rpm package
opensuse/python-dynaconf&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/python-dynaconf&distro=openSUSE%20Leap%2016.0
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-33154 | Hig | 7.5 | < 3.2.5-bp160.2.1 | 3.2.5-bp160.2.1 | Mar 20, 2026 | dynaconf is a configuration management tool for Python. Prior to version 3.2.13, Dynaconf is vulnerable to Server-Side Template Injection (SSTI) due to unsafe template evaluation in the @Jinja resolver. When the jinja2 package is installed, Dynaconf evaluates template expressions |
- affected < 3.2.5-bp160.2.1fixed 3.2.5-bp160.2.1
dynaconf is a configuration management tool for Python. Prior to version 3.2.13, Dynaconf is vulnerable to Server-Side Template Injection (SSTI) due to unsafe template evaluation in the @Jinja resolver. When the jinja2 package is installed, Dynaconf evaluates template expressions