Msrc Azl3 Nodejs 20.14.0-8 On Azure Linux 3.0 vulnerabilities
9 known vulnerabilities affecting msrc/azl3_nodejs_20.14.0-8_on_azure_linux_3.0.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM3LOW1
Vulnerabilities
Page 1 of 1
CVE-2025-47279LOWCVSS 3.12025-05-13
CVE-2025-47279 [LOW] CWE-401 undici Denial of Service attack via bad certificate data
undici Denial of Service attack via bad certificate data
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which
msrc
CVE-2025-27516HIGHCVSS 8.82025-03-11
CVE-2025-27516 [MEDIUM] CWE-1336 Jinja sandbox breakout through attr filter selecting format method
Jinja sandbox breakout through attr filter selecting format method
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sour
msrc
CVE-2024-56326HIGHCVSS 7.82024-12-10
CVE-2024-56326 [MEDIUM] CWE-1336 Jinja has a sandbox breakout through indirect reference to format method
Jinja has a sandbox breakout through indirect reference to format method
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of t
msrc
CVE-2024-56201HIGHCVSS 8.82024-12-10
CVE-2024-56201 [MEDIUM] CWE-150 Jinja has a sandbox breakout through malicious filenames
Jinja has a sandbox breakout through malicious filenames
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi
msrc
CVE-2024-21538HIGHCVSS 7.52024-11-12
CVE-2024-21538 [HIGH] CWE-1333 Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization.
Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits
msrc
CVE-2024-34064MEDIUMCVSS 5.42024-05-14
CVE-2024-34064 [MEDIUM] CWE-79 Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the
msrc
CVE-2024-22195MEDIUMCVSS 6.12024-01-09
CVE-2024-22195 [MEDIUM] CWE-79 Jinja vulnerable to Cross-Site Scripting (XSS)
Jinja vulnerable to Cross-Site Scripting (XSS)
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is comp
msrc
CVE-2020-28493MEDIUMCVSS 5.32021-02-09
CVE-2020-28493 [MEDIUM] CWE-400 Regular Expression Denial of Service (ReDoS)
Regular Expression Denial of Service (ReDoS)
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is compose
msrc
CVE-2019-10906HIGHCVSS 8.62019-04-09
CVE-2019-10906 [HIGH] In Pallets Jinja before 2.10.1 str.format_map allows a sandbox escape.
In Pallets Jinja before 2.10.1 str.format_map allows a sandbox escape.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source
msrc