1. CVE-Search
  2. CVE-2019-10906
ID CVE-2019-10906
Summary In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
References
Vulnerable Configurations
  • cpe:2.3:a:palletsprojects:jinja:2.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:palletsprojects:jinja:2.8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • bugzilla
    id 1698839
    title CVE-2019-10906 python-jinja2: str.format_map allows sandbox escape
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • comment python3-jinja2 is earlier than 0:2.10.1-2.el8_0
        oval oval:com.redhat.rhsa:tst:20191152001
      • comment python3-jinja2 is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20191152002
    rhsa
    id RHSA-2019:1152
    released 2019-05-13
    severity Important
    title RHSA-2019:1152: python-jinja2 security update (Important)
  • rhsa
    id RHSA-2019:1237
  • rhsa
    id RHSA-2019:1329
rpms
  • python3-jinja2-0:2.10.1-2.el8_0
  • rh-python35-python-jinja2-0:2.8.1-2.el6
  • rh-python35-python-jinja2-0:2.8.1-2.el7
  • rh-python36-python-jinja2-0:2.9.6-3.el6
  • rh-python36-python-jinja2-0:2.9.6-3.el7
  • ansible-runner-0:1.3.4-2.el7ar
  • ansiblerole-foreman_scap_client-0:0.0.3-1.el7sat
  • ansiblerole-insights-client-0:1.6-2.el7sat
  • candlepin-0:2.6.9-1.el7sat
  • candlepin-selinux-0:2.6.9-1.el7sat
  • createrepo_c-0:0.7.4-1.el7sat
  • createrepo_c-debuginfo-0:0.7.4-1.el7sat
  • createrepo_c-libs-0:0.7.4-1.el7sat
  • foreman-0:1.22.0.32-1.el7sat
  • foreman-bootloaders-redhat-0:201901011200-1.el7sat
  • foreman-bootloaders-redhat-tftpboot-0:201901011200-1.el7sat
  • foreman-cli-0:1.22.0.32-1.el7sat
  • foreman-debug-0:1.22.0.32-1.el7sat
  • foreman-discovery-image-1:3.5.4-6.el7sat
  • foreman-ec2-0:1.22.0.32-1.el7sat
  • foreman-gce-0:1.22.0.32-1.el7sat
  • foreman-installer-1:1.22.0.16-1.el7sat
  • foreman-installer-katello-1:1.22.0.16-1.el7sat
  • foreman-journald-0:1.22.0.32-1.el7sat
  • foreman-libvirt-0:1.22.0.32-1.el7sat
  • foreman-openstack-0:1.22.0.32-1.el7sat
  • foreman-ovirt-0:1.22.0.32-1.el7sat
  • foreman-postgresql-0:1.22.0.32-1.el7sat
  • foreman-proxy-0:1.22.0.2-1.el7sat
  • foreman-proxy-content-0:3.12.0-2.el7sat
  • foreman-proxy-journald-0:1.22.0.2-1.el7sat
  • foreman-rackspace-0:1.22.0.32-1.el7sat
  • foreman-selinux-0:1.22.0-1.el7sat
  • foreman-telemetry-0:1.22.0.32-1.el7sat
  • foreman-vmware-0:1.22.0.32-1.el7sat
  • hfsplus-tools-0:332.14-12.el7
  • hfsplus-tools-debuginfo-0:332.14-12.el7
  • katello-0:3.12.0-2.el7sat
  • katello-certs-tools-0:2.6.0-1.el7sat
  • katello-client-bootstrap-0:1.7.3-1.el7sat
  • katello-common-0:3.12.0-2.el7sat
  • katello-debug-0:3.12.0-2.el7sat
  • katello-selinux-0:3.1.1-2.el7sat
  • katello-service-0:3.12.0-2.el7sat
  • kobo-0:0.5.1-1.el7sat
  • libmodulemd-0:1.7.0-1.pulp.el7sat
  • libmodulemd-debuginfo-0:1.7.0-1.pulp.el7sat
  • libsolv-0:0.7.4-3.pulp.el7sat
  • libsolv-debuginfo-0:0.7.4-3.pulp.el7sat
  • libwebsockets-0:2.4.2-2.el7
