VYPR

PyPI package

cherrypy

pkg:pypi/cherrypy

Vulnerabilities (2)

  • CVE-2008-0252Jan 12, 2008
    affected < 2.1.1fixed 2.1.1

    Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and pos

  • CVE-2006-0847Feb 22, 2006
    affected < 2.1.1fixed 2.1.1

    Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read arbitrary files via ".." sequences in unspecified vectors.