CVE-2022-35920 - OpenCVE

Sanic is an opensource python web server/framework. Affected versions of sanic allow access to lateral directories when using `app.static` if using encoded `%2F` URLs. Parent directory traversal is not impacted. Users are advised to upgrade. There is no known workaround for this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sanic Project	Sanic

Configuration 1 [-]

OR	cpe:2.3:a:sanic_project:sanic::::::::
	cpe:2.3:a:sanic_project:sanic::::::::
	cpe:2.3:a:sanic_project:sanic::::::::

No data.

References

Link	Providers
https://github.com/sanic-org/sanic/issues/2478
https://github.com/sanic-org/sanic/pull/2495
https://github.com/sanic-org/sanic/security/advisories/GHSA-8cw9-5hmv-77w6

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-08-01T21:35:27

Updated: 2024-08-03T09:51:58.602Z

Reserved: 2022-07-15T00:00:00

Link: CVE-2022-35920

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-01T22:15:10.347

Modified: 2022-08-10T15:16:29.100

Link: CVE-2022-35920

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "sanic", "vendor": "sanic-org", "versions": [{"status": "affected", "version": ">= 22.0.0, < 22.6.1"}, {"status": "affected", "version": ">= 21.0.0, < 21.12.2"}, {"status": "affected", "version": "< 20.12.7"}]}], "descriptions": [{"lang": "en", "value": "Sanic is an opensource python web server/framework. Affected versions of sanic allow access to lateral directories when using `app.static` if using encoded `%2F` URLs. Parent directory traversal is not impacted. Users are advised to upgrade. There is no known workaround for this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-01T21:35:27", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sanic-org/sanic/security/advisories/GHSA-8cw9-5hmv-77w6"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sanic-org/sanic/issues/2478"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sanic-org/sanic/pull/2495"}], "source": {"advisory": "GHSA-8cw9-5hmv-77w6", "discovery": "UNKNOWN"}, "title": "Improper Limitation of a Pathname to a Restricted Directory in sanic", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-35920", "STATE": "PUBLIC", "TITLE": "Improper Limitation of a Pathname to a Restricted Directory in sanic"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "sanic", "version": {"version_data": [{"version_value": ">= 22.0.0, < 22.6.1"}, {"version_value": ">= 21.0.0, < 21.12.2"}, {"version_value": "< 20.12.7"}]}}]}, "vendor_name": "sanic-org"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Sanic is an opensource python web server/framework. Affected versions of sanic allow access to lateral directories when using `app.static` if using encoded `%2F` URLs. Parent directory traversal is not impacted. Users are advised to upgrade. There is no known workaround for this issue."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/sanic-org/sanic/security/advisories/GHSA-8cw9-5hmv-77w6", "refsource": "CONFIRM", "url": "https://github.com/sanic-org/sanic/security/advisories/GHSA-8cw9-5hmv-77w6"}, {"name": "https://github.com/sanic-org/sanic/issues/2478", "refsource": "MISC", "url": "https://github.com/sanic-org/sanic/issues/2478"}, {"name": "https://github.com/sanic-org/sanic/pull/2495", "refsource": "MISC", "url": "https://github.com/sanic-org/sanic/pull/2495"}]}, "source": {"advisory": "GHSA-8cw9-5hmv-77w6", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:51:58.602Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/sanic-org/sanic/security/advisories/GHSA-8cw9-5hmv-77w6"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sanic-org/sanic/issues/2478"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sanic-org/sanic/pull/2495"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-35920", "datePublished": "2022-08-01T21:35:27", "dateReserved": "2022-07-15T00:00:00", "dateUpdated": "2024-08-03T09:51:58.602Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sanic_project:sanic:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC6FE6CB-23D5-45E1-A733-9F5B5C5FB93A", "versionEndExcluding": "20.12.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sanic_project:sanic:*:*:*:*:*:*:*:*", "matchCriteriaId": "3771039A-1DBB-45BB-8C01-14A5D00AAABB", "versionEndExcluding": "21.12.2", "versionStartIncluding": "21.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sanic_project:sanic:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBE7A183-7780-46EB-B96E-8881D7E47984", "versionEndExcluding": "22.6.1", "versionStartIncluding": "22.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Sanic is an opensource python web server/framework. Affected versions of sanic allow access to lateral directories when using `app.static` if using encoded `%2F` URLs. Parent directory traversal is not impacted. Users are advised to upgrade. There is no known workaround for this issue."}, {"lang": "es", "value": "Sanic es un servidor/marco web de c\u00f3digo abierto en python. Las versiones afectadas de sanic permiten el acceso a directorios laterales cuando es usado \"app.static\" si son usadas URLs codificadas \"%2F\". El acceso a los directorios principales no est\u00e1 afectado. Es recomendado a usuarios actualizar. No se presentan mitigaciones conocidas para este problema"}], "id": "CVE-2022-35920", "lastModified": "2022-08-10T15:16:29.100", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-08-01T22:15:10.347", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/sanic-org/sanic/issues/2478"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/sanic-org/sanic/pull/2495"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/sanic-org/sanic/security/advisories/GHSA-8cw9-5hmv-77w6"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}