible, fence-agents, rust...
Security Bulletin: Vulnerability in jinja2 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-22195]
Summary The jinja2 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-22195 Vulnerability Details CVEID:CVE-2024-22195 DESCRIPTION: Jinja is an extensible templating engine. Special placeholders in the template allow...
TencentOS Server 3: python27:2.7 (TSSA-2024:0777)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0777 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: python-jinja2 (TSSA-2024:0203)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0203 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0139: python-jinja2 (ALINUX3-SA-2024:0139)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0139 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-22195: Jinja is an extensible templating...
Security Bulletin: Vulnerability in Jinja2 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-22195].
Summary The Jinja2 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-22195. Vulnerability Details CVEID:CVE-2024-22195 DESCRIPTION: Jinja is an extensible templating engine. Special placeholders in the template allow...
CVE-2024-22195 affecting package nodejs18 for versions less than 18.20.3-3
CVE-2024-22195 affecting package nodejs18 for versions less than 18.20.3-3. A patched version of the package is available...
CVE-2024-22195 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-22195 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...
Azure Linux 3.0 Security Update: python-jinja2 (CVE-2024-22195)
The version of python-jinja2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22195 advisory. - Jinja is an extensible templating engine. Special placeholders in the template allow writing code...
Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: CVE-2024-34064, CVE-2024-22195: HTML attribute injection when passing user input as keys to xmlattr filter bsc1223980, bsc1218722 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
CVE-2024-22195 affecting package python-jinja2 for versions less than 3.1.2-2
CVE-2024-22195 affecting package python-jinja2 for versions less than 3.1.2-2. A patched version of the package is available...
CBL Mariner 2.0 Security Update: python-jinja2 (CVE-2024-22195)
The version of python-jinja2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22195 advisory. - Jinja is an extensible templating engine. Special placeholders in the template allow writing code...
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2024-2642)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2024-2506
Software: python-jinja2 2.10.1 OS: ROSA Virtualization 2.1 packageevrstring: python-jinja2-2.10.1-5.rv3 CVE-ID: CVE-2020-28493 BDU-ID: 2022-05230 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Python programming language interpreter html-template tool jinja2 is related to incorrect resource...
EulerOS 2.0 SP12 : python-jinja2 (EulerOS-SA-2024-2356)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters...
EulerOS 2.0 SP12 : python-jinja2 (EulerOS-SA-2024-2348)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters...
openSUSE Security Advisory (SUSE-SU-2024:1863-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1863-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:1864-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...