View all vulnerabilities

CVE-2016-10745

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
Score Vector
Affected Versions
jinja2 < 9b53045c34e61013dc8f09b7e52a555fa16bed16; jinja2 < 2.8.1
Severity
Ecosystem
Python
Publish Date
April 8, 2019
Modified Date
November 7, 2023