MiracleLinux 8 : python-jinja2-2.10.1-6.el8_10 (AXSA:2025-9599:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9599:02 advisory. jinja2: Jinja has a sandbox breakout through indirect reference to format method CVE-2024-56326 Tenable has extracted the preceding description block directl...

Important: python3-jinja2

Issue Overview: Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...