Safety CI > cookiecutter/cookiecutter-django

pyup-update-ruff-0.6.2-to-0.6.3

2 months, 4 weeks ago

3ec51b2b

Update ruff pre-commit hook

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.6.2-to-0.6.3

2 months, 4 weeks ago

c18b015e

Update ruff from 0.6.2 to 0.6.3

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.6.2-to-0.6.3

2 months, 4 weeks ago

cfe0e0ad

Update ruff from 0.6.2 to 0.6.3

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 4 weeks ago

83fbf9a7

Update djlint from 1.34.2 to 1.35.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-djlint-1.34.2-to-1.35.2

2 months, 4 weeks ago

c50621ea

Update djlint from 1.34.2 to 1.35.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-djlint-1.34.2-to-1.35.2

2 months, 4 weeks ago

955ebcf7

Update djlint from 1.34.2 to 1.35.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 4 weeks ago

6b7ca732

Auto-update pre-commit hooks (#5331)

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

update/pre-commit-autoupdate

2 months, 4 weeks ago

29585241

Auto-update pre-commit hooks

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 4 weeks ago

61ce28ba

Release 2024.08.28

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 4 weeks ago

d564f453

Update watchfiles to 0.24.0 (#5330)

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-watchfiles-0.21.0-to-0.24.0

2 months, 4 weeks ago

98f3b120

Update watchfiles from 0.21.0 to 0.24.0

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

2 months, 4 weeks ago

9fcb4fc2

Update djlint to 1.34.2 (#5329) * Update djlint from 1.34.1 to 1.34.2 * Update djlint from 1.34.

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-djlint-1.34.1-to-1.34.2

2 months, 4 weeks ago

c3d45e0a

Update djlint from 1.34.1 to 1.34.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-djlint-1.34.1-to-1.34.2

2 months, 4 weeks ago

7da5aeba

Update djlint from 1.34.1 to 1.34.2

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

3 months ago

2ff8a5f0

Release 2024.08.26

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.