Safety CI > cookiecutter/cookiecutter-django

master

2 months, 1 week ago

c82e8255

Update psycopg to 3.2.2 (#5378)

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 1 week ago

09314028

Release 2024.09.15

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-psycopg-3.2.1-to-3.2.2

2 months, 1 week ago

fffb26d2

Update psycopg from 3.2.1 to 3.2.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-psycopg-3.2.1-to-3.2.2

2 months, 1 week ago

10f9289e

Update psycopg from 3.2.1 to 3.2.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-psycopg-3.2.1-to-3.2.2

2 months, 1 week ago

fdbf5e25

Update psycopg from 3.2.1 to 3.2.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 1 week ago

0b43f145

Update ruff to 0.6.5 (#5373) * Update ruff from 0.6.4 to 0.6.5 * Update ruff from 0.6.4 to 0.6.5

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

update/pre-commit-autoupdate

2 months, 1 week ago

f8354d09

Auto-update pre-commit hooks

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.6.4-to-0.6.5

2 months, 1 week ago

30293467

Auto-update pre-commit hooks (#5375) Co-authored-by: browniebroke <861044+browniebroke@users.norepl

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

update/pre-commit-autoupdate

2 months, 1 week ago

9ee6634b

Auto-update pre-commit hooks

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.6.4-to-0.6.5

2 months, 1 week ago

609f56df

Update ruff from 0.6.4 to 0.6.5

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.6.4-to-0.6.5

2 months, 1 week ago

99613732

Update ruff from 0.6.4 to 0.6.5

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 2 weeks ago

1f6b8b47

Release 2024.09.11

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 2 weeks ago

f3133629

Update djangorestframework-stubs from 3.15.0 to 3.15.1 (#5372)

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-djangorestframework-stubs-3.15.0-to-3.15.1

2 months, 2 weeks ago

45051f3c

Update djangorestframework-stubs from 3.15.0 to 3.15.1

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 2 weeks ago

043ecd7b

Update django-anymail to 12.0 (#5366)

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.