CVE-2008-0252

🗓️ 12 Jan 2008 02:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 70 Views

CVE-2008-0252 Directory traversal vulnerability in CherryPy 3.0.

Reporter	Title	Published	Views	Family All 30
Cvelist	CVE-2008-0252	12 Jan 200802:00	–	cvelist
Debian	[SECURITY] [DSA 1481-1] New python-cherrypy packages fix denial of service	5 Feb 200817:19	–	debian
Debian CVE	CVE-2008-0252	12 Jan 200802:00	–	debiancve
Tenable Nessus	Debian DSA-1481-1 : python-cherrypy - missing input sanitising	6 Feb 200800:00	–	nessus
Tenable Nessus	Fedora 8 : python-cherrypy-2.2.1-8.fc8 (2008-0299)	7 Jan 200800:00	–	nessus
Tenable Nessus	Fedora 7 : python-cherrypy-2.2.1-8.fc7 (2008-0333)	7 Jan 200800:00	–	nessus
Tenable Nessus	GLSA-200801-11 : CherryPy: Directory traversal vulnerability	29 Jan 200800:00	–	nessus
EUVD	EUVD-2008-0001	7 Oct 202500:30	–	euvd
Github Security Blog	CherryPy Malicious cookies allow access to files outside the session directory	1 May 202223:28	–	github
Gentoo Linux	CherryPy: Directory traversal vulnerability	27 Jan 200800:00	–	gentoo

NVD

Node

cherrypy cherrypyRange≤2.1.0

OR

cherrypy cherrypyRange≤3.0.2

Source	Link
secunia	www.secunia.com/advisories/28620
securityfocus	www.securityfocus.com/bid/27181
cherrypy	www.cherrypy.org/changeset/1774
cherrypy	www.cherrypy.org/ticket/744
secunia	www.secunia.com/advisories/28354
bugs	www.bugs.gentoo.org/show_bug.cgi
security	www.security.gentoo.org/glsa/glsa-200801-11.xml
cherrypy	www.cherrypy.org/changeset/1775
cherrypy	www.cherrypy.org/changeset/1776
securityfocus	www.securityfocus.com/archive/1/487001/100/0/threaded

23 Apr 2026 00:35Current

6.4Medium risk

Vulners AI Score6.4

CVSS 27.5

EPSS0.02922

cve-2008-0252 directory traversal cherrypy vulnerability remote attack