Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi jinja2 Security Advisories

Moderate

GSA_kwCzR0hTQS1oNWM4LXJxd3AtY3A5Nc4AA4Ys

Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
Ecosystems: pypi
Packages: jinja2
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 4 months ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczcnEtZzI5NS00ajNt

Regular Expression Denial of Service (ReDoS) in Jinja2
Ecosystems: pypi
Packages: jinja2
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: about 3 years ago

Statistics

Advisories: 18,438
Packages: 8,316
Repositories: 1
Ecosystems: 12

Filter by Severity

Moderate 7,962 High 6,379 Critical 2,816 Low 990

Filter by Ecosystem

maven 5,537 packagist 3,820 pypi 3,748 npm 3,551 go 1,904 nuget 1,391 rubygems 814 cargo 779 swift 31 hex 30 actions 16 pub 8

Filter by Package

tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 django 80 apache-airflow 78 ansible 63 salt 53 apache-superset 49 Plone 47 plone 43 rdiffweb 42 Pillow 41 vyper 38 matrix-synapse 35 mlflow 31 opencv-contrib-python 30 opencv-python 30 Django 28 moin 23 langchain 18 PaddlePaddle 17 mercurial 17 cobbler 17 nova 17 pillow 16 keystone 16 cryptography 15 gradio 15 paddlepaddle 15 notebook 15 modoboa 14 pyftpdlib 14 pyload-ng 14 neutron 13 vantage6 12 OctoPrint 12 glance 11 urllib3 11 calibreweb 11 twisted 11 aiohttp 11 onionshare-cli 11 trytond 10 Flask-AppBuilder 10 wagtail 10 ethyca-fides 9 kiwitcms 9 ryu 9 Zope 9 zope 9 opencv-python-headless 9 opencv-contrib-python-headless 9 waitress 9 nautobot 8 label-studio 8 trac 8 aubio 8 numpy 8 python-keystoneclient 8 roundup 8 pip 7 matrix-sydent 7 jupyter-server 7 scrapy 7 pgadmin4 7 lief 7 pysaml2 7 swift 7 ipython 7 mailman 6 Zope2 6 apache-airflow-providers-apache-hive 6 sentry 6 horizon 6 lxml 6 mindsdb 6 graphite-web 6 inventree 6 web2py 6 tuf 6 lmdb 5 Jinja2 5 saleor 5 feedparser 5 requests 5 bleach 5 pyspark 5 python-gnupg 5 Products.CMFPlone 5 whoogle-search 5 cinder 5 ckan 5 Moin 5 paramiko 5 PyPDF2 4 omero-web 4 keylime 4 Pygments 4 reportlab 4 markdown2 4 Werkzeug 4 yt-dlp 4 Radicale 4 nvflare 4 Flask-Security-Too 4 pretix 4 datasette 4 ansible-core 4 nltk 4 grpc 4 qutebrowser 4 Keystone 4 tripleo-heat-templates 4 starlette 4 werkzeug 4 grpcio 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 jupyterhub 4 oauthenticator 4 jwcrypto 4 httpie 4 transformers 4 aws-iot-device-sdk-v2 4 awsiotsdk 4 buildbot 4 tornado 4 esphome 4 FreeTAKServer-UI 4 bottle 4 GitPython 4 ansible-runner 3 mistune 3 copyparty 3 fava 3 keystonemiddleware 3 asyncua 3 Nova 3 protobuf 3 rsa 3 wger 3 sanic 3 gerapy 3 flask 3 pandasai 3 apache-iotdb 3 barbican 3 keyring 3 mayan-edms 3 Products.PluggableAuthService 3 ajenti 3 openvpn-monitor 3 pywasm3 3 indico 3 aim 3 bitlyshortener 3 indy-node 3 ecdsa 3 streamlit 3 clearml 3 django-helpdesk 3 docassemble.webapp 3 httplib2 3 onnx 3 plone.supermodel 3 ray 3 zenml 3 quokka 3 Kallithea 3 apache-libcloud 3 plone.app.dexterity 3 plone.app.theming 3 asyncssh 3 pyarrow 3 plone.app.event 3 io.grpc:grpc-protobuf 3 SQLAlchemy 3 mitmproxy 3 changedetection.io 3 dulwich 3 pyyaml 3 sosreport 3 homeassistant 3 localstack 3 poetry 3 sqlparse 3 pycrypto 3 sickrage 3 torchserve 3 jupyterlab 3 octavia 3 Mezzanine 3 slixmpp 3 apache-airflow-providers-apache-spark 3 Weblate 3 ujson 3 python-jose 3 scalyr-agent-2 2 pyrad 2 ctx 2 aws-encryption-sdk-cli 2

Filter by Repository

https://github.com/pallets/jinja 2