Package impact
PyPI / mako
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-44307 | high | — | 8.0 | 22d ago | Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup | |
| CVE-2026-41205 | high | 7.5 | 7.5 | 1mo ago | Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is… | |
| CVE-2022-40023 | medium | — | 5.5 | 3y ago | Moderate: python-mako security update | |
| CVE-2010-2480 | medium | — | 4.3 | 4y ago | Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vec… |