All 5 CVE vulnerabilities found in jinja, with AI-generated Chinese analysis, references, and POCs.
Vendor: pallets
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-27516 | Jinja sandbox breakout through attr filter selecting format method CWE-1336 | 9.8 | - | 2025-03-05 |
| CVE-2024-56326 | Jinja has a sandbox breakout through indirect reference to format method CWE-1336 | 8.8 | - | 2024-12-23 |
| CVE-2024-56201 | Jinja has a sandbox breakout through malicious filenames CWE-150 | 8.1 | - | 2024-12-23 |
| CVE-2024-34064 | Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter CWE-79 | 5.4 | Medium | 2024-05-06 |
| CVE-2024-22195 | Jinja vulnerable to Cross-Site Scripting (XSS) CWE-79 | 5.4 | Medium | 2024-01-11 |
All 5 known CVE vulnerabilities affecting jinja with full Chinese analysis, references, and POCs where available.