VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 90 of 275
  • CVE-2025-47415MedSep 9, 2025
    risk 0.44cvss epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CRESTRON TOUCHSCREENS x70 allows Relative Path Traversal.This issue affects TOUCHSCREENS x70: from 3.000.0110.001 before 3.001.0031.001. Confirmed Affected…

  • CVE-2025-49303MedJul 4, 2025
    risk 0.44cvss 6.8epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Path Traversal.This issue affects Frontend Admin by DynamiApps: from n/a through <= 3.28.7.

  • CVE-2025-47511MedJun 9, 2025
    risk 0.44cvss 6.8epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Path Traversal.This issue affects Welcart e-Commerce: from n/a through <= 2.11.13.

  • CVE-2024-47464MedNov 5, 2024
    risk 0.44cvss 6.8epss 0.01

    An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows an attacker to copy arbitrary files to a user readable location from the command line interface of the underlying operating system, which could…

  • CVE-2024-9675HigOct 9, 2024
    risk 0.44cvss 7.8epss 0.00

    A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as…

  • CVE-2024-42471HigSep 2, 2024
    risk 0.44cvss 7.3epss 0.03

    actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal` for extracting…

  • CVE-2024-39406MedAug 14, 2024
    risk 0.44cvss 6.8epss 0.01

    Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this…

  • CVE-2023-24379MedMay 17, 2024
    risk 0.44cvss 6.8epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Web-Settler Landing Page Builder – Free Landing Page Templates allows Path Traversal.This issue affects Landing Page Builder – Free Landing Page Templates: from n/a through…

  • CVE-2023-50885MedApr 18, 2024
    risk 0.44cvss 6.8epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AGILELOGIX Store Locator WordPress.This issue affects Store Locator WordPress: from n/a through 1.4.14.

  • CVE-2023-24416MedFeb 23, 2024
    risk 0.44cvss 6.8epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arne Franken All In One Favicon.This issue affects All In One Favicon: from n/a through 4.7.

  • CVE-2023-39584HigSep 8, 2023
    risk 0.44cvss 7.5epss 0.32

    Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability.

  • CVE-2023-39139HigAug 30, 2023
    risk 0.44cvss 7.8epss 0.00

    An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.

  • CVE-2023-25307HigJun 26, 2023
    risk 0.44cvss 7.8epss 0.01

    nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal.

  • CVE-2022-31159HigJul 15, 2022
    risk 0.44cvss 7.9epss 0.01

    The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK…

  • CVE-2022-24731MedMar 23, 2022
    risk 0.44cvss 6.8epss 0.01

    Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.5.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal vulnerability, allowing a malicious user with read/write access to leak sensitive files…

  • CVE-2021-42771HigOct 20, 2021
    risk 0.44cvss 7.8epss 0.01

    Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

  • CVE-2021-41103HigOct 4, 2021
    risk 0.44cvss 7.8epss 0.00

    containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to…

  • CVE-2020-28337HigFeb 15, 2021
    risk 0.44cvss 7.2epss 0.17

    A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulnerability, an attacker must have the credentials of an administrative user, upload…

  • CVE-2020-14366MedNov 9, 2020
    risk 0.44cvss 6.8epss 0.01

    A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw

  • CVE-2018-10917MedAug 15, 2018
    risk 0.44cvss 6.8epss 0.01

    pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories.