Safety CI > cookiecutter/cookiecutter-django

master

3 months, 1 week ago

d8051c9d

Release 2024.08.16

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.6.0-to-0.6.1

3 months, 1 week ago

d59ea347

Update ruff from 0.6.0 to 0.6.1

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.6.0-to-0.6.1

3 months, 1 week ago

6c863a30

Update ruff from 0.6.0 to 0.6.1

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

3 months, 1 week ago

47e63900

Update django-allauth to 64.1.0 (#5302)

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

3 months, 1 week ago

864581a1

Release 2024.08.15

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-django-allauth-64.0.0-to-64.1.0

3 months, 1 week ago

b40bbe09

Update django-allauth from 64.0.0 to 64.1.0

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

3 months, 1 week ago

dc0a5113

Update ruff to 0.6.0 (#5300) * Update ruff from 0.5.7 to 0.6.0 * Update ruff from 0.5.7 to 0.6.0

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.5.7-to-0.6.0

3 months, 1 week ago

8200b824

Omit default Ruff settings

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.5.7-to-0.6.0

3 months, 1 week ago

8a3058c4

Omit default Ruff settings

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.5.7-to-0.6.0

3 months, 1 week ago

f38c1ef2

Omit default Ruff settings

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.5.7-to-0.6.0

3 months, 1 week ago

a5e6a152

Update pytest style to match update Ruff rules

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.5.7-to-0.6.0

3 months, 1 week ago

5e1377d8

Update Ruff pre-commit hook

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.5.7-to-0.6.0

3 months, 1 week ago

0c7a0efd

Update ruff from 0.5.7 to 0.6.0

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

pyup-update-ruff-0.5.7-to-0.6.0

3 months, 1 week ago

9857e687

Update ruff from 0.5.7 to 0.6.0

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

master

3 months, 2 weeks ago

a97d2b8b

Release 2024.08.13

jinja2 3.1.4 has known security vulnerabilities.

Package	Installed	Affected	Info
jinja2	3.1.4	>=0	show In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

Package

Installed

Affected

Info

jinja2

3.1.4

>=0

show

In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the source parameter as a template object, renders it, and then returns it. The attacker can exploit it with INJECTION COMMANDS in a URI. 
NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.