wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-10-10 12:35:13 +02:00
Code Issues Projects Releases Wiki Activity
algo/requirements.txt
dependabot[bot] 5c6896d307
Update jinja2 requirement to ~=3.1.6 
Fixes 5 critical security vulnerabilities:
- CVE-2025-27516: Sandbox breakout through attr filter
- CVE-2024-56201: Sandbox breakout through malicious filenames  
- CVE-2024-56326: Sandbox breakout through indirect format method
- CVE-2024-34064: HTML attribute injection via xmlattr filter
- CVE-2024-22195: HTML attribute injection with spaces in xmlattr

All tests pass with the new version.
2025-08-02 23:42:21 -04:00

3 lines
37 B
Text
Raw Blame History

ansible==9.1.0
jinja2~=3.1.3
netaddr
Reference in a new issue View git blame Copy permalink