  • libwebsockets-debuginfo-0:2.4.2-2.el7
  • livecd-tools-1:20.4-1.6.el7sat
  • mod_passenger-0:4.0.18-24.el7sat
  • mod_xsendfile-0:0.12-11.el7sat
  • mod_xsendfile-debuginfo-0:0.12-11.el7sat
  • ostree-0:2017.1-2.atomic.el7
  • ostree-debuginfo-0:2017.1-2.atomic.el7
  • pcp-mmvstatsd-0:0.4-2.el7sat
  • pulp-admin-client-0:2.19.1.1-1.el7sat
  • pulp-docker-admin-extensions-0:3.2.3.1-2.el7sat
  • pulp-docker-plugins-0:3.2.3.1-2.el7sat
  • pulp-katello-0:1.0.3-1.el7sat
  • pulp-maintenance-0:2.19.1.1-1.el7sat
  • pulp-nodes-child-0:2.19.1.1-1.el7sat
  • pulp-nodes-common-0:2.19.1.1-1.el7sat
  • pulp-nodes-parent-0:2.19.1.1-1.el7sat
  • pulp-ostree-admin-extensions-0:1.3.1-2.el7sat
  • pulp-ostree-plugins-0:1.3.1-2.el7sat
  • pulp-puppet-admin-extensions-0:2.19.1-2.el7sat
  • pulp-puppet-plugins-0:2.19.1-2.el7sat
  • pulp-puppet-tools-0:2.19.1-2.el7sat
  • pulp-rpm-admin-extensions-0:2.19.1.1-2.el7sat
  • pulp-rpm-plugins-0:2.19.1.1-2.el7sat
  • pulp-selinux-0:2.19.1.1-1.el7sat
  • pulp-server-0:2.19.1.1-1.el7sat
  • puppet-agent-0:5.5.12-1.el7sat
  • puppet-agent-oauth-0:0.5.1-3.el7sat
  • puppet-foreman_scap_client-0:0.3.19-2.el7sat
  • puppetlabs-stdlib-0:4.25.1-2.el7sat
  • puppetserver-0:5.3.8-1.el7sat
  • pycairo-0:1.16.3-9.el7sat
  • pycairo-debuginfo-0:1.16.3-9.el7sat
  • pygobject3-debuginfo-0:3.28.3-2.el7sat
  • python-billiard-debuginfo-1:3.5.0.3-3.el7sat
  • python-blinker-0:1.3-2.el7sat
  • python-bson-0:3.2-2.el7sat
  • python-gnupg-0:0.3.7-1.el7ui
  • python-gofer-0:2.12.5-5.el7sat
  • python-gofer-qpid-0:2.12.5-5.el7sat
  • python-imgcreate-1:20.4-1.6.el7sat
  • python-kid-0:0.9.6-11.el7sat
  • python-markupsafe-debuginfo-0:0.23-21.el7sat
  • python-mongoengine-0:0.10.5-2.el7sat
  • python-oauth2-0:1.5.211-8.el7sat
  • python-psutil-0:5.0.1-3.el7sat
  • python-psutil-debuginfo-0:5.0.1-3.el7sat
  • python-pulp-agent-lib-0:2.19.1.1-1.el7sat
  • python-pulp-bindings-0:2.19.1.1-1.el7sat
  • python-pulp-client-lib-0:2.19.1.1-1.el7sat
  • python-pulp-common-0:2.19.1.1-1.el7sat
  • python-pulp-docker-common-0:3.2.3.1-2.el7sat
  • python-pulp-integrity-0:2.19.1.1-2.el7sat
  • python-pulp-oid_validation-0:2.19.1.1-1.el7sat
  • python-pulp-ostree-common-0:1.3.1-2.el7sat
  • python-pulp-puppet-common-0:2.19.1-2.el7sat
  • python-pulp-repoauth-0:2.19.1.1-1.el7sat
  • python-pulp-rpm-common-0:2.19.1.1-2.el7sat
  • python-pulp-streamer-0:2.19.1.1-1.el7sat
  • python-pycurl-debuginfo-0:7.43.0.2-4.el7sat
  • python-pymongo-0:3.2-2.el7sat
  • python-pymongo-debuginfo-0:3.2-2.el7sat
  • python-pymongo-gridfs-0:3.2-2.el7sat
  • python-qpid-0:1.35.0-5.el7
  • python-qpid-proton-0:0.28.0-1.el7
  • python-qpid-qmf-0:1.36.0-28.el7amq
  • python-saslwrapper-0:0.22-5.el7sat
  • python-semantic_version-0:2.2.0-6.el7sat
  • python-simplejson-0:3.2.0-1.el7sat
  • python-simplejson-debuginfo-0:3.2.0-1.el7sat
  • python-twisted-debuginfo-0:16.4.1-12.el7sat
