[Aikido] Fix 31 security issues in jinja2, flask, werkzeug and 2 more

[aikido-autofix]

Upgrade Jinja2, Flask, Werkzeug, and Flask-Cors to address critical RCE vulnerabilities in template rendering and sandbox escapes

✅ 31 CVEs resolved by this upgrade

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2025-27516	HIGH	Jinja sandbox bypass allows RCE via
CVE-2016-10745	HIGH	In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
CVE-2019-10906	HIGH	In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
CVE-2014-1402	HIGH	The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with _jinja2 in /tmp.
CVE-2024-56326	HIGH	Jinja sandbox bypass allows remote code execution via template manipulation by storing and indirectly calling str.format method, potentially executing arbitrary Python code in untrusted templates.
CVE-2014-0012	MEDIUM	FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402.
CVE-2024-22195	MEDIUM	Jinja templating engine vulnerability allows XSS via xmlattr filter, enabling injection of arbitrary HTML attributes that bypass auto-escaping and potentially circumvent attribute validation checks.
CVE-2024-34064	MEDIUM	Jinja's xmlattr filter allows injection of malicious XML/HTML attributes via unvalidated keys, potentially enabling cross-site scripting (XSS) attacks when user-supplied keys are rendered in pages viewed by other users.
CVE-2020-28493	LOW	ReDoS vulnerability in Jinja2's regex parsing allows attackers to craft malicious input that causes excessive regex backtracking, potentially leading to application unresponsiveness or denial of service.
CVE-2023-30861	HIGH	Flask vulnerability allows cached session cookies to be shared between clients when specific proxy and application configurations are present, potentially exposing sensitive session data across different users.
CVE-2018-1000656	HIGH	Flask has a JSON parsing vulnerability where maliciously encoded input can trigger excessive memory consumption, potentially causing a denial of service (DoS) attack by exhausting system resources.
CVE-2019-1010083	HIGH	The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.
CVE-2019-14322	HIGH	In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
CVE-2023-46136	HIGH	Werkzeug multipart file upload parsing vulnerability allows DoS through crafted file uploads with CR/LF, causing excessive CPU consumption by forcing inefficient boundary scanning on large byte buffers.
CVE-2019-14806	HIGH	Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
CVE-2023-25577	HIGH	Werkzeug multipart form data parser allows unlimited form parts, enabling DoS via crafted requests that consume excessive CPU and memory by parsing numerous small parts, potentially blocking or killing worker processes.
CVE-2024-34069	HIGH	Werkzeug debugger allows remote code execution if an attacker tricks a developer into entering a PIN on a malicious domain, potentially granting access to the debugger running on localhost.
CVE-2024-49767	HIGH	Werkzeug multipart form parser vulnerable to DoS via crafted requests, allowing attackers to exhaust server memory by uploading large files without limits, potentially consuming gigabytes of RAM within seconds.
CVE-2016-10516	MEDIUM	Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message.
CVE-2020-28724	MEDIUM	Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.
CVE-2024-49766	MEDIUM	Werkzeug path traversal vulnerability on Windows allows bypassing path safety checks, potentially enabling unauthorized file access through maliciously crafted UNC paths in web applications.
CVE-2025-66221	MEDIUM	Werkzeug path traversal vulnerability allows reading Windows device names, causing potential DoS by hanging file read operations on Windows systems when using send_from_directory.
CVE-2026-21860	MEDIUM	Werkzeug path traversal vulnerability allows bypassing path restrictions on Windows by using special device names like CON, potentially enabling unauthorized file access or information disclosure.
CVE-2023-23934	LOW	Cookie parsing vulnerability in Werkzeug allows subdomain cookie injection, potentially enabling attackers to manipulate cookie values across adjacent subdomains via maliciously crafted browser-sent cookies.
CVE-2020-25032	HIGH	An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
CVE-2024-6221	HIGH	CORS misconfiguration allows unauthorized external access to private network resources by default, enabling potential data breaches, sensitive info exposure, and network intrusions.
CVE-2024-6866	HIGH	Flask-CORS path matching vulnerability allows case-insensitive regex matching, potentially bypassing origin restrictions and exposing sensitive paths to unauthorized access, leading to potential data leaks.
CVE-2024-1681	MEDIUM	Log injection in flask-cors allows attackers to inject fake log entries by sending crafted GET requests with CRLF, potentially corrupting logs and obscuring malicious activity.
CVE-2024-6839	MEDIUM	Improper regex path matching in Flask-CORS allows less restrictive CORS policies, potentially enabling unauthorized cross-origin access to sensitive endpoints and data through pattern prioritization flaws.
CVE-2024-6844	MEDIUM	CORS vulnerability in flask-cors allows incorrect path matching due to '+' character handling, potentially enabling unauthorized cross-origin access or blocking valid requests through improper URL path normalization.
AIKIDO-2024-10084	MEDIUM	Flask-Cors log injection vulnerability allows attackers to inject fake log entries via crafted GET requests with CRLF, potentially corrupting logs and obscuring malicious activities.