Search criteria
11 vulnerabilities found for jinjava by HubSpot
CVE-2026-25526 (GCVE-0-2026-25526)
Vulnerability from cvelistv5 – Published: 2026-02-04 21:26 – Updated: 2026-02-05 21:01
VLAI?
Title
JinJava Bypass through ForTag leads to Arbitrary Java Execution
Summary
JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via bypass through ForTag. This allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions. This issue has been patched in versions 2.7.6 and 2.8.3.
Severity ?
9.8 (Critical)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T21:00:49.634832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T21:01:00.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jinjava",
"vendor": "HubSpot",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.6"
},
{
"status": "affected",
"version": "\u003c 2.8.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via bypass through ForTag. This allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions. This issue has been patched in versions 2.7.6 and 2.8.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T21:26:58.572Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-gjx9-j8f8-7j74",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-gjx9-j8f8-7j74"
},
{
"name": "https://github.com/HubSpot/jinjava/commit/3d02e504d8bbb13bf3fe019e9ca7b51dfce7a998",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/commit/3d02e504d8bbb13bf3fe019e9ca7b51dfce7a998"
},
{
"name": "https://github.com/HubSpot/jinjava/commit/c7328dce6030ac718f88974196035edafef24441",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/commit/c7328dce6030ac718f88974196035edafef24441"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.7.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.7.6"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.3"
}
],
"source": {
"advisory": "GHSA-gjx9-j8f8-7j74",
"discovery": "UNKNOWN"
},
"title": "JinJava Bypass through ForTag leads to Arbitrary Java Execution"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25526",
"datePublished": "2026-02-04T21:26:58.572Z",
"dateReserved": "2026-02-02T19:59:47.372Z",
"dateUpdated": "2026-02-05T21:01:00.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59340 (GCVE-0-2025-59340)
Vulnerability from cvelistv5 – Published: 2025-09-17 20:01 – Updated: 2025-09-18 15:45
VLAI?
Title
jinjava Sandbox Bypass via JavaType-Based Deserialization
Summary
jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().constructFromCanonical(), it is possible to instruct the underlying ObjectMapper to deserialize attacker-controlled input into arbitrary classes. This enables the creation of semi-arbitrary class instances without directly invoking restricted methods or class literals. As a result, an attacker can escape the sandbox and instantiate classes such as java.net.URL, opening up the ability to access local files and URLs(e.g., file:///etc/passwd). With further chaining, this primitive can potentially lead to remote code execution (RCE). This vulnerability is fixed in 2.8.1.
Severity ?
9.8 (Critical)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-18T15:45:18.654916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T15:45:23.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jinjava",
"vendor": "HubSpot",
"versions": [
{
"status": "affected",
"version": "\u003c 2.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().constructFromCanonical(), it is possible to instruct the underlying ObjectMapper to deserialize attacker-controlled input into arbitrary classes. This enables the creation of semi-arbitrary class instances without directly invoking restricted methods or class literals. As a result, an attacker can escape the sandbox and instantiate classes such as java.net.URL, opening up the ability to access local files and URLs(e.g., file:///etc/passwd). With further chaining, this primitive can potentially lead to remote code execution (RCE). This vulnerability is fixed in 2.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T20:01:55.788Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-m49c-g9wr-hv6v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-m49c-g9wr-hv6v"
},
{
"name": "https://github.com/HubSpot/jinjava/commit/66df351e7e8ad71ca04dcacb4b65782af820b8b1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/commit/66df351e7e8ad71ca04dcacb4b65782af820b8b1"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.1"
}
],
"source": {
"advisory": "GHSA-m49c-g9wr-hv6v",
"discovery": "UNKNOWN"
},
"title": "jinjava Sandbox Bypass via JavaType-Based Deserialization"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59340",
"datePublished": "2025-09-17T20:01:55.788Z",
"dateReserved": "2025-09-12T12:36:24.635Z",
"dateUpdated": "2025-09-18T15:45:23.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12668 (GCVE-0-2020-12668)
Vulnerability from cvelistv5 – Published: 2021-02-19 22:33 – Updated: 2024-08-04 12:04
VLAI?
Summary
Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-19T22:33:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"name": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"name": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12668",
"datePublished": "2021-02-19T22:33:55",
"dateReserved": "2020-05-05T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18893 (GCVE-0-2018-18893)
Vulnerability from cvelistv5 – Published: 2019-01-03 01:00 – Updated: 2024-08-05 11:23
VLAI?
Summary
Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/pull/230"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-03T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/pull/230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18893",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"name": "https://github.com/HubSpot/jinjava/pull/230",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/pull/230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18893",
"datePublished": "2019-01-03T01:00:00",
"dateReserved": "2018-11-01T00:00:00",
"dateUpdated": "2024-08-05T11:23:08.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-25526 (GCVE-0-2026-25526)
Vulnerability from nvd – Published: 2026-02-04 21:26 – Updated: 2026-02-05 21:01
VLAI?
Title
JinJava Bypass through ForTag leads to Arbitrary Java Execution
Summary
JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via bypass through ForTag. This allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions. This issue has been patched in versions 2.7.6 and 2.8.3.
Severity ?
9.8 (Critical)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T21:00:49.634832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T21:01:00.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jinjava",
"vendor": "HubSpot",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.6"
},
{
"status": "affected",
"version": "\u003c 2.8.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via bypass through ForTag. This allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions. This issue has been patched in versions 2.7.6 and 2.8.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T21:26:58.572Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-gjx9-j8f8-7j74",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-gjx9-j8f8-7j74"
},
{
"name": "https://github.com/HubSpot/jinjava/commit/3d02e504d8bbb13bf3fe019e9ca7b51dfce7a998",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/commit/3d02e504d8bbb13bf3fe019e9ca7b51dfce7a998"
},
{
"name": "https://github.com/HubSpot/jinjava/commit/c7328dce6030ac718f88974196035edafef24441",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/commit/c7328dce6030ac718f88974196035edafef24441"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.7.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.7.6"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.3"
}
],
"source": {
"advisory": "GHSA-gjx9-j8f8-7j74",
"discovery": "UNKNOWN"
},
"title": "JinJava Bypass through ForTag leads to Arbitrary Java Execution"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25526",
"datePublished": "2026-02-04T21:26:58.572Z",
"dateReserved": "2026-02-02T19:59:47.372Z",
"dateUpdated": "2026-02-05T21:01:00.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59340 (GCVE-0-2025-59340)
Vulnerability from nvd – Published: 2025-09-17 20:01 – Updated: 2025-09-18 15:45
VLAI?
Title
jinjava Sandbox Bypass via JavaType-Based Deserialization
Summary
jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().constructFromCanonical(), it is possible to instruct the underlying ObjectMapper to deserialize attacker-controlled input into arbitrary classes. This enables the creation of semi-arbitrary class instances without directly invoking restricted methods or class literals. As a result, an attacker can escape the sandbox and instantiate classes such as java.net.URL, opening up the ability to access local files and URLs(e.g., file:///etc/passwd). With further chaining, this primitive can potentially lead to remote code execution (RCE). This vulnerability is fixed in 2.8.1.
Severity ?
9.8 (Critical)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-18T15:45:18.654916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T15:45:23.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jinjava",
"vendor": "HubSpot",
"versions": [
{
"status": "affected",
"version": "\u003c 2.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().constructFromCanonical(), it is possible to instruct the underlying ObjectMapper to deserialize attacker-controlled input into arbitrary classes. This enables the creation of semi-arbitrary class instances without directly invoking restricted methods or class literals. As a result, an attacker can escape the sandbox and instantiate classes such as java.net.URL, opening up the ability to access local files and URLs(e.g., file:///etc/passwd). With further chaining, this primitive can potentially lead to remote code execution (RCE). This vulnerability is fixed in 2.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T20:01:55.788Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-m49c-g9wr-hv6v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-m49c-g9wr-hv6v"
},
{
"name": "https://github.com/HubSpot/jinjava/commit/66df351e7e8ad71ca04dcacb4b65782af820b8b1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/commit/66df351e7e8ad71ca04dcacb4b65782af820b8b1"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.1"
}
],
"source": {
"advisory": "GHSA-m49c-g9wr-hv6v",
"discovery": "UNKNOWN"
},
"title": "jinjava Sandbox Bypass via JavaType-Based Deserialization"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59340",
"datePublished": "2025-09-17T20:01:55.788Z",
"dateReserved": "2025-09-12T12:36:24.635Z",
"dateUpdated": "2025-09-18T15:45:23.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12668 (GCVE-0-2020-12668)
Vulnerability from nvd – Published: 2021-02-19 22:33 – Updated: 2024-08-04 12:04
VLAI?
Summary
Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-19T22:33:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"name": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"name": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"name": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava",
"refsource": "MISC",
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12668",
"datePublished": "2021-02-19T22:33:55",
"dateReserved": "2020-05-05T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18893 (GCVE-0-2018-18893)
Vulnerability from nvd – Published: 2019-01-03 01:00 – Updated: 2024-08-05 11:23
VLAI?
Summary
Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/HubSpot/jinjava/pull/230"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-03T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/HubSpot/jinjava/pull/230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18893",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"name": "https://github.com/HubSpot/jinjava/pull/230",
"refsource": "MISC",
"url": "https://github.com/HubSpot/jinjava/pull/230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18893",
"datePublished": "2019-01-03T01:00:00",
"dateReserved": "2018-11-01T00:00:00",
"dateUpdated": "2024-08-05T11:23:08.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2025-59340
Vulnerability from fkie_nvd - Published: 2025-09-17 20:15 - Updated: 2025-09-26 13:11
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().constructFromCanonical(), it is possible to instruct the underlying ObjectMapper to deserialize attacker-controlled input into arbitrary classes. This enables the creation of semi-arbitrary class instances without directly invoking restricted methods or class literals. As a result, an attacker can escape the sandbox and instantiate classes such as java.net.URL, opening up the ability to access local files and URLs(e.g., file:///etc/passwd). With further chaining, this primitive can potentially lead to remote code execution (RCE). This vulnerability is fixed in 2.8.1.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hubspot:jinjava:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D319ECCB-C302-47EE-9354-E3F59DE13259",
"versionEndExcluding": "2.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().constructFromCanonical(), it is possible to instruct the underlying ObjectMapper to deserialize attacker-controlled input into arbitrary classes. This enables the creation of semi-arbitrary class instances without directly invoking restricted methods or class literals. As a result, an attacker can escape the sandbox and instantiate classes such as java.net.URL, opening up the ability to access local files and URLs(e.g., file:///etc/passwd). With further chaining, this primitive can potentially lead to remote code execution (RCE). This vulnerability is fixed in 2.8.1."
},
{
"lang": "es",
"value": "jinjava es un motor de plantillas basado en Java, basado en la sintaxis de plantillas de Django, adaptado para renderizar plantillas Jinja. Anterior a 2.8.1, al usar mapper.getTypeFactory().constructFromCanonical(), es posible instruir al ObjectMapper subyacente para deserializar la entrada controlada por el atacante en clases arbitrarias. Esto permite la creaci\u00f3n de instancias de clases semi-arbitrarias sin invocar directamente m\u00e9todos restringidos o literales de clase. Como resultado, un atacante puede escapar de la sandbox e instanciar clases como java.net.URL, abriendo la capacidad de acceder a archivos locales y URLs (por ejemplo, file:///etc/p4sswd). Con un encadenamiento adicional, esta primitiva puede potencialmente conducir a la ejecuci\u00f3n remota de c\u00f3digo (RCE). Esta vulnerabilidad est\u00e1 corregida en 2.8.1."
}
],
"id": "CVE-2025-59340",
"lastModified": "2025-09-26T13:11:40.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-17T20:15:36.430",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/HubSpot/jinjava/commit/66df351e7e8ad71ca04dcacb4b65782af820b8b1"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.8.1"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/HubSpot/jinjava/security/advisories/GHSA-m49c-g9wr-hv6v"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1336"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2020-12668
Vulnerability from fkie_nvd - Published: 2021-02-19 23:15 - Updated: 2024-11-21 05:00
Severity ?
Summary
Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hubspot:jinjava:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7BE2DA-D032-4624-9FD2-E9E684594E9A",
"versionEndExcluding": "2.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure."
},
{
"lang": "es",
"value": "Jinjava versiones anteriores a 2.5.4, permite un acceso a clases arbitrarias al llamar a m\u00e9todos Java en objetos pasados ??a un contexto de Jinjava.\u0026#xa0;Esto podr\u00eda permitir el abuso del cargador de clase de aplicaci\u00f3n, incluyendo una Divulgaci\u00f3n de Archivos Arbitrarios"
}
],
"id": "CVE-2020-12668",
"lastModified": "2024-11-21T05:00:01.967",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-19T23:15:12.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Permissions Required",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/compare/jinjava-2.5.3...jinjava-2.5.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Permissions Required",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/pull/426/commits/5dfa5b87318744a4d020b66d5f7747acc36b213b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/pull/435/commits/1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/releases/tag/jinjava-2.5.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2020-072-hubspot_jinjava"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-18893
Vulnerability from fkie_nvd - Published: 2019-01-03 01:29 - Updated: 2024-11-21 03:56
Severity ?
Summary
Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/HubSpot/jinjava/blob/master/CHANGES.md | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/HubSpot/jinjava/pull/230 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/HubSpot/jinjava/blob/master/CHANGES.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/HubSpot/jinjava/pull/230 | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hubspot:jinjava:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73BF4536-14D1-4C8E-AEAF-41E2886D0DCF",
"versionEndExcluding": "2.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java."
},
{
"lang": "es",
"value": "En las versiones anteriores a la 2.4.6, Jinjava no bloquea el m\u00e9todo getClass relacionado con com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java."
}
],
"id": "CVE-2018-18893",
"lastModified": "2024-11-21T03:56:50.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-03T01:29:00.380",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/pull/230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/blob/master/CHANGES.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/HubSpot/jinjava/pull/230"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}