34 matches found
SUSE-SU-2025:0016-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2024-56326: sandbox breakout through indirect reference to format method in template file. bsc1234809...
python-jinja2 security update
2.11.3-6 - Security fix for CVE-2024-34064 Resolves: RHEL-35653...
CVE-2024-34064 affecting package python-jinja2 for versions less than 3.0.3-4
CVE-2024-34064 affecting package python-jinja2 for versions less than 3.0.3-4. A patched version of the package is available...
MGASA-2024-0199 Updated python-jinja2 packages fix security vulnerabilities
It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting XSS attack...
SUSE-SU-2024:1864-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - Fixed HTML attribute injection when passing user input as keys to xmlattr filter CVE-2024-34064, bsc1223980, CVE-2024-22195, bsc1218722...
SUSE-SU-2024:1863-2 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - Fixed HTML attribute injection when passing user input as keys to xmlattr filter CVE-2024-34064, bsc1223980, CVE-2024-22195, bsc1218722...
MGASA-2021-0178 Updated python-jinja2 packages fix a security vulnerability
ReDOS vulnerability where urlize could have been called with untrusted user data CVE-2020-28493...
SUSE-SU-2021:14644-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...
SUSE-SU-2021:0603-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...
SUSE-SU-2021:0602-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...
SUSE-SU-2021:0601-1 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. bsc1181944...
Important: Red Hat Security Advisory: python-jinja2 security update
An update for python-jinja2 is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a securit...
python-jinja2 security update
2.10.1-2 - Rebuild of package to go through gating - Resolves: rhbz1701300 2.10.1-1 - Rebase to 2.10.1 security update to fix CVE-2019-10906 - Resolves: rhbz1701300 2.10-9 - Require platform-python-setuptools instead of python3-setuptools - Resolves: rhbz1650536 2.10-8 - Revert changes commited t...
Updated python-jinja2 packages fix security vulnerability
Sandbox escape due to information disclosure via str.format CVE-2016-10745. str.formatmap allows sandbox escape CVE-2019-10906...