fabric8-analytics-server Fix the following security issues caused by usage of old 'Jinja2' library

Fix the following security issues caused by usage of old 'Jinja2' library

Open tisnik opened this issue 6 years ago • 0 comments

Security issue additional info:

CVE-2019-10906

high severity
Vulnerable versions: < 2.10.1
Patched version: 2.10.1

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
CVE-2016-10745

high severity
Vulnerable versions: < 2.8.1
Patched version: 2.8.1

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.

Apr 26 '19 06:04 tisnik

fabric8-analytics-server fabric8-analytics-server copied to clipboard

Fix the following security issues caused by usage of old 'Jinja2' library

fabric8-analytics-server
fabric8-analytics-server copied to clipboard