CWE-29
Path Traversal: '\..\filename'
Description
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (41)
page 2 of 3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-8859 | 0.00 | — | 0.03 | Mar 20, 2025 | A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is… | |||
| CVE-2024-7774 | 0.00 | — | 0.01 | Oct 29, 2024 | A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete files. The vulnerability is… | |||
| CVE-2024-21518 | 0.00 | — | 0.14 | Jun 22, 2024 | This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary… | |||
| CVE-2024-3429 | — | 0.00 | — | 0.28 | Jun 6, 2024 | A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lollms\security.py`. This vulnerability allows for arbitrary file reading when the application is running… | ||
| CVE-2024-2928 | 0.00 | — | 0.22 | Jun 6, 2024 | A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as… | |||
| CVE-2024-3848 | 0.00 | — | 0.43 | May 16, 2024 | A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the… | |||
| CVE-2024-1561 | 0.00 | — | 0.09 | Apr 16, 2024 | An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block`… | |||
| CVE-2024-2083 | 0.00 | — | 0.39 | Apr 16, 2024 | A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access… | |||
| CVE-2024-3573 | 0.00 | — | 0.01 | Apr 16, 2024 | mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file'… | |||
| CVE-2023-6977 | 0.00 | — | 0.04 | Dec 20, 2023 | This vulnerability enables malicious users to read sensitive files on the server. | |||
| CVE-2023-6975 | 0.00 | — | 0.02 | Dec 20, 2023 | A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information. | |||
| CVE-2023-6909 | 0.00 | — | 0.90 | Dec 18, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. | |||
| CVE-2023-6831 | 0.00 | — | 0.03 | Dec 15, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. | |||
| CVE-2023-2984 | 0.00 | — | 0.01 | May 30, 2023 | Path Traversal: '\..\filename' in GitHub repository pimcore/pimcore prior to 10.5.22. | |||
| CVE-2023-2780 | 0.00 | — | 0.06 | May 17, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. | |||
| CVE-2023-1177 | 0.00 | — | 0.69 | Mar 24, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. | |||
| CVE-2023-0316 | 0.00 | — | 0.01 | Jan 16, 2023 | Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0. | |||
| CVE-2022-25842 | — | 0.00 | — | 0.04 | May 1, 2022 | All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). The attacker can overwrite executable… | ||
| CVE-2021-23484 | — | 0.00 | — | 0.02 | Jan 28, 2022 | The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory. | ||
| CVE-2021-23391 | — | 0.00 | — | 0.00 | Jun 7, 2021 | This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality. |
- CVE-2024-8859Mar 20, 2025risk 0.00cvss —epss 0.03
A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is…
- CVE-2024-7774Oct 29, 2024risk 0.00cvss —epss 0.01
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete files. The vulnerability is…
- CVE-2024-21518Jun 22, 2024risk 0.00cvss —epss 0.14
This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary…
- CVE-2024-3429Jun 6, 2024risk 0.00cvss —epss 0.28
A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lollms\security.py`. This vulnerability allows for arbitrary file reading when the application is running…
- CVE-2024-2928Jun 6, 2024risk 0.00cvss —epss 0.22
A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as…
- CVE-2024-3848May 16, 2024risk 0.00cvss —epss 0.43
A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the…
- CVE-2024-1561Apr 16, 2024risk 0.00cvss —epss 0.09
An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block`…
- CVE-2024-2083Apr 16, 2024risk 0.00cvss —epss 0.39
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access…
- CVE-2024-3573Apr 16, 2024risk 0.00cvss —epss 0.01
mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file'…
- CVE-2023-6977Dec 20, 2023risk 0.00cvss —epss 0.04
This vulnerability enables malicious users to read sensitive files on the server.
- CVE-2023-6975Dec 20, 2023risk 0.00cvss —epss 0.02
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.
- CVE-2023-6909Dec 18, 2023risk 0.00cvss —epss 0.90
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
- CVE-2023-6831Dec 15, 2023risk 0.00cvss —epss 0.03
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
- CVE-2023-2984May 30, 2023risk 0.00cvss —epss 0.01
Path Traversal: '\..\filename' in GitHub repository pimcore/pimcore prior to 10.5.22.
- CVE-2023-2780May 17, 2023risk 0.00cvss —epss 0.06
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.
- CVE-2023-1177Mar 24, 2023risk 0.00cvss —epss 0.69
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
- CVE-2023-0316Jan 16, 2023risk 0.00cvss —epss 0.01
Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.
- CVE-2022-25842May 1, 2022risk 0.00cvss —epss 0.04
All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). The attacker can overwrite executable…
- CVE-2021-23484Jan 28, 2022risk 0.00cvss —epss 0.02
The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory.
- CVE-2021-23391Jun 7, 2021risk 0.00cvss —epss 0.00
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.