You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Path Traversal in simplehttpserver
Moderate severity
GitHub Reviewed
Published
Dec 6, 2018
to the GitHub Advisory Database
•
Updated Sep 12, 2023
All versions of
simplehttpserver
are vulnerable to Path Traversal.This vulnerability allows an attacker to access files outside the webroot since it allows symlink navigation in the URL.
Recommendation
No fix is currently available. Do not use
simplehttpserver
in production or consider using an alternative module until a fix is made available.References