VYPR

rpm package

suse/python-Jinja2&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

pkg:rpm/suse/python-Jinja2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS

Vulnerabilities (3)

  • CVE-2025-27516Mar 5, 2025
    affected < 2.10.1-150000.3.21.1fixed 2.10.1-150000.3.21.1

    Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker nee

  • CVE-2024-56326Dec 23, 2024
    affected < 3.1.2-150400.12.11.1fixed 3.1.2-150400.12.11.1

    Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs t

  • CVE-2024-56201Dec 23, 2024
    affected < 3.1.2-150400.12.11.1fixed 3.1.2-150400.12.11.1

    Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit