CVE-2024-56201 - Vulnerability Details

Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction Passive

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Redhat	Ansible Automation Platform Discovery Enterprise Linux Openshift Openshift Ai Openshift Ironic Openstack Rhdh Rhel E4s Rhel Eus Satellite Satellite Capsule

No data.

Package	CPE	Advisory	Released Date
Ansible Automation Platform Execution Environments
ansible-automation-platform/ee-minimal-rhel8:2.18.1-3	cpe:/a:redhat:ansible_automation_platform:ee::el8	RHSA-2025:0753	2025-01-28T00:00:00Z
ansible-automation-platform/ee-minimal-rhel9:2.18.1-4	cpe:/a:redhat:ansible_automation_platform:ee::el8	RHSA-2025:0753	2025-01-28T00:00:00Z
ansible-automation-platform/ee-minimal-rhel8:2.12.10-59	cpe:/a:redhat:ansible_automation_platform:ee::el8	RHSA-2025:1101	2025-02-05T00:00:00Z
ansible-automation-platform/ee-minimal-rhel9:2.18.2-4	cpe:/a:redhat:ansible_automation_platform:ee::el8	RHSA-2025:1101	2025-02-05T00:00:00Z
Discovery 1 for RHEL 9
discovery/discovery-server-rhel9:1.12.0-1	cpe:/o:redhat:discovery:1.0::el9	RHSA-2025:1249	2025-02-10T00:00:00Z
discovery/discovery-ui-rhel9:1.12.0-1	cpe:/o:redhat:discovery:1.0::el9	RHSA-2025:1249	2025-02-10T00:00:00Z
Ironic content for Red Hat OpenShift Container Platform 4.12
python-jinja2-0:3.0.1-6.el9.2	cpe:/a:redhat:openshift_ironic:4.12::el9	RHSA-2025:0834	2025-02-06T00:00:00Z
Ironic content for Red Hat OpenShift Container Platform 4.13
python-jinja2-0:3.0.1-6.el9.2	cpe:/a:redhat:openshift_ironic:4.13::el9	RHSA-2025:1118	2025-02-13T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 8
automation-controller-0:4.5.17-1.el8ap	cpe:/a:redhat:ansible_automation_platform:2.4::el8	RHSA-2025:0721	2025-01-27T00:00:00Z
python3x-jinja2-0:3.1.5-1.el8ap	cpe:/a:redhat:ansible_automation_platform:2.4::el8	RHSA-2025:0721	2025-01-27T00:00:00Z
ansible-automation-platform-24/lightspeed-rhel8-operator:2.4-33	cpe:/a:redhat:ansible_automation_platform:2.4::el8	RHSA-2025:0722	2025-01-27T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 9
automation-controller-0:4.5.17-1.el9ap	cpe:/a:redhat:ansible_automation_platform:2.4::el9	RHSA-2025:0721	2025-01-27T00:00:00Z
python-jinja2-0:3.1.5-1.el9ap	cpe:/a:redhat:ansible_automation_platform:2.4::el9	RHSA-2025:0721	2025-01-27T00:00:00Z
Red Hat Ansible Automation Platform 2.5 for RHEL 8
ansible-automation-platform-25/lightspeed-rhel8:2.5.250107-1	cpe:/a:redhat:ansible_automation_platform:2.5::el8	RHSA-2025:0341	2025-01-15T00:00:00Z
automation-controller-0:4.6.7-1.el8ap	cpe:/a:redhat:ansible_automation_platform:2.5::el8	RHSA-2025:0777	2025-01-28T00:00:00Z
python3.11-jinja2-0:3.1.5-1.el8ap	cpe:/a:redhat:ansible_automation_platform:2.5::el8	RHSA-2025:0777	2025-01-28T00:00:00Z
Red Hat Ansible Automation Platform 2.5 for RHEL 9
automation-controller-0:4.6.7-1.el9ap	cpe:/a:redhat:ansible_automation_platform:2.5::el9	RHSA-2025:0777	2025-01-28T00:00:00Z
python3.11-jinja2-0:3.1.5-1.el9ap	cpe:/a:redhat:ansible_automation_platform:2.5::el9	RHSA-2025:0777	2025-01-28T00:00:00Z
Red Hat Developer Hub 1.3 on RHEL 9
rhdh-hub-container-1.3-138	cpe:/a:redhat:rhdh:1.3::el9	RHBA-2025:0610	2025-01-22T00:00:00Z
Red Hat Enterprise Linux 9
fence-agents-0:4.10.0-76.el9_5.4	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:0308	2025-01-14T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
fence-agents-0:4.10.0-20.el9_0.20	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:0345	2025-01-15T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
fence-agents-0:4.10.0-43.el9_2.11	cpe:/a:redhat:rhel_eus:9.2	RHSA-2025:0335	2025-01-15T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
fence-agents-0:4.10.0-62.el9_4.10	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:0338	2025-01-15T00:00:00Z
Red Hat OpenShift Container Platform 4.14
python-jinja2-0:3.0.1-6.el9.2	cpe:/a:redhat:openshift_ironic:4.14::el9	RHSA-2025:0842	2025-02-06T00:00:00Z
Red Hat OpenShift Container Platform 4.15
python-jinja2-0:3.0.1-6.el9.2	cpe:/a:redhat:openshift_ironic:4.15::el9	RHSA-2025:1130	2025-02-12T00:00:00Z
Red Hat OpenShift Container Platform 4.16
openshift4/ose-ansible-rhel9-operator:v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2025:1123	2025-02-12T00:00:00Z
python-jinja2-0:3.0.1-6.el9.2	cpe:/a:redhat:openshift_ironic:4.16::el9	RHSA-2025:0830	2025-02-10T00:00:00Z
Red Hat OpenShift Container Platform 4.17
openshift4/ose-ansible-rhel9-operator:v4.17.0-202501300634.p0.g9cb5839.assembly.stream.el9	cpe:/a:redhat:openshift:4.17::el9	RHSA-2025:0875	2025-02-05T00:00:00Z
python-jinja2-0:3.1.5-1.el9	cpe:/a:redhat:openshift_ironic:4.17::el9	RHSA-2025:0656	2025-01-28T00:00:00Z
Red Hat OpenStack Platform 17.1 for RHEL 9
openstack-ansible-core-0:2.14.2-4.6.el9ost	cpe:/a:redhat:openstack:17.1::el9	RHSA-2025:1861	2025-02-25T00:00:00Z
Red Hat Satellite 6.15 for RHEL 8
python-jinja2-0:3.1.5-1.el8pc	cpe:/a:redhat:satellite:6.15::el8	RHSA-2025:3491	2025-04-01T00:00:00Z
python-jinja2-0:3.1.5-1.el8pc	cpe:/a:redhat:satellite_capsule:6.15::el8	RHSA-2025:3491	2025-04-01T00:00:00Z
Red Hat Developer Hub (RHDH) 1.4
registry.redhat.io/rhdh/rhdh-hub-rhel9:sha256:d8268197ba0466643efb818fcad8f0fc29e32463f75b0f7f51d9ce75ec717572	cpe:/a:redhat:rhdh:1.4::el9	RHBA-2025:0409	2025-01-20T00:00:00Z
Red Hat Developer Hub (RHDH) 1.5
registry.redhat.io/rhdh/rhdh-hub-rhel9:sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665	cpe:/a:redhat:rhdh:1.5::el9	RHSA-2025:3374	2025-03-27T00:00:00Z
Red Hat OpenShift AI 2.16
registry.redhat.io/rhoai/odh-model-registry-rhel8:sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f	cpe:/a:redhat:openshift_ai:2.16::el8	RHSA-2025:3368	2025-03-27T00:00:00Z
registry.redhat.io/rhoai/odh-model-registry-rhel8:sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f	cpe:/a:redhat:openshift_ai:2.16::el8	RHSA-2025:3397	2025-03-31T00:00:00Z

References

Link	Providers
https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f
https://github.com/pallets/jinja/issues/1792
https://github.com/pallets/jinja/releases/tag/3.1.5
https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699
https://nvd.nist.gov/vuln/detail/CVE-2024-56201
https://www.cve.org/CVERecord?id=CVE-2024-56201

History

Wed, 02 Apr 2025 02:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat satellite Redhat satellite Capsule
CPEs		cpe:/a:redhat:satellite:6.15::el8 cpe:/a:redhat:satellite_capsule:6.15::el8
Vendors & Products		Redhat satellite Redhat satellite Capsule

Fri, 28 Mar 2025 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Ai
CPEs		cpe:/a:redhat:openshift_ai:2.16::el8 cpe:/a:redhat:rhdh:1.5::el9
Vendors & Products		Redhat openshift Ai

Wed, 26 Feb 2025 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openstack
CPEs		cpe:/a:redhat:openstack:17.1::el9
Vendors & Products		Redhat openstack

Tue, 18 Feb 2025 22:45:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`	cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}`

Fri, 14 Feb 2025 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift_ironic:4.13::el9 cpe:/a:redhat:rhdh:1.4::el9

Thu, 13 Feb 2025 00:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat ansible Automation Platform Redhat discovery Redhat enterprise Linux Redhat openshift Redhat openshift Ironic Redhat rhdh Redhat rhel E4s Redhat rhel Eus
CPEs		cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform:ee::el8 cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:openshift:4.16::el9 cpe:/a:redhat:openshift:4.17::el9 cpe:/a:redhat:openshift_ironic:4.12::el9 cpe:/a:redhat:openshift_ironic:4.14::el9 cpe:/a:redhat:openshift_ironic:4.15::el9 cpe:/a:redhat:openshift_ironic:4.16::el9 cpe:/a:redhat:openshift_ironic:4.17::el9 cpe:/a:redhat:rhdh:1.3::el9 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.4 cpe:/o:redhat:discovery:1.0::el9
Vendors & Products		Redhat Redhat ansible Automation Platform Redhat discovery Redhat enterprise Linux Redhat openshift Redhat openshift Ironic Redhat rhdh Redhat rhel E4s Redhat rhel Eus

Wed, 08 Jan 2025 16:15:00 +0000

Type	Values Removed	Values Added
Description	Jinja is an extensible templating engine. Prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.	Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.

Tue, 24 Dec 2024 13:45:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2024-56201 https://www.cve.org/CVERecord?id=CVE-2024-56201
Metrics	threat_severity `None`	threat_severity `Important`

Tue, 24 Dec 2024 02:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 23 Dec 2024 15:45:00 +0000

Type	Values Removed	Values Added
Description		Jinja is an extensible templating engine. Prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.
Title		Jinja has a sandbox breakout through malicious filenames
Weaknesses		CWE-150
References		https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f https://github.com/pallets/jinja/issues/1792 https://github.com/pallets/jinja/releases/tag/3.1.5 https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699
Metrics		cvssV4_0 `{'score': 5.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-12-23T15:37:36.110Z

