In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure
Jinja
Fedora
Ubuntu Linux
Software Collections
+1
NVD
CVSS 3.1
8.6
EPSS
3.6%