CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 56 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-6118 | Hig | 0.49 | 7.5 | 0.01 | Nov 23, 2023 | Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1. | ||
| CVE-2023-45823 | Hig | 0.49 | 7.5 | 0.01 | Oct 19, 2023 | Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which by using symbolic links in certain kinds of… | ||
| CVE-2023-45277 | — | Hig | 0.49 | 7.5 | 0.01 | Oct 19, 2023 | Yamcs 5.8.6 is vulnerable to directory traversal (issue 1 of 2). The vulnerability is in the storage functionality of the API and allows one to escape the base directory of the buckets, freely navigate system directories, and read arbitrary files. | |
| CVE-2023-26152 | — | Hig | 0.49 | 7.5 | 0.01 | Oct 3, 2023 | All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js. | |
| CVE-2023-41578 | — | Hig | 0.49 | 7.5 | 0.01 | Sep 8, 2023 | Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection. | |
| CVE-2023-40826 | — | Hig | 0.49 | 7.5 | 0.01 | Aug 28, 2023 | An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter. | |
| CVE-2023-39141 | — | Hig | 0.49 | 7.5 | 0.03 | Aug 22, 2023 | webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability. | |
| CVE-2023-39964 | Hig | 0.49 | 7.5 | 0.01 | Aug 10, 2023 | 1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there is a function called `LoadFromFile`,… | ||
| CVE-2023-38337 | — | Hig | 0.49 | 7.5 | 0.01 | Jul 14, 2023 | rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project. | |
| CVE-2023-35069 | Hig | 0.49 | 7.5 | 0.01 | Jul 13, 2023 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal. This issue affects Bullwark: before BLW-2016E-960H. | ||
| CVE-2023-26126 | — | Hig | 0.49 | 7.5 | 0.01 | May 10, 2023 | All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function. | |
| CVE-2023-25345 | — | Hig | 0.49 | 7.5 | 0.01 | Mar 15, 2023 | Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags. | |
| CVE-2023-26111 | Hig | 0.49 | 7.5 | 0.01 | Mar 6, 2023 | All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function. | ||
| CVE-2022-47762 | — | Hig | 0.49 | 7.5 | 0.01 | Feb 3, 2023 | In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability. | |
| CVE-2022-21192 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2023 | All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join(). | |
| CVE-2022-47747 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 20, 2023 | kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs. | |
| CVE-2022-3693 | Hig | 0.49 | 7.5 | 0.01 | Jan 13, 2023 | Path Traversal vulnerability in Deytek Informatics FileOrbis File Management System allows Path Traversal. This issue affects FileOrbis File Management System: from unspecified before 10.6.3. | ||
| CVE-2022-25895 | — | Hig | 0.49 | 7.5 | 0.01 | Dec 21, 2022 | All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code. | |
| CVE-2022-25931 | — | Hig | 0.49 | 7.5 | 0.01 | Dec 20, 2022 | All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code. | |
| CVE-2022-25848 | — | Hig | 0.49 | 7.5 | 0.01 | Nov 29, 2022 | This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory. |
- risk 0.49cvss 7.5epss 0.01
Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1.
- risk 0.49cvss 7.5epss 0.01
Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which by using symbolic links in certain kinds of…
- risk 0.49cvss 7.5epss 0.01
Yamcs 5.8.6 is vulnerable to directory traversal (issue 1 of 2). The vulnerability is in the storage functionality of the API and allows one to escape the base directory of the buckets, freely navigate system directories, and read arbitrary files.
- risk 0.49cvss 7.5epss 0.01
All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.
- risk 0.49cvss 7.5epss 0.01
Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.
- risk 0.49cvss 7.5epss 0.01
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter.
- risk 0.49cvss 7.5epss 0.03
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
- risk 0.49cvss 7.5epss 0.01
1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there is a function called `LoadFromFile`,…
- risk 0.49cvss 7.5epss 0.01
rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.
- risk 0.49cvss 7.5epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal. This issue affects Bullwark: before BLW-2016E-960H.
- risk 0.49cvss 7.5epss 0.01
All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.
- risk 0.49cvss 7.5epss 0.01
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags.
- risk 0.49cvss 7.5epss 0.01
All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function.
- risk 0.49cvss 7.5epss 0.01
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
- risk 0.49cvss 7.5epss 0.01
All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join().
- risk 0.49cvss 7.5epss 0.01
kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs.
- risk 0.49cvss 7.5epss 0.01
Path Traversal vulnerability in Deytek Informatics FileOrbis File Management System allows Path Traversal. This issue affects FileOrbis File Management System: from unspecified before 10.6.3.
- risk 0.49cvss 7.5epss 0.01
All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
- risk 0.49cvss 7.5epss 0.01
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
- risk 0.49cvss 7.5epss 0.01
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.