AVG-904

Package python-jinja
Status Unknown
Severity Medium
Type content spoofing
Affected 2.10-2
Fixed Unknown
Current 2.10-2 [community]
Ticket None
Created Sun Feb 17 17:33:29 2019
Issue Severity Remote Type Description
CVE-2019-8341 Medium Yes Content spoofing
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as...