Every CVE whose affected-product data names Nette Latte, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-23803 — CVSS 9.8 (critical): This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the…
CVE-2022-21648 — CVSS 8.2 (high): Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has…