CVE Vulnerability

CVE-2019-8341

** DISPUTED ** An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/JameelNabbo/Jinja2-Code-execution Broken Link
https://www.exploit-db.com/exploits/46386/ Exploit Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1677653 Issue Tracking Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1125815 Issue Tracking Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:pocoo:jinja2:2.10:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
Information

Published : 2019-02-15 07:29

Updated : 2022-04-05 08:28

NVD link : CVE-2019-8341

Mitre link : CVE-2019-8341

Products Affected
No products.
CWE
CWE-94