Medium: mock

🗓️ 04 Sep 2025 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 2 Views

Mock Jinja2 template expansion flaw enables root privilege escalation and arbitrary code execution.

Reporter	Title	Published	Views	Family All 31
ATTACKERKB	CVE-2023-6395	16 Jan 202415:15	–	attackerkb
Tenable Nessus	Amazon Linux 2 : mock, --advisory ALAS2MOCK-2025-001 (ALASMOCK-2025-001)	6 Sep 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : python-templated-dictionary, --advisory ALAS2MOCK2-2025-001 (ALASMOCK2-2025-001)	17 Sep 202500:00	–	nessus
Tenable Nessus	Fedora 38 : python-templated-dictionary (2024-4bd03c989b)	1 Feb 202400:00	–	nessus
Tenable Nessus	Fedora 39 : python-templated-dictionary (2024-f69989e7dd)	30 Jan 202400:00	–	nessus
Tenable Nessus	TencentOS Server 4: python-templated-dictionary (TSSA-2024:0916)	16 Jun 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-6395	3 Sep 202500:00	–	nessus
Amazon	Medium: python-templated-dictionary	16 Sep 202500:00	–	amazon
Circl	CVE-2023-6395	20 Jan 202412:25	–	circl
CNNVD	Mock Security Vulnerabilities	16 Jan 202400:00	–	cnnvd

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	any	mock	1.4.19-1.amzn2.0.2	mock-1.4.19-1.amzn2.0.2.noarch.rpm
Amazon Linux	2	any	mock-lvm	1.4.19-1.amzn2.0.2	mock-lvm-1.4.19-1.amzn2.0.2.noarch.rpm
Amazon Linux	2	any	mock-scm	1.4.19-1.amzn2.0.2	mock-scm-1.4.19-1.amzn2.0.2.noarch.rpm

04 Sep 2025 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS 3.16.7 - 9.8

EPSS0.0067

SSVC

mock vulnerability jinja2 templates privilege escalation root access arbitrary code execution remote execution