CVE-2019-10906
Published: 6 April 2019
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
Priority
CVSS 3 base score: 8.6
Status
Package | Release | Status |
---|---|---|
jinja2 Launchpad, Ubuntu, Debian |
bionic |
Released
(2.10-1ubuntu0.18.04.1)
|
cosmic |
Released
(2.10-1ubuntu0.18.10.1)
|
|
disco |
Released
(2.10-1ubuntu0.19.04.1)
|
|
precise |
Released
(2.6-1ubuntu0.2)
|
|
trusty |
Released
(2.7.2-2ubuntu0.1~esm1)
|
|
upstream |
Released
(2.10.1,2.10-2)
|
|
xenial |
Released
(2.8-1ubuntu0.1)
|