Name of the Vulnerable Software and Affected Versions Python versions prior to 3.3.5

Description The issue is related to a directory traversal vulnerability with http.server and SimpleHTTPServer on Windows, which is a regression of Python 3.3.5. The Python issue was reported on 2016-03-14.

Recommendations For versions prior to 3.3.5, consider disabling the http.server and SimpleHTTPServer modules until a patch is available. Restrict access to these modules to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.