View all vulnerabilities

CVE-2016-10745

Jinja2 sandbox escape vulnerability

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
8.5
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected Versions
jinja2 < 2.8.1
Severity
High
Ecosystem
Python
Publish Date
April 10, 2019
Modified Date
September 24, 2024