Fedora: Security Advisory (FEDORA-2024-2005708761)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-e3caf31c98)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : python-jinja2 (2024-2005708761)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-2005708761 advisory. Update to 3.1.4 rhbz2279211,rhbz2279491 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

RHEL 8 : python-jinja2 (RHSA-2024:3102)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3102 advisory. The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports...

ALSA-2024:3102 Moderate: python-jinja2 security update

The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: jinja2: HTML attribute injection when passing user input as keys to xmlattr...

CentOS 8 : python-jinja2 (CESA-2024:3102)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3102 advisory. - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary...

Fedora 40 : mingw-python-jinja2 (2024-e3caf31c98)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e3caf31c98 advisory. Update to jinja2-3.1.4, fixes CVE-2024-34064. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2024-1634)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : python-jinja2 (EulerOS-SA-2024-1615)

According to the versions of the python-jinja2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2024-1615)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.0 : python-jinja2 (EulerOS-SA-2024-1634)

According to the versions of the python-jinja2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax...

RHEL 7 : python-jinja2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-jinja2: ReDoS vulnerability in the urlize filter CVE-2020-28493 Note that Nessus has not tested for this iss...

RHEL 6 : python-jinja2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-jinja2: Sandbox escape due to information disclosure via str.format CVE-2016-10745 - This affects...

AZL-40439 CVE-2024-34064 affecting package python-jinja2 for versions less than 3.0.3-4

Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as...

AZL-40369 CVE-2024-34064 affecting package python-jinja2 for versions less than 3.1.2-2

Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as...

Oracle Linux 9 : python-jinja2 (ELSA-2024-2348)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2348 advisory. 2.11.3-5 - Security fix for CVE-2024-22195 Resolves: RHEL-21349 Tenable has extracted the preceding description block directly from the Oracle Linux security...

python-jinja2 security update

2.11.3-5 - Security fix for CVE-2024-22195 Resolves: RHEL-21349...

Moderate: Red Hat Security Advisory: python-jinja2 security update

An update for python-jinja2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 9 : python-jinja2 (RHSA-2024:2348)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2348 advisory. The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports...

Moderate: python-jinja2 security update

The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fixes: jinja2: HTML attribute injection when passing user input as keys to xmlattr...