VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 59 of 275
  • CVE-2023-52288HigJan 13, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a GET request to a /resource-data/<file_path>.txt URI (from views.py), allows attackers to read arbitrary files.

  • CVE-2023-50449HigDec 10, 2023
    risk 0.49cvss 7.5epss 0.01

    JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter.

  • CVE-2023-49735HigNov 30, 2023
    risk 0.49cvss 7.5epss 0.01

    ** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key.…

  • CVE-2023-48848HigNov 28, 2023
    risk 0.49cvss 7.5epss 0.01

    An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path.

  • CVE-2023-6118HigNov 23, 2023
    risk 0.49cvss 7.5epss 0.01

    Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1.

  • CVE-2023-45823HigOct 19, 2023
    risk 0.49cvss 7.5epss 0.01

    Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which by using symbolic links in certain kinds of…

  • CVE-2023-45277HigOct 19, 2023
    risk 0.49cvss 7.5epss 0.01

    Yamcs 5.8.6 is vulnerable to directory traversal (issue 1 of 2). The vulnerability is in the storage functionality of the API and allows one to escape the base directory of the buckets, freely navigate system directories, and read arbitrary files.

  • CVE-2023-26152HigOct 3, 2023
    risk 0.49cvss 7.5epss 0.01

    All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.

  • CVE-2023-41578HigSep 8, 2023
    risk 0.49cvss 7.5epss 0.01

    Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.

  • CVE-2023-40826HigAug 28, 2023
    risk 0.49cvss 7.5epss 0.01

    An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter.

  • CVE-2023-39141HigAug 22, 2023
    risk 0.49cvss 7.5epss 0.03

    webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.

  • CVE-2023-39964HigAug 10, 2023
    risk 0.49cvss 7.5epss 0.01

    1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, arbitrary file reads allow an attacker to read arbitrary important configuration files on the server. In the `api/v1/file.go` file, there is a function called `LoadFromFile`,…

  • CVE-2023-38337HigJul 14, 2023
    risk 0.49cvss 7.5epss 0.01

    rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.

  • CVE-2023-35069HigJul 13, 2023
    risk 0.49cvss 7.5epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal. This issue affects Bullwark: before BLW-2016E-960H.

  • CVE-2023-26126HigMay 10, 2023
    risk 0.49cvss 7.5epss 0.01

    All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.

  • CVE-2023-25345HigMar 15, 2023
    risk 0.49cvss 7.5epss 0.01

    Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags.

  • CVE-2023-26111HigMar 6, 2023
    risk 0.49cvss 7.5epss 0.01

    All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function.

  • CVE-2022-47762HigFeb 3, 2023
    risk 0.49cvss 7.5epss 0.01

    In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.

  • CVE-2022-21192HigJan 26, 2023
    risk 0.49cvss 7.5epss 0.01

    All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join().

  • CVE-2022-47747HigJan 20, 2023
    risk 0.49cvss 7.5epss 0.01

    kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs.