EUVD-2022-0431

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-21648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a...

CVE-2022-21648

Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. This may lead to XSS attacks. The issue is fixed in the...

latte 安全漏洞

Latte is a template engine for Php from the Nette Foundation. A security vulnerability exists in latte versions prior to 2.10.6, which stems from the existence of methods to bypass allowFunctions in the software, which affects the security of the application. When a template is set to allow or...

Access Control Bypass

Overview latte/latte is an intuitive and fast template engine for those who want the most secure PHP sites. Introduces context-sensitive escaping. Affected versions of this package are vulnerable to Access Control Bypass. There is a way to bypass allowFunctions that will affect the security of th...