Commit 5c6896d
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
Update jinja2 requirement to ~=3.1.6
Fixes 5 critical security vulnerabilities:
- CVE-2025-27516: Sandbox breakout through attr filter
- CVE-2024-56201: Sandbox breakout through malicious filenames
- CVE-2024-56326: Sandbox breakout through indirect format method
- CVE-2024-34064: HTML attribute injection via xmlattr filter
- CVE-2024-22195: HTML attribute injection with spaces in xmlattr
All tests pass with the new version.1 parent b901cc9 commit 5c6896d
1 file changed
+1
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | | - | |
| 2 | + | |
3 | 3 | | |
0 commit comments