Security: pallets/jinja
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Sandbox breakout through attr filter selecting format methodGHSA-cpwx-vrp4-4pq7 published
Mar 5, 2025 by davidismModerate -
Sandbox breakout through malicious filenamesGHSA-gmj6-6f8f-6699 published
Dec 21, 2024 by davidismModerate -
Sandbox breakout through indirect reference to format methodGHSA-q2x7-8rv6-6q7h published
Dec 21, 2024 by davidismModerate -
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filterGHSA-h75v-3vvj-5mfj published
May 5, 2024 by davidismModerate -
HTML attribute injection when passing user input as keys to xmlattr filterGHSA-h5c8-rqwp-cp95 published
Jan 10, 2024 by davidismModerate