Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Jinja2 vulnerabilities (USN-7343-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7343-1 advisory. Rafal Krupinski discovered that Jinja2 did not properly restrict the execution of cod...

USN-7343-1: Jinja2 vulnerabilities

Rafal Krupinski discovered that Jinja2 did not properly restrict the execution of code in situations where templates are used maliciously. An attacker with control over a template's filename and content could potentially use this issue to enable the execution of arbitrary code. This issue only...

USN-7343-1 jinja2 vulnerabilities

Rafal Krupinski discovered that Jinja2 did not properly restrict the execution of code in situations where templates are used maliciously. An attacker with control over a template's filename and content could potentially use this issue to enable the execution of arbitrary code. This issue only...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.72 packages and security update

Red Hat OpenShift Container Platform release 4.12.72 bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVS...

USN-7244-1: Jinja2 vulnerabilities

It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...

USN-7244-1 jinja2 vulnerabilities

It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

fence-agents security update

4.10.0-76.4 - bundled jinja2: fix CVE-2024-56201 and CVE-2024-56326 Resolves: RHEL-72070, RHEL-72063...

USN-6599-1 jinja2 vulnerabilities

Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2020-28493 It was discovered that Jinja incorrectly handled certain HTM...

Ubuntu 16.04 LTS / 18.04 LTS : Jinja2 vulnerabilities (USN-4011-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4011-1 advisory. Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbox. This issu...