ALT-PU-2020-3106-2
Package python-module-jinja2 updated to version 2.11.2-alt1 for branch p9 in task 254838.
Closed vulnerabilities
Published: 2019-02-15
BDU:2019-01179
Уязвимость функции from_string шаблонизатора Jinja2 для языка программирования Python, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
Severity: HIGH (8.2)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Severity: HIGH (8.5)
Vector: AV:N/AC:L/Au:N/C:P/I:C/A:N
References:
Published: 2014-05-19
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2014-0012
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402.
Severity: MEDIUM (4.4)
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
References:
- http://seclists.org/oss-sec/2014/q1/73
- http://secunia.com/advisories/56328
- http://secunia.com/advisories/60738
- http://www.gentoo.org/security/en/glsa/glsa-201408-13.xml
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- https://github.com/mitsuhiko/jinja2/commit/acb672b6a179567632e032f547582f30fa2f4aa7
- https://github.com/mitsuhiko/jinja2/pull/292
- https://github.com/mitsuhiko/jinja2/pull/296
- http://seclists.org/oss-sec/2014/q1/73
- http://secunia.com/advisories/56328
- http://secunia.com/advisories/60738
- http://www.gentoo.org/security/en/glsa/glsa-201408-13.xml
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- https://github.com/mitsuhiko/jinja2/commit/acb672b6a179567632e032f547582f30fa2f4aa7
- https://github.com/mitsuhiko/jinja2/pull/292
- https://github.com/mitsuhiko/jinja2/pull/296
Published: 2014-05-19
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2014-1402
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.
Severity: MEDIUM (4.4)
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
References:
- http://advisories.mageia.org/MGASA-2014-0028.html
- http://jinja.pocoo.org/docs/changelog/
- http://openwall.com/lists/oss-security/2014/01/10/2
- http://openwall.com/lists/oss-security/2014/01/10/3
- http://rhn.redhat.com/errata/RHSA-2014-0747.html
- http://rhn.redhat.com/errata/RHSA-2014-0748.html
- http://secunia.com/advisories/56287
- http://secunia.com/advisories/58783
- http://secunia.com/advisories/58918
- http://secunia.com/advisories/59017
- http://secunia.com/advisories/60738
- http://secunia.com/advisories/60770
- http://www.gentoo.org/security/en/glsa/glsa-201408-13.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:096
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- https://oss.oracle.com/pipermail/el-errata/2014-June/004192.html
- http://advisories.mageia.org/MGASA-2014-0028.html
- http://jinja.pocoo.org/docs/changelog/
- http://openwall.com/lists/oss-security/2014/01/10/2
- http://openwall.com/lists/oss-security/2014/01/10/3
- http://rhn.redhat.com/errata/RHSA-2014-0747.html
- http://rhn.redhat.com/errata/RHSA-2014-0748.html
- http://secunia.com/advisories/56287
- http://secunia.com/advisories/58783
- http://secunia.com/advisories/58918
- http://secunia.com/advisories/59017
- http://secunia.com/advisories/60738
- http://secunia.com/advisories/60770
- http://www.gentoo.org/security/en/glsa/glsa-201408-13.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:096
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- https://oss.oracle.com/pipermail/el-errata/2014-June/004192.html
Published: 2019-04-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-10906
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
Severity: MEDIUM (5.0)
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Severity: HIGH (8.6)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References:
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html
- https://access.redhat.com/errata/RHSA-2019:1152
- https://access.redhat.com/errata/RHSA-2019:1237
- https://access.redhat.com/errata/RHSA-2019:1329
- https://lists.apache.org/thread.html/09fc842ff444cd43d9d4c510756fec625ef8eb1175f14fd21de2605f%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/2b52b9c8b9d6366a4f1b407a8bde6af28d9fc73fdb3b37695fd0d9ac%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/320441dccbd9a545320f5f07306d711d4bbd31ba43dc9eebcfc602df%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/46c055e173b52d599c648a98199972dbd6a89d2b4c4647b0500f2284%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/57673a78c4d5c870d3f21465c7e2946b9f8285c7c57e54c2ae552f02%40%3Ccommits.airflow.apache.org%3E
- https://lists.apache.org/thread.html/7f39f01392d320dfb48e4901db68daeece62fd60ef20955966739993%40%3Ccommits.airflow.apache.org%3E
- https://lists.apache.org/thread.html/b2380d147b508bbcb90d2cad443c159e63e12555966ab4f320ee22da%40%3Ccommits.airflow.apache.org%3E
- https://lists.apache.org/thread.html/f0c4a03418bcfe70c539c5dbaf99c04c98da13bfa1d3266f08564316%40%3Ccommits.airflow.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSW3QZMFVVR7YE3UT4YRQA272TYAL5AF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCDYIS254EJMBNWOG4S5QY6AOTOR4TZU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TS7IVZAJBWOHNRDMFJDIZVFCMRP6YIUQ/
- https://palletsprojects.com/blog/jinja-2-10-1-released
- https://usn.ubuntu.com/4011-1/
- https://usn.ubuntu.com/4011-2/
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html
- https://access.redhat.com/errata/RHSA-2019:1152
- https://access.redhat.com/errata/RHSA-2019:1237
- https://access.redhat.com/errata/RHSA-2019:1329
- https://lists.apache.org/thread.html/09fc842ff444cd43d9d4c510756fec625ef8eb1175f14fd21de2605f%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/2b52b9c8b9d6366a4f1b407a8bde6af28d9fc73fdb3b37695fd0d9ac%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/320441dccbd9a545320f5f07306d711d4bbd31ba43dc9eebcfc602df%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/46c055e173b52d599c648a98199972dbd6a89d2b4c4647b0500f2284%40%3Cdevnull.infra.apache.org%3E
- https://lists.apache.org/thread.html/57673a78c4d5c870d3f21465c7e2946b9f8285c7c57e54c2ae552f02%40%3Ccommits.airflow.apache.org%3E
- https://lists.apache.org/thread.html/7f39f01392d320dfb48e4901db68daeece62fd60ef20955966739993%40%3Ccommits.airflow.apache.org%3E
- https://lists.apache.org/thread.html/b2380d147b508bbcb90d2cad443c159e63e12555966ab4f320ee22da%40%3Ccommits.airflow.apache.org%3E
- https://lists.apache.org/thread.html/f0c4a03418bcfe70c539c5dbaf99c04c98da13bfa1d3266f08564316%40%3Ccommits.airflow.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSW3QZMFVVR7YE3UT4YRQA272TYAL5AF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCDYIS254EJMBNWOG4S5QY6AOTOR4TZU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TS7IVZAJBWOHNRDMFJDIZVFCMRP6YIUQ/
- https://palletsprojects.com/blog/jinja-2-10-1-released
- https://usn.ubuntu.com/4011-1/
- https://usn.ubuntu.com/4011-2/
Published: 2019-02-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-8341
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Severity: CRITICAL (9.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1677653
- https://bugzilla.suse.com/show_bug.cgi?id=1125815
- https://github.com/JameelNabbo/Jinja2-Code-execution
- https://www.exploit-db.com/exploits/46386/
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1677653
- https://bugzilla.suse.com/show_bug.cgi?id=1125815
- https://github.com/JameelNabbo/Jinja2-Code-execution
- https://www.exploit-db.com/exploits/46386/