VYPR
High severity8.3NVD Advisory· Published Aug 1, 2022· Updated Jun 17, 2026

CVE-2022-35920

CVE-2022-35920

Description

Sanic is an opensource python web server/framework. Affected versions of sanic allow access to lateral directories when using app.static if using encoded %2F URLs. Parent directory traversal is not impacted. Users are advised to upgrade. There is no known workaround for this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
sanicPyPI
>= 22.0.0, < 22.6.122.6.1
sanicPyPI
>= 21.0.0, < 21.12.221.12.2
sanicPyPI
< 20.12.720.12.7

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.