1.3.12

Latest

Latest

sqla-tester released this 28 Apr 19:01

· 1 commit to main since this release

d4d1639

1.3.12

Released: Tue Apr 28 2026

bug

[bug] [template] Fixed issue in TemplateLookup where a URI with backslash path
separators (e.g. \..\secret.txt) could bypass the directory traversal
check on Windows, allowing reads of arbitrary files outside of the template
directory. Backslash characters in URIs are now normalized to forward
slashes before path resolution.

References: #435

Assets 2