mapproxy 0.8.0.dev-20100310 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the mapproxy package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Directory Traversal Affected versions of this package are vulnerable to Directory Traversal via the path parameters in the `/demo/static/` endpoint. An attacker can exploit this vulnerability to read arbitrary files from the server’s filesystem by manipulating the request path, potentially exposing sensitive data. How to fix Directory Traversal? Upgrade `MapProxy` to version 4.0.2 or higher.	[,4.0.2)
M HTTP Request Smuggling Affected versions of this package are vulnerable to HTTP Request Smuggling that can lead to web cache poisoning in text-like responses. How to fix HTTP Request Smuggling? Upgrade `MapProxy` to version 1.14.0 or higher.	[,1.14.0)
H Directory Traversal Affected versions of this package are vulnerable to Directory Traversal. Affected versions of Mapproxy have a Local File Disclosure Vulnerability on "/demo/static/" embed functionality. How to fix Directory Traversal? Upgrade `MapProxy` to version 1.13.1 or higher.	[,1.13.1)
M Cross-site Scripting (XSS) Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the demo service resulting in possible information disclosure. How to fix Cross-site Scripting (XSS)? Upgrade `MapProxy` to version 1.10.4 or higher.	[,1.10.4)

Vulnerability

Vulnerable Version

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal via the path parameters in the /demo/static/ endpoint. An attacker can exploit this vulnerability to read arbitrary files from the server’s filesystem by manipulating the request path, potentially exposing sensitive data.

How to fix Directory Traversal?

Upgrade MapProxy to version 4.0.2 or higher.

[,4.0.2)

HTTP Request Smuggling

Affected versions of this package are vulnerable to HTTP Request Smuggling that can lead to web cache poisoning in text-like responses.

How to fix HTTP Request Smuggling?

Upgrade MapProxy to version 1.14.0 or higher.

[,1.14.0)

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal. Affected versions of Mapproxy have a Local File Disclosure Vulnerability on "/demo/static/" embed functionality.

How to fix Directory Traversal?

Upgrade MapProxy to version 1.13.1 or higher.

[,1.13.1)

Cross-site Scripting (XSS)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the demo service resulting in possible information disclosure.

How to fix Cross-site Scripting (XSS)?

Upgrade MapProxy to version 1.10.4 or higher.

[,1.10.4)

mapproxy@0.8.0.dev-20100310 vulnerabilities

An accelerating proxy for tile and web map services

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically