5 matches found
MiracleLinux 9 : python-jinja2-2.11.3-8.el9_5 (AXSA:2025-9829:04)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9829:04 advisory. jinja2: Jinja sandbox breakout through attr filter selecting format method CVE-2025-27516 Tenable has extracted the preceding description block directly from...
Security Bulletin: IBM SOAR QRadar Plugin app for IBM QRadar SIEM is affected by server-side template injection leading to remote code execution (CVE-2025-27516)
Summary IBM SOAR QRadar Plugin app for IBM QRadar SIEM is affected by server-side template injection leading to remote code execution. IBM SOAR QRadar Plugin app has addressed the issue in the latest update. Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible templating...
EulerOS 2.0 SP13 : python-jinja2 (EulerOS-SA-2025-1984)
According to the versions of the python-jinja2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filte...
Important: python-jinja2 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
ALPINE-CVE-2025-27516
Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the...