Mattia Verga

**Name of the Vulnerable Software and Affected Versions** Pyramid versions 2.0.0 through 2.0.1 **Description** A path traversal vulnerability impacts users of Python 3.11 that are using a Pyramid static view with a full filesystem path and have a `index.html` file located exactly one directory above the location of the static view's file system path. No further path traversal exists, and the only file that could be disclosed accidentally is `index.html`. The issue is related to the `os.path.normpath` function in Python 3.11, which truncates on the first `0x00` found. This behavior has been fixed in Python 3.12 and will be available in Python 3.11.5. **Recommendations** For Pyramid versions 2.0.0 and 2.0.1, use a version of Python 3 that is not affected, downgrade to Python 3.10 series temporarily, or wait until Python 3.11.5 is released and upgrade to the latest version of Python 3.11 series. As a temporary workaround, consider avoiding the use of null-bytes in directory and file names. Restrict access to the `index.html` file located above the static view's file system path to minimize the risk of exploitation.