CVE-2021-32061
pypi/S3Scanner
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
S3Scanner allows Directory Traversal via a crafted bucket, as demonstrated by a <Key>../
substring in a ListBucketResult element.
All versions before 2.0.2
Upgrade to version 2.0.2 or above.
2021-12-01
source |