python-jinja2-2.11.3-8.el9_5
エラータID: AXSA:2025-9829:04
リリース日:
2025/04/04 Friday - 16:48
題名:
python-jinja2-2.11.3-8.el9_5
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Jinja のサンドボックス環境には、lattr フィルターとの送受信処理に
問題があるため、ローカルの攻撃者により、細工されたテンプレート
コンテンツの処理を介して、任意の Python コードの実行を可能とする
脆弱性が存在します。(CVE-2025-27516)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-27516
Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. This vulnerability is fixed in 3.1.6.
Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. This vulnerability is fixed in 3.1.6.
追加情報:
N/A
ダウンロード:
SRPMS
- python-jinja2-2.11.3-8.el9_5.src.rpm
MD5: fce677da3a9002e82291d80952fd0385
SHA-256: 261d15302beb3fb106d538593244d840c2bcad942a8685e98b16eb76c020803d
Size: 270.92 kB
Asianux Server 9 for x86_64
- python3-jinja2-2.11.3-8.el9_5.noarch.rpm
MD5: 7aa9a8476bc3dfcee079fd1fcd8582e9
SHA-256: 82fe23971fc1023ececa3e5723b68b662a5964a9ad099487f7eb7a411749e10c
Size: 250.59 kB
English