OSV - Open Source Vulnerabilities

GHSA-cpwx-vrp4-4pq7

PyPI/jinja2

Jinja2 vulnerable to sandbox breakout through attr filter selecting format method

05 Mar 2025

Fix available
Severity - 5.4 (Medium)

GHSA-q2x7-8rv6-6q7h

PyPI/jinja2

Jinja has a sandbox breakout through indirect reference to format method

23 Dec 2024

Fix available
Severity - 5.4 (Medium)

GHSA-gmj6-6f8f-6699

PyPI/jinja2

Jinja has a sandbox breakout through malicious filenames

23 Dec 2024

Fix available
Severity - 5.4 (Medium)

GHSA-h75v-3vvj-5mfj

PyPI/jinja2

Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

06 May 2024

Fix available
Severity - 5.4 (Medium)

GHSA-h5c8-rqwp-cp95

PyPI/jinja2

Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

11 Jan 2024

Fix available
Severity - 5.4 (Medium)

GHSA-fqh9-2qgg-h84h

PyPI/jinja2

Insecure Temporary File in Jinja2

17 May 2022

Fix available
Severity - 6.9 (Medium)

GHSA-8r7q-cvjq-x353

PyPI/jinja2

Incorrect Privilege Assignment in Jinja2

14 May 2022

Fix available
Severity - 8.6 (High)

GHSA-g3rq-g295-4j3m

PyPI/jinja2

Regular Expression Denial of Service (ReDoS) in Jinja2

19 Mar 2021

Fix available
Severity - 6.9 (Medium)

PYSEC-2021-66

PyPI/jinja2

See record for full details

01 Feb 2021

Fix available

GHSA-462w-v97r-4m45

PyPI/jinja2

Jinja2 sandbox escape via string formatting

10 Apr 2019

Fix available
Severity - 7.7 (High)

GHSA-hj2j-77xm-mc5v

PyPI/jinja2

Jinja2 sandbox escape vulnerability

10 Apr 2019

Fix available
Severity - 7.7 (High)

PYSEC-2019-220

PyPI/jinja2
github.com/pallets/jinja

See record for full details

08 Apr 2019

Fix available

PYSEC-2019-217

PyPI/jinja2

See record for full details

07 Apr 2019

Fix available

PYSEC-2014-8

PyPI/jinja2

See record for full details

19 May 2014

Fix available

PYSEC-2014-82

PyPI/jinja2
github.com/mitsuhiko/jinja2

See record for full details

19 May 2014

Fix available