CVE-2025-49619

Skyvern through 0.1.85 has a Jinja runtime leak in sdk/workflow/models/block.py.
Configurations

No configuration.

History

09 Jun 2025, 16:15

Type Values Removed Values Added
References
  • () https://cristibtz.blog/posts/CVE-2025-49619/ -
Summary
  • (es) Skyvern hasta la versión 0.1.85 tiene una fuga de tiempo de ejecución de Jinja en sdk/workflow/models/block.py.

07 Jun 2025, 21:15

Type Values Removed Values Added
References
  • () https://cristibtz.github.io/posts/CVE-2025-49619/ -

07 Jun 2025, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-07 14:15

Updated : 2025-06-09 16:15


NVD link : CVE-2025-49619

Mitre link : CVE-2025-49619

CVE.ORG link : CVE-2025-49619


JSON object : View

Products Affected

No product.

CWE
CWE-1336

Improper Neutralization of Special Elements Used in a Template Engine