Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. This vulnerability is fixed in 3.1.6.
FEDORA-2025-cd7f5876b2 (python-jinja2-3.1.6-1.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.
This issue has been addressed in the following products: Ansible Automation Platform Execution Environments Via RHSA-2025:2664 https://access.redhat.com/errata/RHSA-2025:2664
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:2688 https://access.redhat.com/errata/RHSA-2025:2688
FEDORA-2025-bb0ea8b8c0 (python-jinja2-3.1.6-1.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:3017 https://access.redhat.com/errata/RHSA-2025:3017
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:3111 https://access.redhat.com/errata/RHSA-2025:3111
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:3113 https://access.redhat.com/errata/RHSA-2025:3113
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.4 for RHEL 8 Red Hat Ansible Automation Platform 2.4 for RHEL 9 Via RHSA-2025:3123 https://access.redhat.com/errata/RHSA-2025:3123
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.4 for RHEL 8 Red Hat Ansible Automation Platform 2.4 for RHEL 9 Via RHSA-2025:3124 https://access.redhat.com/errata/RHSA-2025:3124
FEDORA-2025-8b6aa24ab4 (python-jinja2-3.1.6-1.fc40) has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report.
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.5 for RHEL 8 Red Hat Ansible Automation Platform 2.5 for RHEL 9 Via RHSA-2025:3160 https://access.redhat.com/errata/RHSA-2025:3160
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.5 for RHEL 8 Red Hat Ansible Automation Platform 2.5 for RHEL 9 Via RHSA-2025:3162 https://access.redhat.com/errata/RHSA-2025:3162
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 for RHEL 9 Via RHSA-2025:3371 https://access.redhat.com/errata/RHSA-2025:3371
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:3388 https://access.redhat.com/errata/RHSA-2025:3388
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:3406 https://access.redhat.com/errata/RHSA-2025:3406
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2025:3562 https://access.redhat.com/errata/RHSA-2025:3562
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2025:3580 https://access.redhat.com/errata/RHSA-2025:3580
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:3585 https://access.redhat.com/errata/RHSA-2025:3585
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:3586 https://access.redhat.com/errata/RHSA-2025:3586
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:3588 https://access.redhat.com/errata/RHSA-2025:3588
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:3622 https://access.redhat.com/errata/RHSA-2025:3622
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:3671 https://access.redhat.com/errata/RHSA-2025:3671
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2025:3568 https://access.redhat.com/errata/RHSA-2025:3568
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2025:3789 https://access.redhat.com/errata/RHSA-2025:3789
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.18 Via RHSA-2025:3775 https://access.redhat.com/errata/RHSA-2025:3775
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2025:3779 https://access.redhat.com/errata/RHSA-2025:3779
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.18 Via RHSA-2025:4018 https://access.redhat.com/errata/RHSA-2025:4018
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.17 Via RHSA-2025:4203 https://access.redhat.com/errata/RHSA-2025:4203