Improper Input Validation Affecting pytask-latex package, versions [,0.0.11)
Snyk CVSS
Attack Complexity
High
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-PYTASKLATEX-1090200
- published 1 Apr 2021
- disclosed 1 Apr 2021
- credit Unknown
How to fix?
Upgrade pytask-latex
to version 0.0.11 or higher.
Overview
pytask-latex is a Compile LaTeX documents with pytask.
Affected versions of this package are vulnerable to Improper Input Validation. An issue exists within the --outputdirectory
option where inserted value in not relative to the latex document.