python-jinja2-2.11.3-6.el9
エラータID: AXSA:2024-9263:04
リリース日:
2024/12/12 Thursday - 18:28
題名:
python-jinja2-2.11.3-6.el9
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Jinja2 の xmlattr フィルターには、HTML テンプレート内に
'/'、'>'、および '=' などの非属性文字を挿入できてしまう問題
があるため、リモートの攻撃者により、細工された
テンプレートを介して、クロスサイトスクリプティング攻撃
を可能とする脆弱性が存在します。(CVE-2024-34064)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-34064
Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.
Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.
追加情報:
N/A
ダウンロード:
SRPMS
- python-jinja2-2.11.3-6.el9.src.rpm
MD5: c92c0065bf60ec90581fcee31e66beb4
SHA-256: 5777edc46840adadfbc693ed941478333720cd8978c509a2a7b078386e20d84b
Size: 267.76 kB
Asianux Server 9 for x86_64
- python3-jinja2-2.11.3-6.el9.noarch.rpm
MD5: a37b941f3f561e8d38aed80090373032
SHA-256: b65fa5c92f4fe7ff7438e19b19c9cdbb57bc41820e9e4aef7d7ab6dd8c10f6a2
Size: 250.04 kB
English