Lucene search
+L

17 matches found

osv
osv
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1475 Jinja has a sandbox breakout through indirect reference to format method

An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on th...

7.8CVSS7.1AI score0.005EPSS
Exploits0References8
redhat
redhat
added 2025/05/06 8:31 p.m.5 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
osv
osv
added 2025/03/28 1:55 p.m.3 views

SUSE-SU-2025:20254-1 Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: - CVE-2025-27516: Fixed Jinja sandbox breakout through attr filter selecting format method bsc1238879 - CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template bsc1234808 - CVE-2024-56326: Fixed sandbox...

8.8CVSS6.9AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/03/11 1:2 a.m.3 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/02/25 7:38 p.m.6 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/02/13 2:42 a.m.5 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/02/06 3:46 p.m.42 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/02/04 8:39 a.m.6 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/02/03 1:14 a.m.6 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/01/28 7:20 p.m.7 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/01/28 4:59 a.m.5 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/01/27 7:32 p.m.3 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/01/27 1:33 p.m.3 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/01/23 4:2 p.m.5 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
redhat
redhat
added 2025/01/14 9:2 a.m.2 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
openvas
openvas
added 2025/01/07 12:0 a.m.16 views

openSUSE Security Advisory (SUSE-SU-2025:0006-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.005EPSS
Exploits0References5
osv
osv
added 2024/12/23 5:56 p.m.3 views

GHSA-Q2X7-8RV6-6Q7H Jinja has a sandbox breakout through indirect reference to format method

An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on th...

7.8CVSS7.5AI score0.005EPSS
Exploits0References6
Rows per page
Query Builder