Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read arbitrary files via .. sequences in unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cherrypy | Cherrypy | 0.9_rc1 | 0.9_rc1 |
Cherrypy | Cherrypy | 0.2 | 0.2 |
Cherrypy | Cherrypy | 2.0.0 | 2.0.0 |
Cherrypy | Cherrypy | 2.1.0 | 2.1.0 |
Cherrypy | Cherrypy | 0.10_beta | 0.10_beta |
Cherrypy | Cherrypy | 0.10_rc1 | 0.10_rc1 |
Cherrypy | Cherrypy | 0.9 | 0.9 |
Cherrypy | Cherrypy | 0.7 | 0.7 |
Cherrypy | Cherrypy | 0.9_gamma | 0.9_gamma |
Cherrypy | Cherrypy | 2.1.0_beta | 2.1.0_beta |
Cherrypy | Cherrypy | 0.6 | 0.6 |
Cherrypy | Cherrypy | 0.3 | 0.3 |
Cherrypy | Cherrypy | 0.5 | 0.5 |
Cherrypy | Cherrypy | 0.8 | 0.8 |
Cherrypy | Cherrypy | 0.9_beta | 0.9_beta |
Cherrypy | Cherrypy | 2.0.0a1 | 2.0.0a1 |
Cherrypy | Cherrypy | 2.1.0_rc1 | 2.1.0_rc1 |
Cherrypy | Cherrypy | 0.10 | 0.10 |
Cherrypy | Cherrypy | 0.8_beta | 0.8_beta |
Cherrypy | Cherrypy | 0.1 | 0.1 |
Cherrypy | Cherrypy | 0.4 | 0.4 |
Cherrypy | Cherrypy | 2.1.0_rc2 | 2.1.0_rc2 |