all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6599-1: Jinja2 vulnerabilities

Add to bookmarks
Jan. 25, 2024, 4:06 p.m. |

Ubuntu security notices ubuntu.com

Yeting Li discovered that Jinja incorrectly handled certain regex.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and
Ubuntu 20.04 LTS. (CVE-2020-28493)

It was discovered that Jinja incorrectly handled certain HTML passed with
xmlatter filter. An attacker could inject arbitrary HTML attributes
keys and values potentially leading to XSS. (CVE-2024-22195)

attacker attributes cve denial of service filter html inject issue lts regex service ubuntu ubuntu 20.04 usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6757-2: PHP vulnerabilities 22 hours ago | ubuntu.com
advisory arbitrary code attacker code +15
USN-6762-1: GNU C Library vulnerabilities 1 day, 1 hour ago | ubuntu.com
arbitrary code attacker attackers code +14
USN-6747-2: Firefox regressions 1 day, 11 hours ago | ubuntu.com
advisory attacker denial of service domains +14
USN-6760-1: Gerbv vulnerability 2 days, 15 hours ago | ubuntu.com
application attacker crash data +10
LSN-0103-1: Kernel Live Patch Security Notice 3 days, 3 hours ago | ubuntu.com
attacker con cve data +21
USN-6758-1: JSON5 vulnerability 3 days, 3 hours ago | ubuntu.com
access application attacker denial of service +12
USN-6761-1: Anope vulnerability 3 days, 6 hours ago | ubuntu.com
accounts attacker changing credentials +7
USN-6759-1: FreeRDP vulnerabilities 3 days, 21 hours ago | ubuntu.com
attacker crash denial of service issue +7
USN-6757-1: PHP vulnerabilities 4 days ago | ubuntu.com
arbitrary code attacker code cookie +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs