SUSE-SU-2019:1156-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 06 May 2019, 11:46
Last modified:04 Feb 2026, 04:30
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
06 May 2019, 11:46
Published
Vulnerability first disclosed
04 Feb 2026, 04:30
Last Modified
Vulnerability information updated
Description
Security update for python-Jinja2 This update for python-Jinja2 to version 2.10.1 fixes the following issues: Security issues fixed: - CVE-2019-8341: Fixed a command injection in from_string() (bsc#1125815). - CVE-2019-10906: Fixed a sandbox escape due to information disclosure via str.format (bsc#1132323).
Affected Systems
- suse•python-Jinja2&distro=SUSE Linux Enterprise Module for Basesystem 15
< 2.10.1-3.5.1
References (7)
- https://www.suse.com/support/update/announcement/2019/suse-su-20191156-1/
- https://bugzilla.suse.com/1125815
- https://bugzilla.suse.com/1132174
- https://bugzilla.suse.com/1132323
- https://www.suse.com/security/cve/CVE-2016-10745
- https://www.suse.com/security/cve/CVE-2019-10906
- https://www.suse.com/security/cve/CVE-2019-8341