diff --git a/audits/aider-requirements.audit.json b/audits/aider-requirements.audit.json index 957f9d5e..d0d93aaf 100644 --- a/audits/aider-requirements.audit.json +++ b/audits/aider-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/ansible-lint-requirements.audit.json b/audits/ansible-lint-requirements.audit.json index 3b454e64..b800aff7 100644 --- a/audits/ansible-lint-requirements.audit.json +++ b/audits/ansible-lint-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/certsync-requirements.audit.json b/audits/certsync-requirements.audit.json index 9835ba76..3ad57626 100644 --- a/audits/certsync-requirements.audit.json +++ b/audits/certsync-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/charmcraft-requirements.audit.json b/audits/charmcraft-requirements.audit.json index 425ccef1..bf82fb9c 100644 --- a/audits/charmcraft-requirements.audit.json +++ b/audits/charmcraft-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/gdbgui-requirements.audit.json b/audits/gdbgui-requirements.audit.json index 607ee44f..3504fb56 100644 --- a/audits/gdbgui-requirements.audit.json +++ b/audits/gdbgui-requirements.audit.json @@ -286,8 +286,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -682,8 +684,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/gi-docgen-requirements.audit.json b/audits/gi-docgen-requirements.audit.json index eabe9fbf..b1db3dcb 100644 --- a/audits/gi-docgen-requirements.audit.json +++ b/audits/gi-docgen-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/harlequin-requirements.audit.json b/audits/harlequin-requirements.audit.json index 06d0e1fc..0765ba2f 100644 --- a/audits/harlequin-requirements.audit.json +++ b/audits/harlequin-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/libplacebo-requirements.audit.json b/audits/libplacebo-requirements.audit.json index 1f01bf51..84a72d4d 100644 --- a/audits/libplacebo-requirements.audit.json +++ b/audits/libplacebo-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/litani-requirements.audit.json b/audits/litani-requirements.audit.json index e2c4e357..336aeeb6 100644 --- a/audits/litani-requirements.audit.json +++ b/audits/litani-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/mentat-requirements.audit.json b/audits/mentat-requirements.audit.json index d600ccef..758b21fc 100644 --- a/audits/mentat-requirements.audit.json +++ b/audits/mentat-requirements.audit.json @@ -390,8 +390,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -786,8 +788,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/organize-tool-requirements.audit.json b/audits/organize-tool-requirements.audit.json index 7c91a6d6..a1b2f0da 100644 --- a/audits/organize-tool-requirements.audit.json +++ b/audits/organize-tool-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/pytorch-requirements.audit.json b/audits/pytorch-requirements.audit.json index 99d25341..f09e8530 100644 --- a/audits/pytorch-requirements.audit.json +++ b/audits/pytorch-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/recon-ng-requirements.audit.json b/audits/recon-ng-requirements.audit.json index f4a34831..230a7790 100644 --- a/audits/recon-ng-requirements.audit.json +++ b/audits/recon-ng-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/sail-requirements.audit.json b/audits/sail-requirements.audit.json index 8fa1f093..40d76512 100644 --- a/audits/sail-requirements.audit.json +++ b/audits/sail-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/audits/vunnel-requirements.audit.json b/audits/vunnel-requirements.audit.json index a9e9d936..595582b6 100644 --- a/audits/vunnel-requirements.audit.json +++ b/audits/vunnel-requirements.audit.json @@ -24,8 +24,10 @@ "CGA-gvvw-7w3r-7m54", "CGA-h79h-32w2-7vmp", "CGA-jjj9-fv4h-c9cv", + "CGA-jr6g-xxjr-rgc8", "CGA-mvqg-6j62-4pjm", "CGA-vj5f-6mc5-q329", + "CGA-w9xc-2j9j-8rrv", "CGA-whf8-42p9-686q" ], "summary": "Jinja has a sandbox breakout through malicious filenames", @@ -129,8 +131,10 @@ "CGA-f7wq-crqm-v76f", "CGA-gm37-p355-3fq6", "CGA-h3v9-xgx5-mrgr", + "CGA-hvm4-vp8w-6q8r", "CGA-p9v5-jpj2-q3ww", - "CGA-rx48-pgcw-gx64" + "CGA-rx48-pgcw-gx64", + "CGA-w2xv-8gr2-xp8m" ], "summary": "Jinja has a sandbox breakout through indirect reference to format method", "details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja's sandbox does catch calls to `str.format` and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", diff --git a/requirements/apprise-requirements.txt b/requirements/apprise-requirements.txt index 11764bc1..c4fa4961 100644 --- a/requirements/apprise-requirements.txt +++ b/requirements/apprise-requirements.txt @@ -1,9 +1,9 @@ -charset-normalizer==3.4.0 -click==8.1.7 +charset-normalizer==3.4.1 +click==8.1.8 idna==3.10 markdown==3.7 oauthlib==3.2.2 pyyaml==6.0.2 requests==2.32.3 requests-oauthlib==2.0.0 -urllib3==2.2.3 +urllib3==2.3.0 diff --git a/requirements/bzt-requirements.txt b/requirements/bzt-requirements.txt index e72e5884..9fffc07f 100644 --- a/requirements/bzt-requirements.txt +++ b/requirements/bzt-requirements.txt @@ -1,11 +1,11 @@ aiodogstatsd==0.16.0.post0 -aiohappyeyeballs==2.4.3 -aiohttp==3.11.4 -aiosignal==1.3.1 +aiohappyeyeballs==2.4.4 +aiohttp==3.11.11 +aiosignal==1.3.2 astunparse==1.6.3 -attrs==24.2.0 +attrs==24.3.0 bidict==0.23.1 -charset-normalizer==3.4.0 +charset-normalizer==3.4.1 colorlog==6.9.0 cssselect==1.2.0 cython==3.0.11 @@ -24,24 +24,24 @@ multidict==6.1.0 multiprocess==0.70.17 progressbar33==2.4 prompt-toolkit==3.0.48 -propcache==0.2.0 -psutil==6.1.0 +propcache==0.2.1 +psutil==6.1.1 python-dateutil==2.9.0.post0 -python-engineio==4.10.1 -python-socketio==5.11.4 +python-engineio==4.11.2 +python-socketio==5.12.1 pytz==2024.2 pyvirtualdisplay==3.0 pyyaml==6.0.2 -rapidfuzz==3.10.1 +rapidfuzz==3.11.0 requests==2.32.3 -setuptools==75.3.0 +setuptools==75.8.0 simple-websocket==1.1.0 -six==1.16.0 +six==1.17.0 terminaltables==3.1.10 urllib3==1.26.17 urwid==2.1.2 wcwidth==0.2.13 websocket-client==1.8.0 -wheel==0.45.0 +wheel==0.45.1 wsproto==1.2.0 -yarl==1.17.2 +yarl==1.18.3 diff --git a/requirements/cfn-lint-requirements.txt b/requirements/cfn-lint-requirements.txt index dfde1039..4e1bd1fa 100644 --- a/requirements/cfn-lint-requirements.txt +++ b/requirements/cfn-lint-requirements.txt @@ -1,8 +1,8 @@ annotated-types==0.7.0 attrs==24.3.0 aws-sam-translator==1.94.0 -boto3==1.35.90 -botocore==1.35.90 +boto3==1.35.95 +botocore==1.35.95 jmespath==1.0.1 jsonpatch==1.33 jsonpointer==3.0.0 @@ -10,7 +10,7 @@ jsonschema==4.23.0 jsonschema-specifications==2024.10.1 mpmath==1.3.0 networkx==3.4.2 -pydantic==2.10.4 +pydantic==2.10.5 pydantic-core==2.27.2 python-dateutil==2.9.0.post0 pyyaml==6.0.2 diff --git a/requirements/dstack-requirements.txt b/requirements/dstack-requirements.txt index ad604697..83946150 100644 --- a/requirements/dstack-requirements.txt +++ b/requirements/dstack-requirements.txt @@ -2,8 +2,8 @@ aiocache==0.12.3 aiorwlock==1.5.0 aiosqlite==0.20.0 alembic==1.14.0 -alembic-postgresql-enum==1.4.0 -anyio==4.7.0 +alembic-postgresql-enum==1.5.0 +anyio==4.8.0 apscheduler==3.11.0 asyncpg==0.30.0 attrs==24.3.0 @@ -17,8 +17,8 @@ azure-mgmt-network==27.0.0 azure-mgmt-resource==23.2.0 azure-mgmt-subscription==3.1.1 bcrypt==4.2.1 -boto3==1.35.88 -botocore==1.35.88 +boto3==1.35.94 +botocore==1.35.94 cached-classproperty==1.0.1 cachetools==5.5.0 charset-normalizer==3.4.1 @@ -28,10 +28,10 @@ deprecated==1.2.15 docker==7.1.0 fastapi==0.115.6 filelock==3.16.1 -gitdb==4.0.11 -gitpython==3.1.43 +gitdb==4.0.12 +gitpython==3.1.44 google-api-core==2.24.0 -google-api-python-client==2.156.0 +google-api-python-client==2.157.0 google-auth==2.37.0 google-auth-httplib2==0.2.0 google-cloud-appengine-logging==1.5.0 @@ -45,11 +45,11 @@ google-cloud-tpu==1.20.0 google-crc32c==1.6.0 google-resumable-media==2.7.2 googleapis-common-protos==1.66.0 -gpuhunt==0.0.17 +gpuhunt==0.0.18 greenlet==3.1.1 -grpc-google-iam-v1==0.13.1 -grpcio==1.68.1 -grpcio-status==1.68.1 +grpc-google-iam-v1==0.14.0 +grpcio==1.69.0 +grpcio-status==1.69.0 h11==0.14.0 httpcore==1.0.7 httplib2==0.22.0 @@ -78,12 +78,12 @@ protobuf==5.29.2 psutil==6.1.1 pyasn1==0.6.1 pyasn1-modules==0.4.1 -pydantic==1.10.19 +pydantic==1.10.20 pydantic-duality==1.2.4 -pygments==2.18.0 +pygments==2.19.1 pyjwt==2.10.1 pynacl==1.5.0 -pyparsing==3.2.0 +pyparsing==3.2.1 python-dateutil==2.9.0.post0 python-dxf==12.1.0 python-json-logger==3.2.1 @@ -100,7 +100,7 @@ s3transfer==0.10.4 sentry-sdk==2.19.2 simple-term-menu==1.6.6 six==1.17.0 -smmap==5.0.1 +smmap==5.0.2 sniffio==1.3.1 sqlalchemy==2.0.36 sqlalchemy-utils==0.41.2 diff --git a/requirements/literate-git-requirements.txt b/requirements/literate-git-requirements.txt index 5c1f928a..fdd7ce91 100644 --- a/requirements/literate-git-requirements.txt +++ b/requirements/literate-git-requirements.txt @@ -1,5 +1,5 @@ click==8.1.8 jinja2==3.1.5 markdown2==2.5.2 -markupsafe==2.1.5 -pygments==2.18.0 +markupsafe==3.0.2 +pygments==2.19.1 diff --git a/requirements/ola-requirements.txt b/requirements/ola-requirements.txt index 630d9eac..c35f5e74 100644 --- a/requirements/ola-requirements.txt +++ b/requirements/ola-requirements.txt @@ -1 +1 @@ -protobuf==5.29.2 +protobuf==5.29.3 diff --git a/requirements/ruff-lsp-requirements.txt b/requirements/ruff-lsp-requirements.txt index 3f6c430d..2cd33693 100644 --- a/requirements/ruff-lsp-requirements.txt +++ b/requirements/ruff-lsp-requirements.txt @@ -1,4 +1,4 @@ -attrs==24.2.0 +attrs==24.3.0 cattrs==24.1.2 lsprotocol==2023.0.1 packaging==24.2