mapproxy@0.8.3 vulnerabilities

An accelerating proxy for tile and web map services

Direct Vulnerabilities

Known vulnerabilities in the mapproxy package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
HTTP Request Smuggling

Affected versions of this package are vulnerable to HTTP Request Smuggling that can lead to web cache poisoning in text-like responses.

How to fix HTTP Request Smuggling?

Upgrade MapProxy to version 1.14.0 or higher.

[,1.14.0)
  • H
Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal. Affected versions of Mapproxy have a Local File Disclosure Vulnerability on "/demo/static/" embed functionality.

How to fix Directory Traversal?

Upgrade MapProxy to version 1.13.1 or higher.

[,1.13.1)
  • M
Cross-site Scripting (XSS)

MapProxy is an open source proxy for geospatial data.

Affected versions of this package are vulnerable to Cross Site Scripting (XSS) attack in the demo service resulting in possible information disclosure.

How to fix Cross-site Scripting (XSS)?

Upgrade MapProxy to version 1.10.4 or higher.

[,1.10.4)