2 matches found
GHSA-8CW9-5HMV-77W6 sanic vulnerable to Path Traversal when using `app.static` if using encoded `%2F` URLs
Impact Access to lateral directories when using app.static if using encoded %2F URLs. Parent directory traversal is not impacted. Patches - v20.12.7 LTS - v21.12.2 LTS - v22.6.1 References https://github.com/sanic-org/sanic/issues/2478 https://github.com/sanic-org/sanic/pull/2495 For more...
PT-2022-23026
Name of the Vulnerable Software and Affected Versions Sanic versions prior to 20.12.7 Sanic versions prior to 21.12.2 Sanic versions prior to 22.6.1 Description The issue allows access to lateral directories when using app.static if using encoded %2F URLs. Parent directory traversal is not...