sanic@20.12.6 vulnerabilities

A web server and web framework that's written to go fast. Build fast. Run fast.

Direct Vulnerabilities

Known vulnerabilities in the sanic package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization in the static handler. This vulnerability allows a malicious user to escape outside the static folder by using ..%2F, where %2F is the URL-escaped version of /.

How to fix Directory Traversal?

Upgrade sanic to version 22.6.1, 21.12.2, 20.12.7 or higher.

[22.6.0,22.6.1) [21.12.0,21.12.2) [20.12.0,20.12.7)