AVG-904

Package python-jinja
Status Not affected
Severity Medium
Type content spoofing
Affected 2.10-2
Fixed Not affected
Current 2.10.1-1 [community]
Ticket None
Created Sun Feb 17 17:33:29 2019
Issue Severity Remote Type Description
CVE-2019-8341 Medium Yes Content spoofing
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as...
Notes
We don't consider this a security issue