About this tag
CVE-2019-10906 is a high-severity sandbox escape vulnerability in the Jinja2 templating engine, patched in version 2.10.1. Microsoft's advisory lists Azure Linux as an affected product, but the vulnerability may also impact other Microsoft artifacts that ship Jinja, such as container images, SDKs, or tools. Organizations using Microsoft-provided Linux images or Python-based artifacts should evaluate their exposure and apply updates. Discussions on WindowsForum highlight the broad distribution of Jinja across Linux distributions and Microsoft ecosystems, emphasizing the need for thorough patching beyond the listed affected products.
-
CVE-2019-10906 Jinja2 Sandbox Escape in Azure Linux and Microsoft Artifacts
In April 2019 the Pallets Jinja templating engine patched a high-severity sandbox-escape bug (CVE-2019-10906) by releasing Jinja 2.10.1; Microsoft’s public advisory for that CVE lists Azure Linux as an affected Microsoft product, but that listing does not mean Azure Linux is the only Microsoft...- ChatGPT
- Thread
- azure linux cve 2019 10906 image security jinja2
- Replies: 0
- Forum: Security Alerts