[Security] CVE-2019-8341 advice please

[brabster]

Is this a new bug in dbt-core?

• [] I believe this is a new bug in dbt-core
• I have searched the existing issues, and I could not find an existing issue for this bug

Current Behavior

safety reporting a vulnerability in Jinja2 transitive for dbt-core et al.

-> Vulnerability found in jinja2 version 3.1.4
Vulnerability ID: 70612
Affected spec: >=0
ADVISORY: In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as
a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer...
CVE-2019-8341
For more information about this vulnerability, visit https://data.safetycli.com/v/70612/97c
To ignore this vulnerability, use PyUp vulnerability id 70612 in safety’s ignore command-line argument or add the ignore to your safety policy
file.

Expected Behavior

No vulnerabilities reported, ideally. There's no fix version available (and might never be) so this is more to have you confirm that dbt-core is not affected by this vuln. I don't think it is as I don't think you use from_string and I think you do run Jinja2 sandboxed, but confirmation would be useful

I don't think this is the right template but it's not a new vulnerability either 🤷

Steps To Reproduce

any version of dbt core
install safety
run safety check

Relevant log output

No response

Environment

GitHub action with vulnerability detected this morning https://github.com/brabster/pypi_vulnerabilities/actions/runs/9327416694/job/25677263698#step:3:510

Which database adapter are you using with dbt?

No response

Additional Context

No response

[dbeatty10]

Thanks for reaching out about this @brabster !

Sounds like you'd just like us to take a look and confirm that dbt-core is not affected by CVE-2019-8341?

Specifically:

• Confirm that dbt-core runs Jinja2 sandboxed
• If not, confirm that dbt-core does not use from_string

[brabster]

Yes please @dbeatty10 - I've done my own assessment (https://tempered.works/posts/2024/06/02/handling-cve-2019-8341-for-dbt-and-mkdocs/) but always helpful to get an all-clear and probably useful for others who might be getting pinged by safety as of Saturday!

[dbeatty10]

We took an initial look internally, and:

• dbt-core does indeed run Jinja2 sandboxed
• Here in get_template is where we load the template using from_string, after calling get_environment.

We believe the environment we're loading there should always be a subclass of jinja2.sandbox.SandboxedEnvironment, but we're going to double-check with one of our engineers.

[gshank]

Yes, we always subclass from SandboxedEnvironment.

[dbeatty10]

Thank you @gshank 👍

@brabster I'm going to close this as resolved, but just let us know if you have any outstanding concerns and we can take another look.

[sfermigier]

Quoting https://bugzilla.redhat.com/show_bug.cgi?id=1677653#c4
"I'm one of the maintainers of the Pallets projects, including Jinja.
This CVE is a bad joke. It's like claiming eval() in the Python stdlib is insecure because it executes code.
Jinja templates should never be loaded from untrusted sources.
So nothing should be done here, there is literally nothing to be fixed."