python-jinja
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A simple pythonic template language written in Python |
| Version | 1:3.1.4-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1523 | 2.11.2-4 | 2.11.3-1 | Low | Fixed | |
| AVG-904 | 2.10-2 | Medium | Not affected |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-28493 | AVG-1523 | Low | Yes | Denial of service | A security issue was found in python-jinja before version 2.11.3. The regular expression denial of service vulnerability is mainly due to the sub-pattern... |
| CVE-2019-8341 | AVG-904 | Medium | Yes | Content spoofing | An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 07 Feb 2021 | ASA-202102-19 | AVG-1523 | Low | denial of service |