Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-462W-V97R-4M45
HistoryApr 10, 2019 - 2:30 p.m.

Jinja2 sandbox escape via string formatting

2019-04-1014:30:24
Google
osv.dev
9

8.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.2%

JSON

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

The sandbox is used to restrict what code can be evaluated when rendering untrusted, user-provided templates. Due to the way string formatting works in Python, the str.format_map method could be used to escape the sandbox.

This issue was previously addressed for the str.format method in Jinja 2.8.1, which discusses the issue in detail. However, the less-common str.format_map method was overlooked. This release applies the same sandboxing to both methods.

If you cannot upgrade Jinja, you can override the is_safe_attribute method on the sandbox and explicitly disallow the format_map method on string objects.

CPENameOperatorVersion
jinja2eq2.4
jinja2eq2.1.1
jinja2eq2.5
jinja2eq2.5.2
jinja2eq2.3.1
jinja2eq2.2
jinja2eq2.3
jinja2eq2.6
jinja2eq2.5.5
jinja2eq2.8
Rows per page:
1-10 of 311

References

Related

almalinux 1
cvelist 1
openvas 16
nessus 24
fedora 3
redhatcve 1
gitlab 1
prion 1
oraclelinux 1
osv 3
cve 1
ubuntucve 1
debiancve 1
github 1
veracode 2
amazon 1
redhat 4
nvd 1
rocky 1
mageia 1
ubuntu 2
suse 2
almalinux
almalinux
Important: python-jinja2 security update
2019-05-13 10:43:53
cvelist
cvelist
CVE-2019-10906
2019-04-06 23:17:03
openvas
openvas
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2020-1127)
2020-02-24 00:00:00
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2020-1767)
2020-07-03 00:00:00
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2020-2202)
2020-10-21 00:00:00
nessus
nessus
Amazon Linux 2 : python3-jinja2 (ALAS-2024-2582)
2024-06-24 00:00:00
Fedora 29 : python-jinja2 (2019-04a42e480b)
2019-04-29 00:00:00
RHEL 6 / 7 : rh-python36-python-jinja2 (RHSA-2019:1329)
2024-04-28 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: python-jinja2-2.10.1-1.fc29
2019-04-27 23:11:30
[SECURITY] Fedora 28 Update: python-jinja2-2.10.1-1.fc28
2019-04-27 21:36:25
[SECURITY] Fedora 30 Update: python-jinja2-2.10.1-1.fc30
2019-04-27 21:32:21
redhatcve
redhatcve
CVE-2019-10906
2019-10-10 05:29:37
gitlab
gitlab
Sandbox Escape
2019-04-06 00:00:00
prion
prion
Code injection
2019-04-07 00:29:00
oraclelinux
oraclelinux
python-jinja2 security update
2019-07-30 00:00:00
osv
osv
Important: python-jinja2 security update
2019-05-13 10:43:53
CVE-2019-10906
2019-04-07 00:29:00
PYSEC-2019-217
2019-04-07 00:29:00
cve
cve
CVE-2019-10906
2019-04-07 00:29:00
ubuntucve
ubuntucve
CVE-2019-10906
2019-04-06 00:00:00
debiancve
debiancve
CVE-2019-10906
2019-04-07 00:29:00
github
github
Jinja2 sandbox escape via string formatting
2019-04-10 14:30:24
veracode
veracode
Remote Code Execution (RCE)
2019-04-08 02:44:18
Sandbox Escape
2019-04-08 15:43:19
amazon
amazon
Important: python3-jinja2
2024-06-19 19:15:00
redhat
redhat
(RHSA-2019:1329) Important: rh-python36-python-jinja2 security update
2019-06-04 14:59:47
(RHSA-2019:1152) Important: python-jinja2 security update
2019-05-13 10:43:53
(RHSA-2019:1237) Important: rh-python35-python-jinja2 security update
2019-05-16 12:43:49
nvd
nvd
CVE-2019-10906
2019-04-07 00:29:00
rocky
rocky
python-jinja2 security update
2019-05-13 10:43:53
mageia
mageia
Updated python-jinja2 packages fix security vulnerability
2019-05-18 15:33:10
ubuntu
ubuntu
Jinja2 vulnerabilities
2019-06-06 00:00:00
Jinja2 vulnerabilities
2019-06-06 00:00:00
suse
suse
Security update for python-Jinja2 (important)
2019-06-24 00:00:00
Security update for python-Jinja2 (important)
2019-05-13 00:00:00

8.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.2%

JSON
Related for OSV:GHSA-462W-V97R-4M45
almalinux1cvelist1openvas16nessus24fedora3redhatcve1gitlab1prion1oraclelinux1osv3cve1ubuntucve1debiancve1github1veracode2amazon1redhat4nvd1rocky1mageia1ubuntu2suse2