  • python-zope-interface-0:4.0.5-4.el7
  • python-zope-interface-debuginfo-0:4.0.5-4.el7
  • python2-amqp-0:2.2.2-5.el7sat
  • python2-ansible-runner-0:1.3.4-2.el7ar
  • python2-anyjson-0:0.3.3-11.el7sat
  • python2-billiard-1:3.5.0.3-3.el7sat
  • python2-celery-0:4.0.2-9.el7sat
  • python2-click-0:6.7-9.el7sat
  • python2-crane-0:3.3.1-9.el7sat
  • python2-daemon-0:2.1.2-7.el7at
  • python2-django-0:1.11.13-1.el7sat
  • python2-flask-1:0.12.2-4.el7sat
  • python2-future-0:0.16.0-11.el7sat
  • python2-gobject-0:3.28.3-2.el7sat
  • python2-gobject-base-0:3.28.3-2.el7sat
  • python2-isodate-0:0.5.4-12.el7sat
  • python2-itsdangerous-0:0.24-15.el7sat
  • python2-jinja2-0:2.10-10.el7sat
  • python2-kombu-10:4.0.2-13.el7sat
  • python2-lockfile-1:0.11.0-10.el7ar
  • python2-markupsafe-0:0.23-21.el7sat
  • python2-nectar-0:1.6.0-1.el7sat
  • python2-okaara-0:1.0.37-2.el7sat
  • python2-pexpect-0:4.6-1.el7at
  • python2-ptyprocess-0:0.5.2-3.el7at
  • python2-pycurl-0:7.43.0.2-4.el7sat
  • python2-solv-0:0.7.4-3.pulp.el7sat
  • python2-twisted-0:16.4.1-12.el7sat
  • python2-vine-10:1.1.3-6.el7sat
  • python2-werkzeug-0:0.12.2-5.el7sat
  • qpid-cpp-client-0:1.36.0-28.el7amq
  • qpid-cpp-client-devel-0:1.36.0-28.el7amq
  • qpid-cpp-debuginfo-0:1.36.0-28.el7amq
  • qpid-cpp-server-0:1.36.0-28.el7amq
  • qpid-cpp-server-linearstore-0:1.36.0-28.el7amq
  • qpid-dispatch-debuginfo-0:1.5.0-4.el7
  • qpid-dispatch-router-0:1.5.0-4.el7
  • qpid-dispatch-tools-0:1.5.0-4.el7
  • qpid-proton-c-0:0.28.0-1.el7
  • qpid-proton-debuginfo-0:0.28.0-1.el7
  • qpid-qmf-0:1.36.0-28.el7amq
  • qpid-tools-0:1.36.0-28.el7amq
  • redhat-access-insights-puppet-0:1.0.0-1.el7sat
  • repoview-0:0.6.6-11.el7sat
  • rhel8-kickstart-setup-0:0.0.2-1.el7sat
  • rubygem-ansi-0:1.4.3-3.el7sat
  • rubygem-bundler_ext-0:0.4.1-3.el7sat
  • rubygem-clamp-0:1.1.2-2.el7sat
  • rubygem-concurrent-ruby-1:1.1.4-2.el7sat
  • rubygem-facter-0:2.4.1-2.el7sat
  • rubygem-faraday-0:0.15.4-1.el7sat
  • rubygem-faraday_middleware-0:0.13.1-1.el7sat
  • rubygem-fast_gettext-0:1.1.0-4.el7sat
  • rubygem-ffi-0:1.4.0-3.el7sat
  • rubygem-ffi-debuginfo-0:1.4.0-3.el7sat
  • rubygem-foreman_scap_client-0:0.4.6-1.el7sat
  • rubygem-gssapi-0:1.1.2-4.el7sat
  • rubygem-hashie-0:2.0.5-5.el7sat
  • rubygem-highline-0:1.7.8-3.el7sat
  • rubygem-infoblox-0:3.0.0-1.el7sat
  • rubygem-journald-logger-0:2.0.4-2.el7sat
  • rubygem-journald-native-0:1.0.11-2.el7sat
  • rubygem-journald-native-debuginfo-0:1.0.11-2.el7sat
  • rubygem-jwt-0:1.2.1-1.el7sat
  • rubygem-kafo-0:3.0.0-1.el7sat
  • rubygem-kafo_parsers-0:1.0.0-1.el7sat
  • rubygem-kafo_wizards-0:0.0.1-2.el7sat
  • rubygem-little-plugger-0:1.1.3-22.el7sat
  • rubygem-logging-0:2.2.2-4.el7sat
  • rubygem-logging-journald-0:2.0.0-2.el7sat
  • rubygem-mime-types-0:1.19-7.el7sat
  • rubygem-multi_json-0:1.12.2-2.el7sat
  • rubygem-multipart-post-0:2.0.0-1.el7sat
  • rubygem-net-ssh-0:4.2.0-1.el7sat
