pkg:PyPI/compliance-trestle

5 total CVEsHIGH2MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • HIGH8.4CVE-2026-46345compliance-trestle - jinja has an Arbitrary File Write via Path Traversal
    >= 4.0.0, < 4.0.3
  • HIGH7.8CVE-2026-46439compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)
    from 0, < 3.12.2
  • MEDIUM6.7CVE-2026-46380compliance-trestle Vulnerable to SSRF in Remote Fetching Subsystem
    >= 4.0.0, < 4.0.3
  • CVE-2026-45774compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal
    >= 4.0.0, < 4.0.3
  • CVE-2026-45725compliance-trestle Remote Fetching Mechanism has an Arbitrary File Write via Cache Path Traversal
    >= 4.0.0, < 4.0.3