python-jinja

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A simple pythonic template language written in Python
Version 2.10-2 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-904 2.10-2 Medium Unknown
Issue Group Severity Remote Type Description
CVE-2019-8341 AVG-904 Medium Yes Content spoofing
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as...