  • rubygem-netrc-0:0.7.7-9.el7sat
  • rubygem-newt-0:0.9.6-3.el7sat
  • rubygem-newt-debuginfo-0:0.9.6-3.el7sat
  • rubygem-oauth-0:0.5.4-2.el7sat
  • rubygem-openscap-0:0.4.7-4.el7sat
  • rubygem-passenger-0:4.0.18-24.el7sat
  • rubygem-passenger-debuginfo-0:4.0.18-24.el7sat
  • rubygem-passenger-native-0:4.0.18-24.el7sat
  • rubygem-passenger-native-libs-0:4.0.18-24.el7sat
  • rubygem-powerbar-0:2.0.1-2.el7sat
  • rubygem-rack-1:1.6.4-3.el7sat
  • rubygem-rack-protection-0:1.5.3-4.el7sat
  • rubygem-rake-0:0.9.2.2-41.el7sat
  • rubygem-rb-inotify-0:0.9.7-5.el7sat
  • rubygem-rest-client-0:1.6.7-7.el7sat
  • rubygem-rkerberos-0:0.1.5-15.el7sat
  • rubygem-rkerberos-debuginfo-0:0.1.5-15.el7sat
  • rubygem-rsec-0:0.4.3-1.el7sat
  • rubygem-rubyipmi-0:0.10.0-3.el7sat
  • rubygem-sinatra-1:1.4.7-3.el7sat
  • rubygem-smart_proxy_ansible-0:3.0.1-1.el7sat
  • rubygem-smart_proxy_dhcp_infoblox-0:0.0.15-1.el7sat
  • rubygem-smart_proxy_dhcp_remote_isc-0:0.0.4-1.el7sat
  • rubygem-smart_proxy_discovery-0:1.0.5-1.el7sat
  • rubygem-smart_proxy_discovery_image-0:1.0.9-2.el7sat
  • rubygem-smart_proxy_dns_infoblox-0:1.0.0-1.el7sat
  • rubygem-smart_proxy_dynflow-0:0.2.2-2.el7sat
  • rubygem-smart_proxy_openscap-0:0.7.2-1.el7sat
  • rubygem-smart_proxy_pulp-0:1.4.1-1.el7sat
  • rubygem-smart_proxy_remote_execution_ssh-0:0.2.1-2.el7sat
  • rubygem-tilt-0:1.3.7-2.git.0.3b416c9.el7sat
  • saslwrapper-0:0.22-5.el7sat
  • saslwrapper-debuginfo-0:0.22-5.el7sat
  • satellite-0:6.6.0-7.el7sat
  • satellite-capsule-0:6.6.0-7.el7sat
  • satellite-cli-0:6.6.0-7.el7sat
  • satellite-common-0:6.6.0-7.el7sat
  • satellite-debug-tools-0:6.6.0-7.el7sat
  • satellite-installer-0:6.6.0.21-1.el7sat
  • tfm-ror52-rubygem-actioncable-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-actionmailer-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-actionpack-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-actionview-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-activejob-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-activemodel-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-activerecord-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-activestorage-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-activesupport-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-arel-0:9.0.0-1.el7sat
  • tfm-ror52-rubygem-builder-0:3.2.3-1.el7sat
  • tfm-ror52-rubygem-coffee-rails-0:4.2.2-1.el7sat
  • tfm-ror52-rubygem-coffee-script-0:2.4.1-1.el7sat
  • tfm-ror52-rubygem-coffee-script-source-0:1.12.2-1.el7sat
  • tfm-ror52-rubygem-concurrent-ruby-0:1.1.4-1.el7sat
  • tfm-ror52-rubygem-crass-0:1.0.4-1.el7sat
  • tfm-ror52-rubygem-erubi-0:1.7.1-1.el7sat
  • tfm-ror52-rubygem-execjs-0:2.7.0-1.el7sat
  • tfm-ror52-rubygem-globalid-0:0.4.1-3.el7sat
  • tfm-ror52-rubygem-i18n-0:1.4.0-1.el7sat
  • tfm-ror52-rubygem-loofah-0:2.2.2-2.el7sat
  • tfm-ror52-rubygem-mail-0:2.7.0-1.el7sat
