CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 90 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-47415 | Med | 0.44 | — | 0.00 | Sep 9, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CRESTRON TOUCHSCREENS x70 allows Relative Path Traversal.This issue affects TOUCHSCREENS x70: from 3.000.0110.001 before 3.001.0031.001. Confirmed Affected… | ||
| CVE-2025-49303 | Med | 0.44 | 6.8 | 0.00 | Jul 4, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Path Traversal.This issue affects Frontend Admin by DynamiApps: from n/a through <= 3.28.7. | ||
| CVE-2025-47511 | Med | 0.44 | 6.8 | 0.00 | Jun 9, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Path Traversal.This issue affects Welcart e-Commerce: from n/a through <= 2.11.13. | ||
| CVE-2024-47464 | Med | 0.44 | 6.8 | 0.01 | Nov 5, 2024 | An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows an attacker to copy arbitrary files to a user readable location from the command line interface of the underlying operating system, which could… | ||
| CVE-2024-9675 | Hig | 0.44 | 7.8 | 0.00 | Oct 9, 2024 | A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as… | ||
| CVE-2024-42471 | Hig | 0.44 | 7.3 | 0.03 | Sep 2, 2024 | actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal` for extracting… | ||
| CVE-2024-39406 | Med | 0.44 | 6.8 | 0.01 | Aug 14, 2024 | Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this… | ||
| CVE-2023-24379 | Med | 0.44 | 6.8 | 0.01 | May 17, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Web-Settler Landing Page Builder – Free Landing Page Templates allows Path Traversal.This issue affects Landing Page Builder – Free Landing Page Templates: from n/a through… | ||
| CVE-2023-50885 | Med | 0.44 | 6.8 | 0.01 | Apr 18, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AGILELOGIX Store Locator WordPress.This issue affects Store Locator WordPress: from n/a through 1.4.14. | ||
| CVE-2023-24416 | Med | 0.44 | 6.8 | 0.01 | Feb 23, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arne Franken All In One Favicon.This issue affects All In One Favicon: from n/a through 4.7. | ||
| CVE-2023-39584 | — | Hig | 0.44 | 7.5 | 0.32 | Sep 8, 2023 | Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability. | |
| CVE-2023-39139 | — | Hig | 0.44 | 7.8 | 0.00 | Aug 30, 2023 | An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file. | |
| CVE-2023-25307 | — | Hig | 0.44 | 7.8 | 0.01 | Jun 26, 2023 | nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal. | |
| CVE-2022-31159 | Hig | 0.44 | 7.9 | 0.01 | Jul 15, 2022 | The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK… | ||
| CVE-2022-24731 | Med | 0.44 | 6.8 | 0.01 | Mar 23, 2022 | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.5.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal vulnerability, allowing a malicious user with read/write access to leak sensitive files… | ||
| CVE-2021-42771 | — | Hig | 0.44 | 7.8 | 0.01 | Oct 20, 2021 | Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution. | |
| CVE-2021-41103 | Hig | 0.44 | 7.8 | 0.00 | Oct 4, 2021 | containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to… | ||
| CVE-2020-28337 | — | Hig | 0.44 | 7.2 | 0.17 | Feb 15, 2021 | A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload… | |
| CVE-2020-14366 | Med | 0.44 | 6.8 | 0.01 | Nov 9, 2020 | A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw | ||
| CVE-2018-10917 | — | Med | 0.44 | 6.8 | 0.01 | Aug 15, 2018 | pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories. |
- risk 0.44cvss —epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CRESTRON TOUCHSCREENS x70 allows Relative Path Traversal.This issue affects TOUCHSCREENS x70: from 3.000.0110.001 before 3.001.0031.001. Confirmed Affected…
- risk 0.44cvss 6.8epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Path Traversal.This issue affects Frontend Admin by DynamiApps: from n/a through <= 3.28.7.
- risk 0.44cvss 6.8epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Path Traversal.This issue affects Welcart e-Commerce: from n/a through <= 2.11.13.
- risk 0.44cvss 6.8epss 0.01
An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows an attacker to copy arbitrary files to a user readable location from the command line interface of the underlying operating system, which could…
- risk 0.44cvss 7.8epss 0.00
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as…
- risk 0.44cvss 7.3epss 0.03
actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal` for extracting…
- risk 0.44cvss 6.8epss 0.01
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this…
- risk 0.44cvss 6.8epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Web-Settler Landing Page Builder – Free Landing Page Templates allows Path Traversal.This issue affects Landing Page Builder – Free Landing Page Templates: from n/a through…
- risk 0.44cvss 6.8epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AGILELOGIX Store Locator WordPress.This issue affects Store Locator WordPress: from n/a through 1.4.14.
- risk 0.44cvss 6.8epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arne Franken All In One Favicon.This issue affects All In One Favicon: from n/a through 4.7.
- risk 0.44cvss 7.5epss 0.32
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability.
- risk 0.44cvss 7.8epss 0.00
An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.
- risk 0.44cvss 7.8epss 0.01
nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal.
- risk 0.44cvss 7.9epss 0.01
The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK…
- risk 0.44cvss 6.8epss 0.01
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.5.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal vulnerability, allowing a malicious user with read/write access to leak sensitive files…
- risk 0.44cvss 7.8epss 0.01
Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
- risk 0.44cvss 7.8epss 0.00
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to…
- risk 0.44cvss 7.2epss 0.17
A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload…
- risk 0.44cvss 6.8epss 0.01
A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw
- risk 0.44cvss 6.8epss 0.01
pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories.