CVE-2025-27516

Aliases:GHSA-cpwx-vrp4-4pq7

Advisory lineage Upstream: 0 Downstream: 28

Downstream

ALPINE-CVE-2025-27516 DEBIAN-CVE-2025-27516 DLA-4126-1 MGASA-2025-0094 RHSA-2025:2688 RHSA-2025:3017

Modified

Published: 05 Mar 2025, 20:40

Last modified:26 Feb 2026, 19:09

Vulnerability Summary

Overall Risk (default)

medium

35/100

CVSS Score

8.8 HIGH

v3.1 (nvd)

EPSS Score

0.12% LOW

0% probability -0.15%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Mar 2025, 20:40

Published

Vulnerability first disclosed

26 Feb 2026, 19:09

Last Modified

Vulnerability information updated

Description

Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. This vulnerability is fixed in 3.1.6.

CVSS Metrics

v4.0•MEDIUM•Score: 5.4CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
v4.0•MEDIUM•Score: 5.4CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
v3.1•HIGH•Score: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.12%• Percentile: 31%

Techniques & Countermeasures

CWE-1336•Improper Neutralization of Special Elements Used in a Template Engine
The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.

Affected Systems

debian•debian_linux
11.0
pallets•jinja
< 3.1.6
palletsprojects•jinja
< 3.1.6
PyPI•jinja2
< 3.1.6