Mako@0.3.3 vulnerabilities
A super-fast templating language that borrows the best ideas from the existing templating languages.
-
latest version
1.3.5
-
latest non vulnerable version
-
first published
18 years ago
-
latest version published
4 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the Mako package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,1.2.2)
|
Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element. |
[,0.3.4)
|