ROOT-APP-PYPI-CVE-2025-27516

See a problem?
Please try reporting it to the source first.

Source

https://root.io/security/ROOT-APP-PYPI-CVE-2025-27516

Import Source

JSON Data

Aliases

Published

2025-12-18T13:52:21Z

Modified

2026-01-06T15:12:00.940192Z

Summary

CVE-2025-27516 in rootio-Jinja2 - Patched by Root

Details

Root has patched CVE-2025-27516 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available.

Database specific

{
    "distro_version": "",
    "distro": "pypi",
    "source": "Root"
}

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.5+root.io.1

Fixed

3.1.2+root.io.4

Fixed

3.1.2+root.io.5

root_patch_version

"root.io.5"

upstream_version

"3.1.2"

total_fixed_versions

3.0

root_patched

true

all_fixed_versions

[
    "3.1.5+root.io.1",
    "3.1.2+root.io.4",
    "3.1.2+root.io.5"
]

source

"https://api.root.io/external/osv/ROOT-APP-PYPI-CVE-2025-27516.json"