Lucene search
+L

Jinja2 < 3.1.6 Sandbox Bypass (CVE-2025-27516)

🗓️ 10 Jul 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 3 Views

Jinja2 versions before 3.1.6 have a sandbox bypass via the attr filter enabling code execution.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ibm
Security Bulletin: IBM Truststore Manager uses jinja2-3.1.5-py3-none-any.whl which is vulnerable to CVE-2025-27516.
25 Jun 202509:43
ibm
ibm
Security Bulletin: A denial-of-service attack, TE.CL request smuggling, a man-in-the-middle attack, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
16 Apr 202516:15
ibm
ibm
Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion HCI and IBM Fusion HCI for watsonx
31 May 202514:07
ibm
ibm
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.0.1
11 Apr 202514:35
ibm
ibm
Security Bulletin: Location Service for ESRI Component uses multiple vulnerable libraries and wildcard characters when defining RBAC permissions in Dockerfiles which are vulnerable to multiple CVEs
6 May 202506:26
ibm
ibm
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses jinja2-3.1.5-py3-none-any.whl which is vulnerable to this CVE-2025-27516
1 Aug 202510:28
ibm
ibm
Security Bulletin: Vulnerability with spring-security-crypto and jinja affect IBM Cloud Object Storage Systems (July 2025)
1 Aug 202516:01
ibm
ibm
Security Bulletin: Vulnerabilities in Jinja , cryptography & OpenSSL can affect IBM Storage Protect Plus File Systems Agent Backup and Restore
21 Jun 202508:35
ibm
ibm
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Jinja (CVE-2025-27516)
20 Jun 202522:39
ibm
ibm
Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion
31 May 202514:06
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(326272);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/07/13");

  script_cve_id("CVE-2025-27516");

  script_name(english:"Jinja2 < 3.1.6 Sandbox Bypass (CVE-2025-27516)");

  script_set_attribute(attribute:"synopsis", value:
"A Python library installed on the remote host is affected by a sandbox bypass vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of Jinja2 installed on the remote host is prior to 3.1.6. It is, therefore,
affected by a sandbox bypass vulnerability:

  - An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows
    an attacker that controls the content of a template to execute arbitrary Python code. Jinja's
    sandbox does catch calls to str.format and ensures they don't escape the sandbox. However,
    it's possible to use the |attr filter to get a reference to a string's plain format method,
    bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's
    attribute lookup. (CVE-2025-27516)

Note that Nessus has not tested for this issue but has instead relied only on the application's
self-reported version number.");
  # https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3dd1deb9");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Jinja2 version 3.1.6 or later.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-27516");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/03/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/03/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/07/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"asset_categories", value:"component");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:palletsprojects:jinja2");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("python_packages_installed_nix.nbin", "python_packages_win_installed.nbin");
  script_require_ports("Host/nix/Python/Packages/Enumerated", "Host/win/Python/Packages/Enumerated");

  exit(0);
}

include('python.inc');

var pkg = 'jinja2';
var cpe = 'cpe:/a:palletsprojects:jinja2';

var libs = python::get_package_info(pkg_name:pkg, cpe:cpe);

if (empty_or_null(libs))
  audit(AUDIT_NOT_INST, pkg);

vcf::check_all_backporting(app_info:libs);

var constraints = [
  {'fixed_version': '3.1.6'}
];

vcf::check_version_and_report(app_info:libs, constraints:constraints, severity:SECURITY_WARNING);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Jul 2026 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.18.8
CVSS 45.4
EPSS0.00476
SSVC
3