Hubspot Jinjava
4 CVEs affecting Hubspot Jinjava. Latest disclosed: 2026-02-04. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25526 | Critical | 9.8 | 2026-02-04 | JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulne… |
CVE-2025-59340 | Critical | 9.8 | 2025-09-17 | jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().c… |
CVE-2020-12668 | Medium | 6.5 | 2021-02-19 | Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the appl… |
CVE-2018-18893 | Medium | 5.3 | 2019-01-03 | Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java. |