fabric8-analytics-server Bump up version of Jinja to fix two CVEs found in tests/requirements.txt

Bump up version of Jinja to fix two CVEs found in tests/requirements.txt

Open tisnik opened this issue 6 years ago • 0 comments

Details of CVEs:

CVE-2019-10906
More information
high severity
Vulnerable versions: < 2.10.1
Patched version: 2.10.1

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
CVE-2016-10745
More information
high severity
Vulnerable versions: < 2.8.1
Patched version: 2.8.1

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.

Apr 23 '19 07:04 tisnik

fabric8-analytics-server fabric8-analytics-server copied to clipboard

Bump up version of Jinja to fix two CVEs found in tests/requirements.txt

fabric8-analytics-server
fabric8-analytics-server copied to clipboard