CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Sanic Project: >> Sanic >> 19.3 Security Vulnerabilities

CVE-2022-35920

Sanic is an opensource python web server/framework. Affected versions of sanic allow access to lateral directories when using `app.static` if using encoded `%2F` URLs. Parent directory traversal is not impacted. Users are advised to upgrade. There is no known workaround for this issue.

CVSS Score

8.3

EPSS Score

0.003

Published

2022-08-01

Page 1

Vulnerabilities

Vulnerable Software

Sanic Project: >> Sanic >> 19.3 Security Vulnerabilities

Products

Pricing

Contact Us