  • tfm-ror52-rubygem-marcel-0:0.3.2-1.el7sat
  • tfm-ror52-rubygem-method_source-0:0.9.0-1.el7sat
  • tfm-ror52-rubygem-mime-types-0:3.2.2-1.el7sat
  • tfm-ror52-rubygem-mime-types-data-0:3.2018.0812-1.el7sat
  • tfm-ror52-rubygem-mimemagic-0:0.3.2-1.el7sat
  • tfm-ror52-rubygem-mini_mime-0:1.0.0-1.el7sat
  • tfm-ror52-rubygem-mini_portile2-0:2.3.0-1.el7sat
  • tfm-ror52-rubygem-multi_json-0:1.13.1-1.el7sat
  • tfm-ror52-rubygem-mustermann-0:1.0.2-1.el7sat
  • tfm-ror52-rubygem-nio4r-0:2.3.1-1.el7sat
  • tfm-ror52-rubygem-nio4r-debuginfo-0:2.3.1-1.el7sat
  • tfm-ror52-rubygem-nokogiri-0:1.8.4-2.el7sat
  • tfm-ror52-rubygem-nokogiri-debuginfo-0:1.8.4-2.el7sat
  • tfm-ror52-rubygem-rack-0:2.0.6-1.el7sat
  • tfm-ror52-rubygem-rack-protection-0:2.0.3-1.el7sat
  • tfm-ror52-rubygem-rack-test-0:1.1.0-1.el7sat
  • tfm-ror52-rubygem-rails-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-rails-dom-testing-0:2.0.3-3.el7sat
  • tfm-ror52-rubygem-rails-html-sanitizer-0:1.0.4-2.el7sat
  • tfm-ror52-rubygem-railties-0:5.2.1-1.el7sat
  • tfm-ror52-rubygem-sinatra-0:2.0.3-1.el7sat
  • tfm-ror52-rubygem-sprockets-0:3.7.2-3.el7sat
  • tfm-ror52-rubygem-sprockets-rails-0:3.2.1-1.el7sat
  • tfm-ror52-rubygem-sqlite3-0:1.3.13-1.el7sat
  • tfm-ror52-rubygem-sqlite3-debuginfo-0:1.3.13-1.el7sat
  • tfm-ror52-rubygem-thor-0:0.20.0-3.el7sat
  • tfm-ror52-rubygem-thread_safe-0:0.3.6-1.el7sat
  • tfm-ror52-rubygem-tilt-0:2.0.8-1.el7sat
  • tfm-ror52-rubygem-turbolinks-0:2.5.4-1.el7sat
  • tfm-ror52-rubygem-tzinfo-0:1.2.5-1.el7sat
  • tfm-ror52-rubygem-websocket-driver-0:0.7.0-1.el7sat
  • tfm-ror52-rubygem-websocket-driver-debuginfo-0:0.7.0-1.el7sat
  • tfm-ror52-rubygem-websocket-extensions-0:0.1.3-1.el7sat
  • tfm-ror52-runtime-0:1.0-4.el7sat
  • tfm-rubygem-activerecord-import-0:1.0.0-4.el7sat
  • tfm-rubygem-activerecord-session_store-0:1.1.1-2.el7sat
  • tfm-rubygem-addressable-0:2.6.0-1.el7sat
  • tfm-rubygem-algebrick-0:0.7.3-6.el7sat
  • tfm-rubygem-ancestry-0:3.0.0-3.el7sat
  • tfm-rubygem-anemone-0:0.7.2-20.el7sat
  • tfm-rubygem-angular-rails-templates-1:1.0.2-4.el7sat
  • tfm-rubygem-apipie-bindings-0:0.2.2-2.el7sat
  • tfm-rubygem-apipie-params-0:0.0.5-5.el7sat
  • tfm-rubygem-apipie-rails-0:0.5.14-1.el7sat
  • tfm-rubygem-audited-0:4.7.1-2.el7sat
  • tfm-rubygem-awesome_print-0:1.8.0-3.el7sat
  • tfm-rubygem-bundler_ext-0:0.4.1-4.el7sat
  • tfm-rubygem-clamp-0:1.1.2-5.el7sat
  • tfm-rubygem-concurrent-ruby-edge-1:0.4.1-1.el7sat
  • tfm-rubygem-css_parser-0:1.4.7-3.el7sat
  • tfm-rubygem-daemons-0:1.2.3-7.el7sat
  • tfm-rubygem-deacon-0:1.0.0-4.el7sat
  • tfm-rubygem-declarative-0:0.0.10-1.el7sat
  • tfm-rubygem-declarative-option-0:0.1.0-1.el7sat
  • tfm-rubygem-deep_cloneable-0:2.3.2-2.el7sat
  • tfm-rubygem-deface-0:1.3.2-1.el7sat
  • tfm-rubygem-diffy-0:3.0.1-6.el7sat
  • tfm-rubygem-domain_name-0:0.5.20160310-4.el7sat
  • tfm-rubygem-dynflow-0:1.2.3-1.el7sat
  • tfm-rubygem-ethon-0:0.12.0-1.el7sat
