While is_cgi carefully normalizes the path using _url_collapse_path, if it returns True, then run_cgi is called... which sort of starts out using the cgi_info created by is_cgi, but then compares and searches using the original self.path value instead.  This effectively bypasses both the normalization done by _url_collapse_path and the bugs and potential security problems that the normalization was intended to fix!

A simple cure is to replace the first two lines of run_cgi:

        path = self.path
        dir, rest = self.cgi_info

with:

        dir, rest = self.cgi_info
        path = '/'.join([ dir, rest ])

While this works, one might wonder why is_cgi splits the normalized path into two pieces to start with, if it gets recombined, and generally, dir and rest, although initialized from cgi_info, often get recalculated in the loop which immediately follows in run_cgi... more often than you might expect, if an unnormalized path is in the original request, but if the path comes in normalized (or the above fix is applied), and the CGI program actually resides directly in one of the cgi_directories directories (rather than below it), then the dir and rest calculated by is_cgi are actually used, and the loop performs only one half iteration.