Lucene search
+L

4 matches found

osv
osv
added 2022/08/06 5:21 a.m.6 views

GHSA-8CW9-5HMV-77W6 sanic vulnerable to Path Traversal when using `app.static` if using encoded `%2F` URLs

Impact Access to lateral directories when using app.static if using encoded %2F URLs. Parent directory traversal is not impacted. Patches - v20.12.7 LTS - v21.12.2 LTS - v22.6.1 References https://github.com/sanic-org/sanic/issues/2478 https://github.com/sanic-org/sanic/pull/2495 For more...

8.3CVSS5.9AI score0.00919EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2022/08/01 12:0 a.m.9 views

PT-2022-23026

Name of the Vulnerable Software and Affected Versions Sanic versions prior to 20.12.7 Sanic versions prior to 21.12.2 Sanic versions prior to 22.6.1 Description The issue allows access to lateral directories when using app.static if using encoded %2F URLs. Parent directory traversal is not...

8.3CVSS7.1AI score0.00919EPSS
Exploits1References13
cnnvd
cnnvd
added 2022/08/01 12:0 a.m.4 views

Sanic 路径遍历漏洞

Sanic is a Python 3.7+ web server and web framework open sourced by the Sanic Community Organization. A path traversal vulnerability exists in versions of Sanic prior to 22.9, which stems from a failure to properly escape the %2F string. Affected versions of Sanic allow access to horizontal...

8.3CVSS7.4AI score0.00919EPSS
Exploits1References4
osv
osv
added 2021/04/09 1:15 p.m.5 views

CVE-2021-25328

Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service DoS or possible code execution on the device...

8.8CVSS7.9AI score0.03942EPSS
Exploits3References3
Rows per page
Query Builder