AVG-904 log
Package | python-jinja |
Status | Not affected |
Severity | Medium |
Type | content spoofing |
Affected | 2.10-2 |
Fixed | Not affected |
Current | 1:3.1.4-1 [extra] |
Ticket | None |
Created | Sun Feb 17 17:33:29 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-8341 | Medium | Yes | Content spoofing | An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as... |
Notes |
---|
We don't consider this a security issue |