  • tfm-rubygem-excon-0:0.58.0-3.el7sat
  • tfm-rubygem-facter-0:2.4.0-6.el7sat
  • tfm-rubygem-faraday-0:0.15.4-1.el7sat
  • tfm-rubygem-fast_gettext-0:1.4.1-3.el7sat
  • tfm-rubygem-ffi-0:1.4.0-12.el7sat
  • tfm-rubygem-ffi-debuginfo-0:1.4.0-12.el7sat
  • tfm-rubygem-fog-aws-0:3.5.0-1.el7sat
  • tfm-rubygem-fog-core-0:2.1.0-1.el7sat
  • tfm-rubygem-fog-google-0:1.8.2-1.el7sat
  • tfm-rubygem-fog-json-0:1.2.0-1.el7sat
  • tfm-rubygem-fog-kubevirt-0:1.3.2-1.el7sat
  • tfm-rubygem-fog-libvirt-0:0.6.0-1.el7sat
  • tfm-rubygem-fog-openstack-0:1.0.8-2.el7sat
  • tfm-rubygem-fog-ovirt-0:1.1.5-1.el7sat
  • tfm-rubygem-fog-rackspace-0:0.1.4-3.el7sat
  • tfm-rubygem-fog-vsphere-0:3.2.1-1.el7sat
  • tfm-rubygem-fog-xml-0:0.1.2-7.el7sat
  • tfm-rubygem-foreman-tasks-0:0.15.11.1-1.el7sat
  • tfm-rubygem-foreman-tasks-core-0:0.3.2-1.el7sat
  • tfm-rubygem-foreman_ansible-0:3.0.7.1-1.el7sat
  • tfm-rubygem-foreman_ansible_core-0:3.0.1-1.el7sat
  • tfm-rubygem-foreman_bootdisk-0:15.0.0-1.el7sat
  • tfm-rubygem-foreman_discovery-0:15.0.2-1.el7sat
  • tfm-rubygem-foreman_docker-0:5.0.0.1-1.el7sat
  • tfm-rubygem-foreman_hooks-0:0.3.15-1.el7sat
  • tfm-rubygem-foreman_kubevirt-0:0.1.5.2-1.el7sat
  • tfm-rubygem-foreman_openscap-0:1.0.8-1.el7sat
  • tfm-rubygem-foreman_remote_execution-0:1.8.0.4-1.el7sat
  • tfm-rubygem-foreman_remote_execution_core-0:1.2.0-1.el7sat
  • tfm-rubygem-foreman_templates-0:6.0.3-2.el7sat
  • tfm-rubygem-foreman_theme_satellite-0:4.0.1.7-1.el7sat
  • tfm-rubygem-foreman_virt_who_configure-0:0.4.4-1.el7sat
  • tfm-rubygem-formatador-0:0.2.1-11.el7sat
  • tfm-rubygem-friendly_id-0:5.2.4-2.el7sat
  • tfm-rubygem-get_process_mem-0:0.2.1-3.el7sat
  • tfm-rubygem-gettext-0:3.1.4-10.el7sat
  • tfm-rubygem-gettext_i18n_rails-0:1.8.0-1.el7sat
  • tfm-rubygem-git-0:1.5.0-1.el7sat
  • tfm-rubygem-google-api-client-0:0.23.9-1.el7sat
  • tfm-rubygem-googleauth-0:0.6.7-1.el7sat
  • tfm-rubygem-graphql-0:1.8.14-1.el7sat
  • tfm-rubygem-graphql-batch-0:0.3.10-1.el7sat
  • tfm-rubygem-gssapi-0:1.2.0-6.el7sat
  • tfm-rubygem-hammer_cli-0:0.17.1-2.el7sat
  • tfm-rubygem-hammer_cli_foreman-0:0.17.0.8-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_admin-0:0.0.8-3.el7sat
  • tfm-rubygem-hammer_cli_foreman_ansible-0:0.3.2-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_bootdisk-0:0.1.3.3-5.el7sat
  • tfm-rubygem-hammer_cli_foreman_discovery-0:1.0.1-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_docker-0:0.0.6.4-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_kubevirt-0:0.1.3-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_openscap-0:0.1.7-2.el7sat
  • tfm-rubygem-hammer_cli_foreman_remote_execution-0:0.1.0-3.el7sat
  • tfm-rubygem-hammer_cli_foreman_tasks-0:0.0.13-2.el7sat
  • tfm-rubygem-hammer_cli_foreman_templates-0:0.1.2-2.el7sat
  • tfm-rubygem-hammer_cli_foreman_virt_who_configure-0:0.0.4-1.el7sat
  • tfm-rubygem-hammer_cli_katello-0:0.18.0.6-1.el7sat
