A vulnerability classified as critical has been found in Pallets Jinja up to 3.1.4. Affected is the function str.format. The manipulation leads to improper neutralization of special elements used in a template engine.

This vulnerability is traded as CVE-2024-56326. Attacking locally is a requirement. There is no exploit available.

It is recommended to upgrade the affected component.