VYPR

CWE-23

Relative Path Traversal

BaseDraft

Description

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-139 · CAPEC-76

CVEs mapped to this weakness (193)

page 8 of 10
  • CVE-2026-25121Feb 4, 2026
    risk 0.00cvss epss 0.00

    apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package (e.g., via a…

  • CVE-2026-23890Jan 26, 2026
    risk 0.00cvss epss 0.00

    pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's bin linking allows malicious npm packages to create executable shims or symlinks outside of `node_modules/.bin`. Bin names starting with `@` bypass validation, and after scope…

  • CVE-2026-23888Jan 26, 2026
    risk 0.00cvss epss 0.00

    pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: (1) Malicious ZIP entries containing `../`…

  • CVE-2025-68472Jan 12, 2026
    risk 0.00cvss epss 0.19

    MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing…

  • CVE-2025-66626Dec 9, 2025
    risk 0.00cvss epss 0.01

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below and versions 3.7.0 through 3.7.4, contain unsafe untar code that handles symbolic links in archives. Concretely, the computation of a link's…

  • CVE-2025-64757Nov 19, 2025
    risk 0.00cvss epss 0.00

    Astro is a web framework. Prior to version 5.14.3, a vulnerability has been identified in the Astro framework's development server that allows arbitrary local file read access through the image optimization endpoint. The vulnerability affects Astro development environments and…

  • CVE-2025-62156Oct 14, 2025
    risk 0.00cvss epss 0.01

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions prior to 3.6.12 and versions 3.7.0 through 3.7.2 contain a Zip Slip path traversal vulnerability in artifact extraction. During artifact extraction the…

  • CVE-2025-59682Oct 1, 2025
    risk 0.00cvss epss 0.01

    An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths…

  • CVE-2025-58752Sep 8, 2025
    risk 0.00cvss epss 0.01

    Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML files on the machine were served regardless of the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or…

  • CVE-2025-55748Sep 3, 2025
    risk 0.00cvss epss 0.02

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-2 through 16.10.6, configuration files are accessible through jsx and sx endpoints. It's possible to access and read configuration files by using…

  • CVE-2025-55747Sep 3, 2025
    risk 0.00cvss epss 0.02

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 6.1-milestone-2 through 16.10.6, configuration files are accessible through the webjars API. This is fixed in version 16.10.7.

  • CVE-2025-55202Aug 29, 2025
    risk 0.00cvss epss 0.00

    Opencast is a free, open-source platform to support the management of educational audio and video content. In version 18.0 and versions before 17.7, the protections against path traversal attacks in the UI config module are insufficient, still partially allowing for attacks in…

  • CVE-2025-46002Jul 18, 2025
    risk 0.00cvss epss 0.02

    An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.

  • CVE-2025-44163Jun 27, 2025
    risk 0.00cvss epss 0.01

    RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/get_wgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the `entity` parameter to overwrite arbitrary files writable by the web server via abuse…

  • CVE-2025-48957Jun 2, 2025
    risk 0.00cvss epss 0.01

    AstrBot is a large language model chatbot and development framework. A path traversal vulnerability present in versions 3.4.4 through 3.5.12 may lead to information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. The vulnerability has…

  • CVE-2025-31493May 13, 2025
    risk 0.00cvss epss 0.00

    Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `collection()` helper or `$kirby->collection()` method with a dynamic collection name (such as a collection name that depends…

  • CVE-2025-30207May 13, 2025
    risk 0.00cvss epss 0.00

    Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby setups that use PHP's built-in server. Such setups are commonly only used during local development. Sites that use other server software (such…

  • CVE-2025-30159May 13, 2025
    risk 0.00cvss epss 0.01

    Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `snippet()` helper or `$kirby->snippet()` method with a dynamic snippet name (such as a snippet name that depends on request…

  • CVE-2025-32017Apr 8, 2025
    risk 0.00cvss epss 0.01

    Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is…

  • CVE-2025-27553Mar 23, 2025
    risk 0.00cvss epss 0.01

    Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is thrown if the resolved file is not a…