Preface: The lexer creates tokens (see TokenType and Token) from an input string. The input string is expected to be in infix notation form. The lexer can convert an infix stream into a postfix stream (Reverse Polish Notation) for further processing by a Parser.
Background: Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance.
Why template is used in Python? Template Method is a behavioral design pattern that allows you to defines a skeleton of an algorithm in a base class and let subclasses override the steps without changing the overall algorithm’s structure.
Vulnerability details: Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2258 advisory.
Official announcement:For details, please refer to the link – https://errata.almalinux.org/9/ALSA-2023-2258.html