python-jinja

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A simple pythonic template language written in Python
Version 2.10.3-3 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-904 2.10-2 Medium Not affected
Issue Group Severity Remote Type Description
CVE-2019-8341 AVG-904 Medium Yes Content spoofing
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as...