Latest version: v3.1.4
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2024-34064 | 71591 |
Jinja is an extensible templating engine. The `xmlattr` filter in aff… |
|
- | - |
| CVE-2024-22195 | 64227 |
Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerabili… |
|
MEDIUM | 6.1 |
| CVE-2016-10745 | 47572 |
Jinja2 2.8.1 sandboxes format expressions with the same rules as in J… |
|
HIGH | 8.6 |
| CVE-2014-1402 | 25866 |
Jinja2 2.7.2 includes a fix for CVE-2014-1402: The default configurat… |
|
MEDIUM | 4.4 |
| CVE-2020-28493 | 39525 |
This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReD… |
|
MEDIUM | 5.3 |
| CVE-2014-0012 | 54674 |
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temp… |
|
MEDIUM | 4.4 |
| CVE-2019-10906 | 54679 |
Jinja2 2.10.1 adds 'SandboxedEnvironment' to handle 'str.format_map' … |
|
HIGH | 8.6 |
| CVE-2019-8341 | 70612 |
In Jinja2, the from_string function is prone to Server Side Template … |
|
CRITICAL | 9.8 |