Lucene search
GoogleOSV:DSA-1481-1HistoryFeb 05, 2008 - 12:00 a.m.
python-cherrypy - missing input sanitising
2008-02-0500:00:00
Google
osv.dev
8
EPSS
0.008
Percentile
81.5%
It was discovered that a directory traversal vulnerability in CherryPy,
a pythonic, object-oriented web development framework, may lead to denial
of service by deleting files through malicious session IDs in cookies.
The old stable distribution (sarge) doesn’t contain python-cherrypy.
For the stable distribution (etch), this problem has been fixed in
version 2.2.1-3etch1.
We recommend that you upgrade your python-cherrypy packages.
References
Related
gentoo
gentoo
CherryPy: Directory traversal vulnerability
2008-01-27 00:00:00
nessus
nessus
Debian DSA-1481-1 : python-cherrypy - missing input sanitising
2008-02-06 00:00:00
Fedora 7 : python-cherrypy-2.2.1-8.fc7 (2008-0333)
2008-01-07 00:00:00
Fedora 8 : python-cherrypy-2.2.1-8.fc8 (2008-0299)
2008-01-07 00:00:00
debiancve
debiancve
CVE-2008-0252
2008-01-12 02:46:00
prion
prion
Directory traversal
2008-01-12 02:46:00
redhatcve
redhatcve
CVE-2008-0252
2019-10-04 21:37:59
openvas
openvas
Fedora Update for python-cherrypy FEDORA-2008-0333
2009-02-17 00:00:00
Debian Security Advisory DSA 1481-1 (python-cherrypy)
2008-02-05 00:00:00
Gentoo Security Advisory GLSA 200801-11 (cherrypy)
2008-09-24 00:00:00
nvd
nvd
CVE-2008-0252
2008-01-12 02:46:00
securityvulns
securityvulns
rPSA-2008-0030-1 CherryPy
2008-01-25 00:00:00
ubuntucve
ubuntucve
CVE-2008-0252
2008-01-12 00:00:00
osv
osv
PYSEC-2008-3
2008-01-12 02:46:00
cvelist
cvelist
CVE-2008-0252
2008-01-12 02:00:00
cve
cve
CVE-2008-0252
2008-01-12 02:46:00
github
github
veracode
veracode
Directory Traversal
2024-04-30 10:09:36
debian
debian
[SECURITY] [DSA 1481-1] New python-cherrypy packages fix denial of service
2008-02-05 17:19:30