FedoraFEDORA:D4AC7204A470

HistoryMay 16, 2024 - 1:09 a.m.

Vulners
/
Fedora
/
[SECURITY] Fedora 39 Update: mingw-python-jinja2-3.1.4-1.fc39

[SECURITY] Fedora 39 Update: mingw-python-jinja2-3.1.4-1.fc39

2024-05-1601:09:33

lists.fedoraproject.org

fedora 39

update

mingw

python

jinja2

library

windows

unix

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

AI Score

6.6

Confidence

Low

EPSS

Percentile

10.3%

JSON

MinGW Windows Python jinja2 library.

OSVersionArchitecturePackageVersionFilename
Fedora39anymingw-python-jinja2< 3.1.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	39	any	mingw-python-jinja2	< 3.1.4	UNKNOWN

veracode 1

redhat 19

nessus 45

osv 14

openvas 18

ibm 8

almalinux 2

ubuntu 1

oraclelinux 2

wolfi 1

rocky 2

fedora 3

cgr 1

cbl_mariner 1

debiancve 1

github 1

nvd 1

redhatcve 1

cvelist 1

freebsd 1

ubuntucve 1

mageia 1

cve 1

amazon 2

vulnrichment 1

oracle 1

veracode

Cross-site Scripting (XSS)

2024-05-08 08:24:34

redhat

(RHSA-2024:4231) Moderate: python-jinja2 security update

2024-07-02 13:54:35

(RHSA-2024:4414) Moderate: fence-agents security update

2024-07-09 08:53:07

(RHSA-2024:3820) Moderate: fence-agents security update

2024-06-11 18:27:26

nessus

Fedora 40 : python-jinja2 (2024-2005708761)

2024-05-23 00:00:00

Rocky Linux 9 : fence-agents (RLSA-2024:3820)

2024-06-14 00:00:00

Fedora 39 : python-jinja2 (2024-ce7649d28e)

2024-06-01 00:00:00

osv

CGA-8hp4-mxq9-cfjp

2024-06-06 12:25:41

CGA-w4rq-c3cf-82f3

2024-06-06 23:03:36

CGA-3h69-x6cf-g5c9

2024-06-06 12:21:56

openvas

Fedora: Security Advisory (FEDORA-2024-e3caf31c98)

2024-05-27 00:00:00

Ubuntu: Security Advisory (USN-6787-1)

2024-05-29 00:00:00

Fedora: Security Advisory (FEDORA-2024-e609c057ad)

2024-05-27 00:00:00

ibm

Security Bulletin: IBM Cloud Pak for Data is vulnerable to cross-site scripting due to Jinja2 ( CVE-2024-34064 )

2024-08-08 18:26:12

Security Bulletin: IBM Maximo Application Suite uses Jinja2-3.1.3-py3-none-any.whl which is vulnerable to CVE-2024-34064.

2024-09-02 07:14:13

Security Bulletin: Vulnerability in Jinja affects IBM Process Mining CVE-2024-34064

2024-06-28 15:29:58

almalinux

Moderate: fence-agents security update

2024-06-11 00:00:00

Moderate: python-jinja2 security update

2024-07-02 00:00:00

ubuntu

Jinja2 vulnerability

2024-05-28 00:00:00

oraclelinux

fence-agents security update

2024-06-11 00:00:00

python-jinja2 security update

2024-07-03 00:00:00

wolfi

CVE-2024-34064 vulnerabilities

2024-09-16 09:11:41

rocky

python-jinja2 security update

2024-07-15 12:17:49

fence-agents security update

2024-06-14 14:00:40

fedora

[SECURITY] Fedora 40 Update: mingw-python-jinja2-3.1.4-1.fc40

2024-05-16 01:52:37

[SECURITY] Fedora 40 Update: python-jinja2-3.1.4-1.fc40

2024-05-23 01:09:34

[SECURITY] Fedora 39 Update: python-jinja2-3.1.4-1.fc39

2024-06-01 01:12:44

cgr

CVE-2024-34064 vulnerabilities

2024-05-19 03:07:16

cbl_mariner

CVE-2024-34064 affecting package python-jinja2 for versions less than 3.0.3-4

2024-06-12 22:23:00

debiancve

CVE-2024-34064

2024-05-06 15:15:23

github

Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

2024-05-06 14:20:59

nvd

CVE-2024-34064

2024-05-06 15:15:23

redhatcve

CVE-2024-34064

2024-05-07 06:54:54

cvelist

CVE-2024-34064 Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

2024-05-06 14:41:39

freebsd

Jinja2 -- Vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

2024-05-06 00:00:00

ubuntucve

CVE-2024-34064

2024-05-06 00:00:00

mageia

Updated python-jinja2 packages fix security vulnerabilities

2024-05-31 18:15:28

cve

CVE-2024-34064

2024-05-06 15:15:23

amazon

Medium: python3-jinja2

2024-06-19 19:15:00

Medium: python-jinja2

2024-06-19 19:15:00

vulnrichment

CVE-2024-34064 Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

2024-05-06 14:41:39

oracle

Oracle Critical Patch Update Advisory - July 2024

2024-07-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

AI Score

6.6

Confidence

Low

EPSS

Percentile

10.3%

JSON

Related for FEDORA:D4AC7204A470