GHSA-gjx9-j8f8-7j74
CRITICALJinJava Bypass through ForTag leads to Arbitrary Java Execution
EPSS Exploitation Probability
EPSS (Exploit Prediction Scoring System) is a daily probability model maintained by FIRST.org. It estimates the likelihood a CVE will be exploited in production environments within the next 30 days, derived from real-world threat intelligence signals.
Blast Radius
com.hubspot.jinjava:jinjava☕com.hubspot.jinjava:jinjavaReal-time download stats are indexed for npm and PyPI packages. This vulnerability affects Maven packages — download data is not available via public APIs for these ecosystems.
Description
Impact
Vulnerability Type: Sandbox Bypass / Remote Code Execution
Affected Component: Jinjava
Affected Users:
- Organizations using HubSpot's Jinjava template rendering engine for user-provided template content
- Any system that renders untrusted Jinja templates using HubSpot's Jinjava implementation
- Users with the ability to create or edit custom code templates
Severity: Critical - allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions
Root Cause: Multiple security bypass vulnerabilities in Jinjava's sandbox mechanism:
-
ForTag Property Access Bypass: The
ForTagclass does not enforceJinjavaBeanELResolverrestrictions when iterating over object properties usingIntrospector.getBeanInfo()and invoking getter methods viaPropertyDescriptor.getReadMethod() -
Restricted Class Instantiation: The sandbox's type allowlist can be bypassed by using ObjectMapper to instantiate classes through JSON deserialization, including creating new
JinjavaELContextandJinjavaConfiginstances
Attack Vector: An attacker with the ability to create or edit Jinja templates can:
- Access arbitrary getter methods on objects in the template context
- Instantiate
ObjectMapperto enable default typing - Create arbitrary Java classes by bypassing type allowlists
- Read files from the server filesystem (demonstrated with
/etc/passwd) - Potentially execute arbitrary code
Patches
Status: Patched - CVE-2026-25526
Users should upgrade to one of the following versions which contain fixes for this vulnerability:
- JinJava 2.8.3 or later
- JinJava 2.7.6 or later
Fix Components:
-
ForTag Security Hardening
- Added security checks to
ForTag.renderForCollection()to enforceJinjavaBeanELResolverrestrictions - Implemented property access validation against restricted properties/methods before invoking getter methods
- Added checks for restricted class types before introspection
- Added security checks to
-
Enhanced Type Validation
- Improved validation in
JinjavaBeanELResolver.isRestrictedClass()to prevent instantiation of sensitive types - Added additional restricted types to the denylist
- Implemented deeper validation for types created via ObjectMapper deserialization
- Improved validation in
-
Configuration Protection
- Added checks to prevent creation of new
JinjavaConfigorJinjavaELContextinstances via ObjectMapper - Prevented modification of
readOnlyResolverconfiguration from untrusted templates - Implemented additional safeguards around ELResolver configuration
- Added checks to prevent creation of new
-
Collection Type Validation
- Implemented proper type validation in
HubLELResolverto prevent collection type wrapping bypasses - Added checks for wrapped types in collection deserialization
- Implemented validation for all types within collections against allowlists
- Implemented proper type validation in
-
ObjectMapper Restrictions
- Added additional restrictions on
ObjectMapper.enableDefaultTyping()to prevent enabling via less restrictive ELResolver - Ensured default typing cannot be enabled without proper authorization
- Added additional restrictions on
Information for Users: Upgrade to version 2.8.3 or 2.7.6 or later to address this vulnerability.
References
Project Resources
- Jinjava Source Code: github.com/HubSpot/jinjava
- Jinjava Releases: github.com/HubSpot/jinjava/releases
Security Standards & Classifications
- CWE-502: Deserialization of Untrusted Data
- CWE-913: Improper Control of Dynamically-Managed Code Resources
- CWE-94: Improper Control of Generation of Code ('Code Injection')
- CVSS v3.1: Common Vulnerability Scoring System
Additional Resources
Affected Packages
| Ecosystem | Package | Vulnerable range | Fix |
|---|---|---|---|
| ☕Maven | com.hubspot.jinjava:jinjava | ≥ 2.8.0&&< 2.8.3 | 2.8.3 |
| ☕Maven | com.hubspot.jinjava:jinjava | all versions | 2.7.6 |
Detection & mitigation playbook
Open-source dependencyDetect
Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for com.hubspot.jinjava:jinjava. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.
Fix
Update com.hubspot.jinjava:jinjava to 2.8.3 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-gjx9-j8f8-7j74 is resolved across your whole dependency graph.
Workarounds
If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.
How O3 protects you
O3 pinpoints whether GHSA-gjx9-j8f8-7j74 is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.
Tailored to GHSA-gjx9-j8f8-7j74. Runtime protection reduces exposure until a permanent patch is applied and verified — it complements patching, it doesn't replace it.
Frequently Asked Questions
Is GHSA-gjx9-j8f8-7j74 in your dependencies?
O3 detects GHSA-gjx9-j8f8-7j74 across Maven dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.