Closed abishekvashok closed 5 years ago
I'm submitting a ... (check one with "x")
Jinja2 vulnerability found in requirements.txt
Remediation Upgrade Jinja2 to version 2.10.1 or later. For example:
Jinja2>=2.10.1
Details CVE-2019-10906 https://nvd.nist.gov/vuln/detail/CVE-2019-10906
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
Fixed. Generally just fix this, no need to file a bug.
I'm submitting a ... (check one with "x")
Jinja2 vulnerability found in requirements.txt
Remediation Upgrade Jinja2 to version 2.10.1 or later. For example:
Details CVE-2019-10906 https://nvd.nist.gov/vuln/detail/CVE-2019-10906