CVE-2016-10745

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
palletsprojectsjinja
𝑥
< 2.8.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
jinja2
bullseye
2.11.3-1
fixed
stretch
no-dsa
jessie
no-dsa
bookworm
3.1.2-1
fixed
sid
3.1.3-1
fixed
trixie
3.1.3-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
jinja2
disco
not-affected
cosmic
not-affected
bionic
not-affected
xenial
Fixed 2.8-1ubuntu0.1
released
trusty
Fixed 2.7.2-2ubuntu0.1~esm1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html
https://access.redhat.com/errata/RHSA-2019:1022
https://access.redhat.com/errata/RHSA-2019:1237
https://access.redhat.com/errata/RHSA-2019:1260
https://access.redhat.com/errata/RHSA-2019:3964
https://access.redhat.com/errata/RHSA-2019:4062
https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16
https://palletsprojects.com/blog/jinja-281-released/
https://usn.ubuntu.com/4011-1/
https://usn.ubuntu.com/4011-2/
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html
https://access.redhat.com/errata/RHSA-2019:1022
https://access.redhat.com/errata/RHSA-2019:1237
https://access.redhat.com/errata/RHSA-2019:1260
https://access.redhat.com/errata/RHSA-2019:3964
https://access.redhat.com/errata/RHSA-2019:4062
https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16
https://palletsprojects.com/blog/jinja-281-released/
https://usn.ubuntu.com/4011-1/
https://usn.ubuntu.com/4011-2/