7 matches found
rsanic (>=0.1.1 <=0.4.0), sanic-cors (>=0.4.1 <=0.4.1.4) +1 more potentially affected by CVE-2017-16762 via sanic (>=0.3.1 <=0.5.0)
sanic PYPI version =0.3.1, =0.1.1, =0.4.1, =0.5.0, =0.5.0.1 Source cves: CVE-2017-16762 Source advisory: OSV:GHSA-MPMF-HR8P-P49G...
Fedora 27 : python-sanic (2017-c15b709e32)
Update to 0.6.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora Update for python-sanic FEDORA-2017-c15b709e32
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-sanic FEDORA-2017-5808f488a5
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-16762
Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring...
CVE-2017-16762
Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring...
CVE-2017-16762
Affected software: Sanic before 0.5.1. Vulnerability: directory traversal that allows reading arbitrary files (demonstrated via /static/..%2f). Root cause: improper handling/normalization of the static file path. Impact: potential partial confidentiality compromise. Remediation: upgrade to Sanic ...