Alerts This Week
Warning Icon 1 500
Alerts This Week
Warning Icon 1 500

Mageia 9 MGASA-2025-0050 moderate: python-jinja2 sandbox breakout

mageia
Calendar Grey February 12, 2025
Dist Mageia Esm H88
SECURITY-2025-0012 pertains to the ruby-rails cross-site scripting flaw affecting Mageia 9 installations.
Jinja has a sandbox breakout through an indirect reference to a format method

Summary

Jinja has a sandbox breakout through an indirect reference to a format method. (CVE-2024-56326)

References

- https://bugs.mageia.org/show_bug.cgi?id=33996

- https://lwn.net/Articles/1008460/

- https://www.cve.org/CVERecord?id=CVE-2024-56326

Topics%20covered

Topics Covered

security advisory update vulnerability python package Mageia sandbox breakout

Resolution

SRPMS

- 9/core/python-jinja2-3.1.5-1.mga9

Publication date: 12 Feb 2025
URL: https://advisories.mageia.org/MGASA-2025-0050.html
Type: security
CVE: CVE-2024-56326

Topics%20covered

Topics Covered

security advisory update vulnerability python package Mageia sandbox breakout

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here