Updated: 2025-02-18T21:47:42.763Z

Reserved: 2024-12-18T18:29:25.896Z

Link: CVE-2024-56201

Vulnrichment

Updated: 2024-12-24T01:45:29.331Z

NVD

Status : Awaiting Analysis

Published: 2024-12-23T16:15:07.410

Modified: 2025-02-18T22:15:12.910

Link: CVE-2024-56201

Redhat

Severity : Important

Publid Date: 2024-12-23T15:37:36Z

Links: CVE-2024-56201 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-56201", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-12-18T18:29:25.896Z", "datePublished": "2024-12-23T15:37:36.110Z", "dateUpdated": "2025-02-18T21:47:42.763Z"}, "containers": {"cna": {"title": "Jinja has a sandbox breakout through malicious filenames", "problemTypes": [{"descriptions": [{"cweId": "CWE-150", "lang": "en", "description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"}, {"name": "https://github.com/pallets/jinja/issues/1792", "tags": ["x_refsource_MISC"], "url": "https://github.com/pallets/jinja/issues/1792"}, {"name": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", "tags": ["x_refsource_MISC"], "url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"}, {"name": "https://github.com/pallets/jinja/releases/tag/3.1.5", "tags": ["x_refsource_MISC"], "url": "https://github.com/pallets/jinja/releases/tag/3.1.5"}], "affected": [{"vendor": "pallets", "product": "jinja", "versions": [{"version": ">= 3.0.0, < 3.1.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-08T16:06:29.739Z"}, "descriptions": [{"lang": "en", "value": "Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5."}], "source": {"advisory": "GHSA-gmj6-6f8f-6699", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-24T01:44:55.825619Z", "id": "CVE-2024-56201", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-18T21:47:42.763Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-56201", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-24T01:44:55.825619Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-24T01:45:29.331Z"}}], "cna": {"title": "Jinja has a sandbox breakout through malicious filenames", "source": {"advisory": "GHSA-gmj6-6f8f-6699", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "pallets", "product": "jinja", "versions": [{"status": "affected", "version": ">= 3.0.0, < 3.1.5"}]}], "references": [{"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", "name": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pallets/jinja/issues/1792", "name": "https://github.com/pallets/jinja/issues/1792", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", "name": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pallets/jinja/releases/tag/3.1.5", "name": "https://github.com/pallets/jinja/releases/tag/3.1.5", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-150", "description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-08T16:06:29.739Z"}}}, "cveMetadata": {"cveId": "CVE-2024-56201", "state": "PUBLISHED", "dateUpdated": "2025-02-18T21:47:42.763Z", "dateReserved": "2024-12-18T18:29:25.896Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-12-23T15:37:36.110Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5."}, {"lang": "es", "value": "Jinja es un motor de plantillas extensible. Antes de 3.1.5, un error en el compilador de Jinja permit\u00eda a un atacante que controlaba tanto el contenido como el nombre de archivo de una plantilla ejecutar c\u00f3digo Python arbitrario, independientemente de si se utilizaba el entorno limitado de Jinja. Para aprovechar la vulnerabilidad, un atacante necesita controlar tanto el nombre del archivo como el contenido de una plantilla. Que ese sea el caso depende del tipo de aplicaci\u00f3n que utilice Jinja. Esta vulnerabilidad afecta a los usuarios de aplicaciones que ejecutan plantillas que no son de confianza donde el autor de la plantilla tambi\u00e9n puede elegir el nombre del archivo de la plantilla. Esta vulnerabilidad se solucion\u00f3 en 3.1.5."}], "id": "CVE-2024-56201", "lastModified": "2025-02-18T22:15:12.910", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-12-23T16:15:07.410", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"}, {"source": "security-advisories@github.com", "url": "https://github.com/pallets/jinja/issues/1792"}, {"source": "security-advisories@github.com", "url": "https://github.com/pallets/jinja/releases/tag/3.1.5"}, {"source": "security-advisories@github.com", "url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-150"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:0753", "cpe": "cpe:/a:redhat:ansible_automation_platform:ee::el8", "package": "ansible-automation-platform/ee-minimal-rhel8:2.18.1-3", "product_name": "Ansible Automation Platform Execution Environments", "release_date": "2025-01-28T00:00:00Z"}, {"advisory": "RHSA-2025:0753", "cpe": "cpe:/a:redhat:ansible_automation_platform:ee::el8", "package": "ansible-automation-platform/ee-minimal-rhel9:2.18.1-4", "product_name": "Ansible Automation Platform Execution Environments", "release_date": "2025-01-28T00:00:00Z"}, {"advisory": "RHSA-2025:1101", "cpe": "cpe:/a:redhat:ansible_automation_platform:ee::el8", "package": "ansible-automation-platform/ee-minimal-rhel8:2.12.10-59", "product_name": "Ansible Automation Platform Execution Environments", "release_date": "2025-02-05T00:00:00Z"}, {"advisory": "RHSA-2025:1101", "cpe": "cpe:/a:redhat:ansible_automation_platform:ee::el8", "package": "ansible-automation-platform/ee-minimal-rhel9:2.18.2-4", "product_name": "Ansible Automation Platform Execution Environments", "release_date": "2025-02-05T00:00:00Z"}, {"advisory": "RHSA-2025:1249", "cpe": "cpe:/o:redhat:discovery:1.0::el9", "package": "discovery/discovery-server-rhel9:1.12.0-1", "product_name": "Discovery 1 for RHEL 9", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2025:1249", "cpe": "cpe:/o:redhat:discovery:1.0::el9", "package": "discovery/discovery-ui-rhel9:1.12.0-1", "product_name": "Discovery 1 for RHEL 9", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2025:0834", "cpe": "cpe:/a:redhat:openshift_ironic:4.12::el9", "package": "python-jinja2-0:3.0.1-6.el9.2", "product_name": "Ironic content for Red Hat OpenShift Container Platform 4.12", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1118", "cpe": "cpe:/a:redhat:openshift_ironic:4.13::el9", "package": "python-jinja2-0:3.0.1-6.el9.2", "product_name": "Ironic content for Red Hat OpenShift Container Platform 4.13", "release_date": "2025-02-13T00:00:00Z"}, {"advisory": "RHSA-2025:0721", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "package": "automation-controller-0:4.5.17-1.el8ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "release_date": "2025-01-27T00:00:00Z"}, {"advisory": "RHSA-2025:0721", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "package": "python3x-jinja2-0:3.1.5-1.el8ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "release_date": "2025-01-27T00:00:00Z"}, {"advisory": "RHSA-2025:0722", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "package": "ansible-automation-platform-24/lightspeed-rhel8-operator:2.4-33", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "release_date": "2025-01-27T00:00:00Z"}, {"advisory": "RHSA-2025:0721", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9", "package": "automation-controller-0:4.5.17-1.el9ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "release_date": "2025-01-27T00:00:00Z"}, {"advisory": "RHSA-2025:0721", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9", "package": "python-jinja2-0:3.1.5-1.el9ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "release_date": "2025-01-27T00:00:00Z"}, {"advisory": "RHSA-2025:0341", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package": "ansible-automation-platform-25/lightspeed-rhel8:2.5.250107-1", "product_name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date": "2025-01-15T00:00:00Z"}, {"advisory": "RHSA-2025:0777", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package": "automation-controller-0:4.6.7-1.el8ap", "product_name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date": "2025-01-28T00:00:00Z"}, {"advisory": "RHSA-2025:0777", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package": "python3.11-jinja2-0:3.1.5-1.el8ap", "product_name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date": "2025-01-28T00:00:00Z"}, {"advisory": "RHSA-2025:0777", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "package": "automation-controller-0:4.6.7-1.el9ap", "product_name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "release_date": "2025-01-28T00:00:00Z"}, {"advisory": "RHSA-2025:0777", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "package": "python3.11-jinja2-0:3.1.5-1.el9ap", "product_name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "release_date": "2025-01-28T00:00:00Z"}, {"advisory": "RHBA-2025:0610", "cpe": "cpe:/a:redhat:rhdh:1.3::el9", "package": "rhdh-hub-container-1.3-138", "product_name": "Red Hat Developer Hub 1.3 on RHEL 9", "release_date": "2025-01-22T00:00:00Z"}, {"advisory": "RHSA-2025:0308", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "fence-agents-0:4.10.0-76.el9_5.4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-01-14T00:00:00Z"}, {"advisory": "RHSA-2025:0345", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "fence-agents-0:4.10.0-20.el9_0.20", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-01-15T00:00:00Z"}, {"advisory": "RHSA-2025:0335", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "fence-agents-0:4.10.0-43.el9_2.11", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-01-15T00:00:00Z"}, {"advisory": "RHSA-2025:0338", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "fence-agents-0:4.10.0-62.el9_4.10", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-01-15T00:00:00Z"}, {"advisory": "RHSA-2025:0842", "cpe": "cpe:/a:redhat:openshift_ironic:4.14::el9", "package": "python-jinja2-0:3.0.1-6.el9.2", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2025-02-06T00:00:00Z"}, {"advisory": "RHSA-2025:1130", "cpe": "cpe:/a:redhat:openshift_ironic:4.15::el9", "package": "python-jinja2-0:3.0.1-6.el9.2", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:1123", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-ansible-rhel9-operator:v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2025-02-12T00:00:00Z"}, {"advisory": "RHSA-2025:0830", "cpe": "cpe:/a:redhat:openshift_ironic:4.16::el9", "package": "python-jinja2-0:3.0.1-6.el9.2", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2025:0875", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "openshift4/ose-ansible-rhel9-operator:v4.17.0-202501300634.p0.g9cb5839.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2025-02-05T00:00:00Z"}, {"advisory": "RHSA-2025:0656", "cpe": "cpe:/a:redhat:openshift_ironic:4.17::el9", "package": "python-jinja2-0:3.1.5-1.