CVE-2026-41205Path Traversal in Mako

CWE-22Path Traversal4 documents4 sources
Severity
7.7HIGHNVD
EPSS
0.1%
top 74.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Sqlalchemy MakoMTA Mta-solution-server-rhel9Quay Quay-rhel8+4 more
Timeline
PublishedApr 23

Description

Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to TemplateLookup.get_template(). This vulnerability is fixed in 1.3.11.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages7 packages

CVEListV5sqlalchemy/mako< 1.3.11
Red Hatquay/quay-rhel8
Red Hatquay/quay-rhel9

🔴Vulnerability Details

1
VulDB
sqlalchemy mako up to 1.3.10 TemplateLookup.get_template path traversal (GHSA-v92g-xgxw-vvmm)2026-04-23

📋Vendor Advisories

1
Red Hat
mako: python: Mako: Information disclosure via path traversal vulnerability2026-04-23

💬Community

1
Bugzilla
CVE-2026-41205 mako: python: Mako: Information disclosure via path traversal vulnerability2026-04-23
CVE-2026-41205 — Path Traversal in Sqlalchemy Mako | cvebase