VYPR

rpm package

opensuse/python-dynaconf&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/python-dynaconf&distro=openSUSE%20Leap%2016.0

Vulnerabilities (1)

  • CVE-2026-33154HigMar 20, 2026
    affected < 3.2.5-bp160.2.1fixed 3.2.5-bp160.2.1

    dynaconf is a configuration management tool for Python. Prior to version 3.2.13, Dynaconf is vulnerable to Server-Side Template Injection (SSTI) due to unsafe template evaluation in the @Jinja resolver. When the jinja2 package is installed, Dynaconf evaluates template expressions