Hubspot Jinjava

4 CVEs affecting Hubspot Jinjava. Latest disclosed: 2026-02-04. Critical: 2, High: 0.

Top CVEs affecting Hubspot Jinjava
CVESeverityScorePublishedSummary
CVE-2026-25526Critical9.82026-02-04JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulne…
CVE-2025-59340Critical9.82025-09-17jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().c…
CVE-2020-12668Medium6.52021-02-19Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the appl…
CVE-2018-18893Medium5.32019-01-03Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java.