Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AntaresMugisho PyBlade AST Validation sandbox.py _is_safe_ast special elements used in a template engine
Vulnerability Description
A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function _is_safe_ast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
CWE-1336
Vulnerability Title
PyBlade 安全漏洞
Vulnerability Description
PyBlade是Antares个人开发者的一个轻量高效的Python模板引擎,支持组件化开发。 PyBlade 0.1.8-alpha和0.1.9-alpha版本存在安全漏洞,该漏洞源于文件sandbox.py中_is_safe_ast函数对模板引擎特殊元素中和不当。
CVSS Information
N/A
Vulnerability Type
N/A