4 matches found
Fedora 39 : python-pyramid (2023-70baf5e2fe)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-70baf5e2fe advisory. - Update to 2.0.2 - Fixes CVE-2023-40587 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Fedora 38 : python-pyramid (2023-b213d84a16)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b213d84a16 advisory. - Update to 2.0.2 - Fixes CVE-2023-40587 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
CVE-2023-40587
Pyramid (Python web framework) versions 2.0.0–2.0.1 are affected by a directory-traversal vulnerability in a Pyramid static view that can disclose index.html located one directory above the static view path when accessed with Python 3.11. The issue stems from os.path.normpath behavior and affects...
CVE-2023-40587
Pyramid is an open source Python web framework. A path traversal vulnerability in Pyramid versions 2.0.0 and 2.0.1 impacts users of Python 3.11 that are using a Pyramid static view with a full filesystem path and have a index.html file that is located exactly one directory above the location of t...