CVE-2025-27516

Name of the Vulnerable Software and Affected Versions Jinja versions prior to 3.1.6

Description Jinja is an extensible templating engine. An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the issue, an attacker needs to control the content of a template, which depends on the type of application using Jinja. This issue impacts users of applications that execute untrusted templates. Jinja's sandbox catches calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup.

Recommendations To resolve the issue, update to version 3.1.6 or later. As a temporary workaround, consider restricting the use of the |attr filter in templates until a patch is available. Avoid using the |attr filter to access sensitive attributes or methods in templates.