Amazon Linux 2 : python-templated-dictionary, --advisory ALAS2MOCK2-2025-001 (ALASMOCK2-2025-001)

It is, therefore, affected by a vulnerability as referenced in the ALAS2MOCK2-2025-001 advisory. The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems...

Medium: python-templated-dictionary

Issue Overview: The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2...

[SECURITY] Fedora 38 Update: python-templated-dictionary-1.4-1.fc38

Dictionary where getitem is run through Jinja2 template...

Fedora 38 : python-templated-dictionary (2024-4bd03c989b)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4bd03c989b advisory. Fixing CVE-2023-6395 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...

Fedora: Security Advisory (FEDORA-2024-f69989e7dd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : python-templated-dictionary (2024-f69989e7dd)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f69989e7dd advisory. Fixing CVE-2023-6395 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...

Privilege Escalation

templated-dictionary is vulnerable to Privilege Escalation. The vulnerability is caused due to absence of proper sandboxing mechanisms during the expansion and execution of Jinja2 templates. This allows an attacker to define configuration tags that potentially lead to privilege escalation or code...

AZL-43540 CVE-2023-6395 affecting package python-templated-dictionary 1.1-6

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, whic...