Information on source package jinja2

Available versions

ReleaseVersion
buster2.10-2
buster (security)2.10-2+deb10u1
bullseye2.11.3-1
bookworm3.1.2-1
trixie3.1.3-1
sid3.1.3-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2024-34064vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableJinja is an extensible templating engine. The `xmlattr` filter in affe ...
CVE-2024-22195fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedJinja is an extensible templating engine. Special placeholders in the ...
CVE-2020-28493vulnerable (no DSA)fixedfixedfixedfixedThis affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDo ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2019-8341vulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in Jinja2 2.10. The from_string function is pr ...

Resolved issues

BugDescription
CVE-2019-10906In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape ...
CVE-2016-10745In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
CVE-2014-1402The default configuration for bccache.FileSystemBytecodeCache in Jinja ...
CVE-2014-0012FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create tempo ...

Security announcements

DSA / DLADescription
DLA-3715-1jinja2 - security update

Search for package or bug name: Reporting problems