Hi Hugo, On Mon, Apr 08, 2019 at 10:04:35AM +0200, Hugo Lefeuvre wrote: > > This should help confirming vulnerability in other suites. > > 2.7.3-1 and all later releases affected. In addition, both 2.7.3-1 and > 2.8-1 are affected by the previous str.format issue[0]. > > [0] https://palletsprojects.com/blog/jinja-281-released/
CVE-2016-10745 was assigned for this issue. Regards, Salvtore
