.avif)
View all vulnerabilities
CVE-2016-10745
Jinja2 sandbox escape vulnerability
Description
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgradingVulnerability Details
Score
8.5
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected Versions
jinja2 < 2.8.1
Severity
High
High
High
Ecosystem
Python
Publish Date
April 10, 2019
Modified Date
September 24, 2024