python-jinja2 vulnerabilities

Known vulnerabilities in the python-jinja2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Improper Neutralization of Special Elements Used in a Template Engine	<0:2.7.2-5.el7_9
M Improper Neutralization of Special Elements Used in a Template Engine	*
M Improper Neutralization of Special Elements Used in a Template Engine	*
H Improper Neutralization	*
H Improper Neutralization	*
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H Information Exposure	<0:2.7.2-2.el7sat
H SQL Injection	<0:2.7.2-2.el7sat
H Information Exposure	<0:2.7.2-2.el7sat
H Deserialization of Untrusted Data	<0:2.7.2-2.el7sat
H Cross-site Scripting (XSS)	<0:2.7.2-2.el7sat
H Cross-site Scripting (XSS)	<0:2.7.2-2.el7sat
H XML External Entity (XXE) Injection	<0:2.7.2-2.el7sat
H Information Exposure	<0:2.7.2-2.el7sat
H Use of a Broken or Risky Cryptographic Algorithm	<0:2.7.2-2.el7sat
H Improper Access Control	<0:2.7.2-2.el7sat
H Missing Required Cryptographic Step	<0:2.7.2-2.el7sat
H Missing Required Cryptographic Step	<0:2.7.2-2.el7sat
H Information Exposure	<0:2.7.2-2.el7sat
H Covert Timing Channel	<0:2.7.2-2.el7sat
H Incorrect Calculation	<0:2.7.2-2.el7sat
H Missing Required Cryptographic Step	<0:2.7.2-2.el7sat
H Missing Required Cryptographic Step	<0:2.7.2-2.el7sat
H Missing Required Cryptographic Step	<0:2.7.2-2.el7sat
H Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	<0:2.7.2-2.el7sat
H Improper Certificate Validation	<0:2.7.2-2.el7sat
M CVE-2013-6668	<0:2.7.2-2.el7sat
M Information Exposure	<0:2.7.2-2.el7sat
M Improper Input Validation	<0:2.7.2-2.el7sat
H Information Exposure	<0:2.7.2-2.el7sat
H Improper Input Validation	<0:2.7.2-2.el7sat
H Improper Input Validation	<0:2.7.2-2.el7sat
H Cross-site Scripting (XSS)	<0:2.7.2-2.el7sat
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<0:2.7.2-2.el7sat
M Omission of Security-relevant Information	<0:2.7.2-2.el7sat
H Information Exposure	<0:2.7.2-2.el7sat
H Incomplete Blacklist	<0:2.7.2-2.el7sat
H Resource Exhaustion	<0:2.7.2-2.el7cp
M Resource Exhaustion	<0:2.7.2-2.el7sat
H Out-of-Bounds	<0:2.7.2-2.el7sat
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_4
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_5
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_4
M Improper Neutralization of Special Elements	*
M Improper Neutralization of Special Elements	*
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_4
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
H Improper Neutralization of Special Elements	<0:2.7.2-3.el7_6
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Access Restriction Bypass	<0:2.7.2-2.el7sat
M Improper Data Handling	<0:2.7.2-2.el7sat
M Improper Data Handling	<0:2.7.2-2.el7sat
M Algorithmic Complexity	<0:2.7.2-2.el7sat

Vulnerability

Vulnerable Version

Improper Neutralization of Special Elements Used in a Template Engine

<0:2.7.2-5.el7_9

Improper Neutralization of Special Elements Used in a Template Engine