Path Traversal in simplehttpserver
High severity
GitHub Reviewed
Published
Feb 7, 2019
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Description
Published to the GitHub Advisory Database
Feb 7, 2019
Reviewed
Jun 16, 2020
Last updated
Jan 9, 2023
Versions of
simplehttpserverprior to 0.2.1 are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths.Recommendation
Upgrade to version 0.2.1 or later.
References