  • tfm-rubygem-hashie-0:3.6.0-1.el7sat
  • tfm-rubygem-highline-0:1.7.8-4.el7sat
  • tfm-rubygem-http-0:3.3.0-1.el7sat
  • tfm-rubygem-http-cookie-0:1.0.2-5.el7sat
  • tfm-rubygem-http-form_data-0:2.1.1-1.el7sat
  • tfm-rubygem-http_parser.rb-0:0.6.0-1.el7sat
  • tfm-rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el7sat
  • tfm-rubygem-httpclient-0:2.8.3-1.el7sat
  • tfm-rubygem-ipaddress-0:0.8.0-11.el7sat
  • tfm-rubygem-jgrep-0:1.3.3-12.el7sat
  • tfm-rubygem-journald-logger-0:2.0.4-2.el7sat
  • tfm-rubygem-journald-native-0:1.0.11-2.el7sat
  • tfm-rubygem-journald-native-debuginfo-0:1.0.11-2.el7sat
  • tfm-rubygem-jwt-0:2.1.0-2.el7sat
  • tfm-rubygem-katello-0:3.12.0.27-1.el7sat
  • tfm-rubygem-kubeclient-0:4.3.0-1.el7sat
  • tfm-rubygem-ldap_fluff-0:0.4.7-3.el7sat
  • tfm-rubygem-little-plugger-0:1.1.3-24.el7sat
  • tfm-rubygem-locale-0:2.0.9-13.el7sat
  • tfm-rubygem-logging-0:2.2.2-5.el7sat
  • tfm-rubygem-logging-journald-0:2.0.0-2.el7sat
  • tfm-rubygem-memoist-0:0.16.0-1.el7sat
  • tfm-rubygem-multipart-post-0:2.0.0-1.el7sat
  • tfm-rubygem-net-ldap-0:0.15.0-3.el7sat
  • tfm-rubygem-net-ping-0:2.0.1-3.el7sat
  • tfm-rubygem-net-scp-0:1.2.1-3.el7sat
  • tfm-rubygem-net-ssh-0:4.2.0-1.el7sat
  • tfm-rubygem-net-ssh-krb-0:0.4.0-3.el7sat
  • tfm-rubygem-netrc-0:0.11.0-3.el7sat
  • tfm-rubygem-oauth-0:0.5.4-3.el7sat
  • tfm-rubygem-optimist-0:3.0.0-1.el7sat
  • tfm-rubygem-os-0:1.0.0-1.el7sat
  • tfm-rubygem-ovirt-engine-sdk-0:4.2.3-3.el7sat
  • tfm-rubygem-ovirt-engine-sdk-debuginfo-0:4.2.3-3.el7sat
  • tfm-rubygem-ovirt_provision_plugin-0:2.0.3-1.el7sat
  • tfm-rubygem-parse-cron-0:0.1.4-4.el7sat
  • tfm-rubygem-passenger-0:4.0.18-10.12.el7sat
  • tfm-rubygem-passenger-debuginfo-0:4.0.18-10.12.el7sat
  • tfm-rubygem-passenger-native-0:4.0.18-10.12.el7sat
  • tfm-rubygem-passenger-native-libs-0:4.0.18-10.12.el7sat
  • tfm-rubygem-pg-0:0.21.0-3.el7sat
  • tfm-rubygem-pg-debuginfo-0:0.21.0-3.el7sat
  • tfm-rubygem-polyglot-0:0.3.5-3.el7sat
  • tfm-rubygem-powerbar-0:2.0.1-2.el7sat
  • tfm-rubygem-prometheus-client-0:0.7.1-3.el7sat
  • tfm-rubygem-promise.rb-0:0.7.4-1.el7sat
  • tfm-rubygem-public_suffix-0:3.0.3-1.el7sat
  • tfm-rubygem-qpid_messaging-0:1.36.0-9.el7sat
  • tfm-rubygem-qpid_messaging-debuginfo-0:1.36.0-9.el7sat
  • tfm-rubygem-quantile-0:0.2.0-3.el7sat
  • tfm-rubygem-rabl-0:0.13.1-2.el7sat
  • tfm-rubygem-rack-cors-0:1.0.2-1.el7sat
  • tfm-rubygem-rack-jsonp-0:1.3.1-7.el7sat
  • tfm-rubygem-rails-i18n-0:5.1.1-2.el7sat
  • tfm-rubygem-rainbow-0:2.2.1-5.el7sat
  • tfm-rubygem-rbovirt-0:0.1.7-2.el7sat
  • tfm-rubygem-rbvmomi-0:2.2.0-1.el7sat
  • tfm-rubygem-record_tag_helper-0:1.0.0-2.el7sat
  • tfm-rubygem-recursive-open-struct-0:1.1.0-1.el7sat
  • tfm-rubygem-redhat_access-0:2.2.8-1.el7sat
  • tfm-rubygem-redhat_access_lib-0:1.1.5-1.el7sat
  • tfm-rubygem-representable-0:3.0.4-1.el7sat
  • tfm-rubygem-responders-0:2.4.0-2.el7sat
