Fedora 38 : python-jinja2 (2024-604e4c3509)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-604e4c3509 advisory. Security fix for CVE-2024-22195 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora: Security Advisory (FEDORA-2024-6026572e7d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : python-jinja2 (2024-6026572e7d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6026572e7d advisory. Security fix for CVE-2024-22195 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Debian: Security Advisory (DLA-3715-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3715 : python-jinja2 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3715 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3715-1 [email protected] https://www.debian.org/lts/security/...

Fedora: Security Advisory (FEDORA-2024-ab372beea4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-33320 CVE-2024-22195 affecting package python-jinja2 for versions less than 3.0.3-3

Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...

NewStart CGSL MAIN 6.06 : python-jinja2 Multiple Vulnerabilities (NS-SA-2023-0137)

The remote NewStart CGSL host, running version MAIN 6.06, has python-jinja2 packages installed that are affected by multiple vulnerabilities: - psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts syste...

Rocky Linux 8 : python-jinja2 (RLSA-2021:4161)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2021:4161 advisory. - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the punctuationre regex operator and its use of multiple...

Rocky Linux 8 : python-jinja2 (RLSA-2019:1152)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2019:1152 advisory. - In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. CVE-2019-10906 Note that Nessus has not tested for this issue but has instead relied onl...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2023-1285)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : python-jinja2 (EulerOS-SA-2023-1285)

According to the versions of the python-jinja2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the punctuationre...

Ubuntu: Security Advisory (USN-5701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-28493 affecting package python-jinja2 2.10.1-1

CVE-2020-28493 affecting package python-jinja2 2.10.1-1. An upgraded version of the package is available that resolves this issue...

new packages: python-jinja2

An update is available for python-jinja2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2022-1140)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : python-jinja2 (EulerOS-SA-2022-1140)

According to the versions of the python-jinja2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the punctuationre...

AlmaLinux 8 : python-jinja2 (ALSA-2021:4161)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4161 advisory. - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the punctuationre regex operator and its use of multiple...

Mageia: Security Advisory (MGASA-2019-0177)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2021-0178)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...