60 matches found
Security Bulletin: IBM Cognos Analytics is affected by multiple security vulnerabilities
Summary There are vulnerabilities in multiple Open-Source Software OSS components consumed by IBM Cognos Analytics. Please review the below vulnerabilities and take necessary remediation actions. This Security Bulletin relates only to the direct usage of third-party components by IBM Cognos...
Linux Distros Unpatched Vulnerability : CVE-2024-22195
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary...
EUVD-2019-0069
Malware in sbrugna...
EUVD-2024-3607
Malicious code in bioql PyPI...
EUVD-2024-3585
Malicious code in bioql PyPI...
Security Bulletin: Vulnerability with spring-security-crypto and jinja affect IBM Cloud Object Storage Systems (July 2025)
Summary Vulnerability with spring-security-crypto CVE-2025-22228 and jinja CVE-2025-27516 . This vulnerability has been addressed in the latest ClevOS release. Vulnerability Details CVEID:CVE-2025-22228 DESCRIPTION: BCryptPasswordEncoder.matchesCharSequence,String will incorrectly return true for...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Jinja (CVE-2025-27516)
Summary A vulnerability in Jinja that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allow...
TencentOS Server 3: python-jinja2 (TSSA-2025:0305)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0305 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 4: python-jinja2 (TSSA-2025:0233)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0233 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 2: python-jinja2 (TSSA-2025:0154)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0154 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
TencentOS Server 3: python-jinja2 (TSSA-2025:0307)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0307 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an arbitrary code execution in Jinja [CVE-2025-27516]
Summary IBM Watson Speech Services Cartridge is vulnerable to arbitrary code execution in Jinja, due to an oversight in how the Jinja sandboxed environment interacts with the |attr filter CVE-2025-27516. Jinja is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the...
Alibaba Cloud Linux 3 : 0018: python-jinja2 (ALINUX3-SA-2025:0018)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0018 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-56326: Jinja is an extensible templating...
Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to an arbitrary code execution in Jinja [CVE-2024-56201]
Summary IBM Watson Speech Services Cartridge is vulnerable to an arbitrary code execution in Jinja, due to a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code CVE-2024-56201. Jinja is used by our Speech Service...
Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to an arbitrary code execution in Jinja [CVE-2024-56326]
Summary IBM Watson Speech Services Cartridge is vulnerable to an arbitrary code execution in Jinja, due to an oversight in how the Jinja sandboxed environment detects calls to str.format, which allows an attacker that controls the content of a template to execute arbitrary Python code...
Security Bulletin: IBM Maximo Application Suite - Predict Component vulnerable to jinja is an extensible templating engine.
Summary Security Bulletin: IBM Maximo Application Suite - Predict Component vulnerable to jinja is an extensible templating engine. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible...
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2025-1341)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2025-893)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-893 advisory. Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template t...
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Important) (RHSA-2025:3123)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3123 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...
Security Bulletin: IBM Maximo Application Suite Predict Component vulnerable to arbitrary code execution
Summary Security Bulletin: IBM Maximo Application Suite Predict Component may be vulnerable to arbitrary code execution of Python code through the use of Jinja. Vulnerability Details CVEID:CVE-2024-56326 DESCRIPTION: Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how th...