  • tfm-rubygem-rest-client-0:2.0.1-4.el7sat
  • tfm-rubygem-retriable-0:3.1.2-1.el7sat
  • tfm-rubygem-roadie-0:3.4.0-1.el7sat
  • tfm-rubygem-roadie-rails-0:2.0.0-1.el7sat
  • tfm-rubygem-robotex-0:1.0.0-21.el7sat
  • tfm-rubygem-ruby-libvirt-0:0.7.0-4.el7sat
  • tfm-rubygem-ruby-libvirt-debuginfo-0:0.7.0-4.el7sat
  • tfm-rubygem-ruby2ruby-0:2.4.0-2.el7sat
  • tfm-rubygem-ruby_parser-0:3.10.1-2.el7sat
  • tfm-rubygem-runcible-0:2.11.0-1.el7sat
  • tfm-rubygem-safemode-0:1.3.5-2.el7sat
  • tfm-rubygem-scoped_search-0:4.1.7-1.el7sat
  • tfm-rubygem-secure_headers-0:6.0.0-1.el7sat
  • tfm-rubygem-sequel-0:5.7.1-2.el7sat
  • tfm-rubygem-sexp_processor-0:4.10.0-5.el7sat
  • tfm-rubygem-signet-0:0.11.0-1.el7sat
  • tfm-rubygem-smart_proxy_dynflow_core-0:0.2.2-1.el7sat
  • tfm-rubygem-sshkey-0:1.9.0-3.el7sat
  • tfm-rubygem-statsd-instrument-0:2.1.4-2.el7sat
  • tfm-rubygem-text-0:1.3.0-7.el7sat
  • tfm-rubygem-typhoeus-0:1.3.1-1.el7sat
  • tfm-rubygem-uber-0:0.1.0-1.el7sat
  • tfm-rubygem-unf-0:0.1.3-7.el7sat
  • tfm-rubygem-unf_ext-0:0.0.6-9.el7sat
  • tfm-rubygem-unf_ext-debuginfo-0:0.0.6-9.el7sat
  • tfm-rubygem-unicode-0:0.4.4.1-6.el7sat
  • tfm-rubygem-unicode-debuginfo-0:0.4.4.1-6.el7sat
  • tfm-rubygem-unicode-display_width-0:1.0.5-5.el7sat
  • tfm-rubygem-validates_lengths_from_database-0:0.5.0-5.el7sat
  • tfm-rubygem-webpack-rails-0:0.9.8-5.el7sat
  • tfm-rubygem-wicked-0:1.3.3-1.el7sat
  • tfm-rubygem-will_paginate-0:3.1.5-3.el7sat
  • tfm-rubygem-x-editable-rails-0:1.5.5-4.el7sat
  • tfm-rubygem-zest-0:0.0.4-1.el7sat
  • tfm-runtime-0:5.0-7.el7sat
refmap via4
fedora
  • FEDORA-2019-04a42e480b
  • FEDORA-2019-4f978cacb4
  • FEDORA-2019-e41e19457b
misc https://palletsprojects.com/blog/jinja-2-10-1-released
mlist
  • [airflow-commits] 20190410 [GitHub] [airflow] XD-DENG commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
  • [airflow-commits] 20190410 [GitHub] [airflow] XD-DENG opened a new pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
  • [airflow-commits] 20190410 [GitHub] [airflow] ashb commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
  • [airflow-commits] 20190410 [GitHub] [airflow] ashb merged pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
  • [infra-devnull] 20190410 [GitHub] [airflow] XD-DENG commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
  • [infra-devnull] 20190410 [GitHub] [airflow] XD-DENG opened pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
  • [infra-devnull] 20190410 [GitHub] [airflow] ashb closed pull request #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
  • [infra-devnull] 20190410 [GitHub] [airflow] ashb commented on issue #5075: [AIRFLOW-XXX] Change allowed version of Jinja2 to fix CVE-2019-10906
suse
  • openSUSE-SU-2019:1395
  • openSUSE-SU-2019:1614
ubuntu
  • USN-4011-1
  • USN-4011-2
Last major update 24-08-2020 - 17:37
Published 07-04-2019 - 00:29
Last modified 24-08-2020 - 17:37
Back to Top