Oval Definition:	oval:com.ubuntu.bionic:def:20198341000
Revision Date: 2019-02-15 Version: 1 Title: CVE-2019-8341 on Ubuntu 18.04 LTS (bionic) - medium. Description: An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-8341 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND While related to the CVE in some way, a decision has been made to ignore it (note: 'rejected by upstream').
BACK