vulnerability
Oracle Linux: CVE-2022-40023: ELSA-2023-2258: python-mako security update (MODERATE) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Sep 7, 2022 | May 18, 2023 | Jan 7, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 7, 2022
Added
May 18, 2023
Modified
Jan 7, 2025
Description
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
A vulnerability was found in the mako package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.
A vulnerability was found in the mako package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.
Solution
oracle-linux-upgrade-python3-mako
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.