Vulnerabilities > Palletsprojects > Jinja > High

DATE CVE VULNERABILITY TITLE RISK
2019-04-08 CVE-2016-10745 Use of Externally-Controlled Format String vulnerability in Palletsprojects Jinja
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
network
low complexity
palletsprojects CWE-134
8.6
2019-04-07 CVE-2019-10906 In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. 8.6