rpm package
suse/python-Jinja2&distro=SUSE Linux Micro 6.1
pkg:rpm/suse/python-Jinja2&distro=SUSE%20Linux%20Micro%206.1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-27516 | — | < 3.1.4-slfo.1.1_2.1 | 3.1.4-slfo.1.1_2.1 | Mar 5, 2025 | Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker nee | ||
| CVE-2024-56326 | — | < 3.1.4-slfo.1.1_2.1 | 3.1.4-slfo.1.1_2.1 | Dec 23, 2024 | Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs t | ||
| CVE-2024-56201 | — | < 3.1.4-slfo.1.1_2.1 | 3.1.4-slfo.1.1_2.1 | Dec 23, 2024 | Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit |
- CVE-2025-27516Mar 5, 2025affected < 3.1.4-slfo.1.1_2.1fixed 3.1.4-slfo.1.1_2.1
Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker nee
- CVE-2024-56326Dec 23, 2024affected < 3.1.4-slfo.1.1_2.1fixed 3.1.4-slfo.1.1_2.1
Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs t
- CVE-2024-56201Dec 23, 2024affected < 3.1.4-slfo.1.1_2.1fixed 3.1.4-slfo.1.1_2.1
Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit