CVE-2025-14700: Python Jinja2 Unsandboxed Environment From String Ssti
A non-sandboxed jinja2.Environment instance is constructed. When such an Environment is later used with from_string()/render() against template strings influenced by user input (e.g., a webhook body, email template, or any stored user-supplied content), the unsandboxed environment permits Jinja2 attribute traversal (__class__, __mro__, __subclasses__, __glob
greprules fetch cve-2025-14700-python-jinja2-unsandboxed-environment-from-string-ssti --engine opengrepDescription
A non-sandboxed jinja2.Environment instance is constructed. When such an Environment is later used with from_string()/render() against template strings influenced by user input (e.g., a webhook body, email template, or any stored user-supplied content), the unsandboxed environment permits Jinja2 attribute traversal (__class__, __mro__, __subclasses__, __glob
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.