OPENSUSE-SU-2019:1395-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 13 May 2019, 13:01
Last modified:04 Feb 2026, 04:13
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
13 May 2019, 13:01
Published
Vulnerability first disclosed
04 Feb 2026, 04:13
Last Modified
Vulnerability information updated
Description
Security update for python-Jinja2 This update for python-Jinja2 to version 2.10.1 fixes the following issues: Security issues fixed: - CVE-2019-8341: Fixed a command injection in from_string() (bsc#1125815). - CVE-2019-10906: Fixed a sandbox escape due to information disclosure via str.format (bsc#1132323). This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•python-Jinja2&distro=openSUSE Leap 15.0
< 2.10.1-lp150.2.3.1
References (7)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KPV2O2QPXQEQ5BKRBRQ2RKA7RHVLTZ7E/#KPV2O2QPXQEQ5BKRBRQ2RKA7RHVLTZ7E
- https://bugzilla.suse.com/1125815
- https://bugzilla.suse.com/1132174
- https://bugzilla.suse.com/1132323
- https://www.suse.com/security/cve/CVE-2016-10745
- https://www.suse.com/security/cve/CVE-2019-10906
- https://www.suse.com/security/cve/CVE-2019-8341