CVE-2020-28493

Name
CVE-2020-28493
Description
This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Broken Link https://github.com/pallets/jinja/blob/ab81fd9c277900c85da0c322a2ff9d68a235b2e6/src/jinja2/utils.py%23L20
Patch https://github.com/pallets/jinja/pull/1343
Exploit https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVAKCOO7VBVUBM3Q6CBBTPBFNP5NDXF4/
GENTOO https://security.gentoo.org/glsa/202107-19

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:palletsprojects:jinja:*:*:*:*:*:*:*:* jinja >= None < 2.11.3

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
py3-jinja2 edge-main 1.11.3-r0 None fixed
py3-jinja2 3.22-main 1.11.3-r0 None fixed
py3-jinja2 3.21-main 1.11.3-r0 None fixed
py3-jinja2 3.20-main 1.11.3-r0 None fixed
py3-jinja2 3.19-main 1.11.3-r0 None fixed
py3-jinja2 3.18-main 1.11.3-r0 None fixed
py3-jinja2 3.17-main 1.11.3-r0 None fixed