It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-56201)
It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-56326)
{ "binaries": [ { "binary_name": "python-jinja2", "binary_version": "2.10-1ubuntu0.18.04.1+esm3" }, { "binary_name": "python-jinja2-doc", "binary_version": "2.10-1ubuntu0.18.04.1+esm3" }, { "binary_name": "python3-jinja2", "binary_version": "2.10-1ubuntu0.18.04.1+esm3" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "python-jinja2", "binary_version": "2.10.1-2ubuntu0.4" }, { "binary_name": "python-jinja2-doc", "binary_version": "2.10.1-2ubuntu0.4" }, { "binary_name": "python3-jinja2", "binary_version": "2.10.1-2ubuntu0.4" } ], "availability": "No subscription required" }