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2025-01-28T00:00:00Z"}, {"advisory": "RHSA-2025:1861", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "package": "openstack-ansible-core-0:2.14.2-4.6.el9ost", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2025-02-25T00:00:00Z"}, {"advisory": "RHSA-2025:3491", "cpe": "cpe:/a:redhat:satellite:6.15::el8", "package": "python-jinja2-0:3.1.5-1.el8pc", "product_name": "Red Hat Satellite 6.15 for RHEL 8", "release_date": "2025-04-01T00:00:00Z"}, {"advisory": "RHSA-2025:3491", "cpe": "cpe:/a:redhat:satellite_capsule:6.15::el8", "package": "python-jinja2-0:3.1.5-1.el8pc", "product_name": "Red Hat Satellite 6.15 for RHEL 8", "release_date": "2025-04-01T00:00:00Z"}, {"advisory": "RHBA-2025:0409", "cpe": "cpe:/a:redhat:rhdh:1.4::el9", "package": "registry.redhat.io/rhdh/rhdh-hub-rhel9:sha256:d8268197ba0466643efb818fcad8f0fc29e32463f75b0f7f51d9ce75ec717572", "product_name": "Red Hat Developer Hub (RHDH) 1.4", "release_date": "2025-01-20T00:00:00Z"}, {"advisory": "RHSA-2025:3374", "cpe": "cpe:/a:redhat:rhdh:1.5::el9", "package": "registry.redhat.io/rhdh/rhdh-hub-rhel9:sha256:56bfbb2328f42e91d0462e142f3434e5d771737defbc07d8a21dbdf50e468665", "product_name": "Red Hat Developer Hub (RHDH) 1.5", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-model-registry-rhel8:sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-model-registry-rhel8:sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}], "bugzilla": {"description": "jinja2: Jinja has a sandbox breakout through malicious filenames", "id": "2333854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333854"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-150", "details": ["Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.", "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename."], "mitigation": {"lang": "en:us", "value": "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates."}, "name": "CVE-2024-56201", "package_state": [{"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Affected", "package_name": "openshift-lightspeed-tech-preview/lightspeed-service-api-rhel9", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform", "fix_state": "Will not fix", "package_name": "ansible-tower", "product_name": "Red Hat Ansible Automation Platform 1.2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "aap-cloud-metrics-collector-container", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "ansible-automation-platform-24/de-supported-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "ansible-automation-platform-24/platform-resource-runner-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "ansible-automation-platform-25/ansible-dev-tools-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Not affected", "package_name": "rhdh/rhdh-rhel9-operator", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:discovery:1", "fix_state": "Affected", "package_name": "discovery-server-container", "product_name": "Red Hat Discovery"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "python-jinja2", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "python-jinja2", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "python-jinja2", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "keylime-registrar-container", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "python-jinja2", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Affected", "package_name": "rhelai1/bootc-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/bootc-aws-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Affected", "package_name": "rhelai1/bootc-azure-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/bootc-azure-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/bootc-gcp-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/bootc-ibm-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/bootc-intel-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Affected", "package_name": "rhelai1/bootc-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Affected", "package_name": "rhelai1/instructlab-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/instructlab-intel-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/instructlab-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-ml-pipelines-api-server-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-ml-pipelines-driver-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-ml-pipelines-launcher-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/cnf-tests-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-ovn-kubernetes", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-ovn-kubernetes-microshift-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ztp-site-generate-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/opentelemetry-collector-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/opentelemetry-operator-bundle", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/opentelemetry-rhel8-operator", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Will not fix", "package_name": "rhosdt/opentelemetry-target-allocator-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Affected", "package_name": "python-jinja2", "product_name": "Red Hat OpenStack Platform 18.0"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:rhui:4::el8", "fix_state": "Not affected", "package_name": "python-jinja2", "product_name": "Red Hat Update Infrastructure 4 for Cloud Providers"}], "public_date": "2024-12-23T15:37:36Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-56201\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-56201\nhttps://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f\nhttps://github.com/pallets/jinja/issues/1792\nhttps://github.com/pallets/jinja/releases/tag/3.1.5\nhttps://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"], "statement": "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.", "threat_severity": "Important"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction Passive

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object