Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-cpwx-vrp4-4pq7

GitHub Security Advisory

Jinja2 vulnerable to sandbox breakout through attr filter selecting format method

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

An oversight in how the Jinja sandboxed environment interacts with the `|attr` filter allows an attacker that controls the content of a template to execute arbitrary Python code.

To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.

Jinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to use the `|attr` filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the `|attr` filter no longer bypasses the environment's attribute lookup.

Affected Packages

PyPI Jinja2
Affected versions: 0 (fixed in 3.1.6)

Related CVEs

CVE-2025-27516

Key Information

GHSA ID
GHSA-cpwx-vrp4-4pq7
Published
March 5, 2025 8:40 PM
Last Modified
May 1, 2025 3:31 AM
CVSS Score
5.0 /10
Primary Ecosystem
PyPI
Primary Package
Jinja2
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 9, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.