Explore top 10 tips to secure your open-source projects now. Read More
×
Jinja2 could be made to hang if it received specially crafted input.
Software Description:
- jinja2: small but fast and easy to use stand-alone template engine
Details:
Yeting Li discovered that Jinja2 incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: python-jinja2 2.8-1ubuntu0.1+esm1 python3-jinja2 2.8-1ubuntu0.1+esm1 In general, a standard system update will make all the necessary changes.
CVE-2020-28493
Get the latest Linux and open source security news straight to your inbox.