pkg:PyPI/compliance-trestle
5 total CVEsHIGH2MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH8.4CVE-2026-46345compliance-trestle - jinja has an Arbitrary File Write via Path Traversal >= 4.0.0, < 4.0.3
HIGH7.8CVE-2026-46439compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI) from 0, < 3.12.2
MEDIUM6.7CVE-2026-46380compliance-trestle Vulnerable to SSRF in Remote Fetching Subsystem >= 4.0.0, < 4.0.3
—compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal
>= 4.0.0, < 4.0.3
—compliance-trestle Remote Fetching Mechanism has an Arbitrary File Write via Cache Path Traversal
>= 4.0.0, < 4.0.3