python-jinja
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | A simple pythonic template language written in Python |
Version |
1:3.1.4-2 [extra-testing] 1:3.1.4-1 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1523 | 2.11.2-4 | 2.11.3-1 | Low | Fixed | |
AVG-904 | 2.10-2 | Medium | Not affected |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2020-28493 | AVG-1523 | Low | Yes | Denial of service | A security issue was found in python-jinja before version 2.11.3. The regular expression denial of service vulnerability is mainly due to the sub-pattern... |
CVE-2019-8341 | AVG-904 | Medium | Yes | Content spoofing | An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as... |
Advisories
Date | Advisory | Group | Severity | Type |
---|---|---|---|---|
07 Feb 2021 | ASA-202102-19 | AVG-1523 | Low | denial of service |