PT-2019-12084 · Pallets+6 · Jinja+6

Brian Welch

Publicado

2019-04-06

Atualizado

2024-06-15

CVE-2019-10906

CVSS v3.1

9.0

Crítica

Vetor

AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Pallets Jinja versions prior to 2.10.1

Description The issue allows a sandbox escape through the str.format map method. This method could be used to bypass the sandbox, which is designed to restrict the evaluation of untrusted, user-provided templates. The problem arises due to the way string formatting works in Python.

Recommendations For versions prior to 2.10.1, update to version 2.10.1 or later to resolve the issue. As a temporary workaround, consider overriding the is safe attribute method on the sandbox and explicitly disallow the format map method on string objects.

Correção

Protection Mechanism Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-693

Identificadores relacionados

ALT-PU-2019-2664

ALT-PU-2020-3106

AZL-41949

CESA-2019_1152

CVE-2019-10906

GHSA-462W-V97R-4M45

MGASA-2019-0177

OPENSUSE-SU-2019:1395-1

OPENSUSE-SU-2019_1395-1

OPENSUSE-SU-2019_1614-1

OPENSUSE-SU-2024:11208-1

OPENSUSE-SU-2024:13930-1

PYSEC-2019-217

RHSA-2019:1152

RHSA-2019:1237

RHSA-2019:1329

RHSA-2019:3172

RHSA-2019_1152

RLSA-2019:1152

SUSE-FU-2022:0444-1

SUSE-FU-2022:0445-1

SUSE-SU-2019:1156-1

SUSE-SU-2019:1554-1

SUSE-SU-2020:3096-1

SUSE-SU-2020:3897-1

SUSE-SU-2020_3096-1

USN-4011-1

USN-4011-2

Produtos afetados

Alt Linux

Centos

Jinja

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2019-12084 · Pallets+6 · Jinja+6

CVE-2019-10906

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 86