CVE-2016-10745 — Use of Externally-Controlled Format String in Jinja

CWE-134 — Use of Externally-Controlled Format String CWE-138 — Improper Neutralization of Special Elements17 documents8 sources

Severity

8.6HIGHNVD

EPSS

1.0%

top 22.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Pocoo Jinja2 Palletsprojects Jinja

Timeline

PublishedApr 8

Latest updateJun 6

Description

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages4 packages

▶NVDpalletsprojects/jinja< 2.8.1

▶PyPIpocoo/jinja2< 2.8.1

▶Debianpocoo/jinja2< 2.9.4-1+3

▶Ubuntupocoo/jinja2< 2.8-1ubuntu0.1+2

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

jinja2 vulnerabilities↗2019-06-06

▶

OSV

jinja2 vulnerabilities↗2019-06-06

▶

OSV

Jinja2 sandbox escape vulnerability↗2019-04-10

▶

GHSA

Jinja2 sandbox escape vulnerability↗2019-04-10

▶

OSV

CVE-2016-10745: In Pallets Jinja before 2↗2019-04-08

▶

📋Vendor Advisories

Ubuntu

Jinja2 vulnerabilities↗2019-06-06

▶

Ubuntu

Jinja2 vulnerabilities↗2019-06-06

▶

Red Hat

python-jinja2: Sandbox escape due to information disclosure via str.format↗2016-12-29

▶

Debian

CVE-2016-10745: jinja2 - In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.↗2016

▶

💬Community

Bugzilla

CVE-2016-10745 python-jinja2: Sandbox escape due to information disclosure via str.format [fedora-28]↗2019-04-10

▶

Bugzilla

CVE-2016-10745 python-jinja2: Sandbox escape due to information disclosure via str.format [fedora-29]↗2019-04-10

▶

Bugzilla

CVE-2016-10745 python-jinja2: Sandbox escape due to information disclosure via str.format↗2019-04-10

▶

Bugzilla

CVE-2016-10745 python3-jinja2: python-jinja2: Sandbox escape due to information disclosure via str.format [epel-6]↗2019-04-10

▶

Bugzilla

CVE-2016-10745 python-jinja2-26: python-jinja2: Sandbox escape due to information disclosure via str.format [epel-6]↗2019-04-10

▶