VYPR

CWE-36

Absolute Path Traversal

BaseDraft

Description

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.

This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-597

CVEs mapped to this weakness (55)

page 3 of 3
  • CVE-2026-28414Feb 27, 2026
    risk 0.00cvss epss 0.03

    Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system.…

  • CVE-2025-68472Jan 12, 2026
    risk 0.00cvss epss 0.19

    MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing…

  • CVE-2025-53651Jul 9, 2025
    risk 0.00cvss epss 0.00

    Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the Publish HTML reports post-build step, exposing information about the Jenkins controller file system in the build log.

  • CVE-2024-10833Mar 20, 2025
    risk 0.00cvss epss 0.01

    eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This…

  • CVE-2024-6854Mar 20, 2025
    risk 0.00cvss epss 0.01

    In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server's file structure, thereby overwriting it. This vulnerability can be exploited to overwrite any file on the…

  • CVE-2024-10831Mar 20, 2025
    risk 0.00cvss epss 0.01

    In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and…

  • CVE-2024-8501Mar 20, 2025
    risk 0.00cvss epss 0.01

    An arbitrary file download vulnerability exists in the rpc_agent_client component of modelscope/agentscope version v0.0.4. This vulnerability allows any user to download any file from the rpc_agent's host by exploiting the download_file method. This can lead to unauthorized…

  • CVE-2024-47883Oct 24, 2024
    risk 0.00cvss epss 0.02

    The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resource files, like images or templates. This works: "opening a connection" to these…

  • CVE-2024-45290Oct 7, 2024
    risk 0.00cvss epss 0.01

    PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX file, PhpSpreadsheet retrieves the image size and type by reading the file…

  • CVE-2024-45291Oct 7, 2024
    risk 0.00cvss epss 0.01

    PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images has been enabled in HTML writer with `$writer->setEmbedImages(true);` those files…

  • CVE-2024-4881Jun 6, 2024
    risk 0.00cvss epss 0.01

    A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlier versions, but fixed in version 5.9.0. The vulnerability arises due to improper validation of file paths between Windows and Linux environments, allowing…

  • CVE-2023-5115Dec 18, 2023
    risk 0.00cvss epss 0.01

    An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.

  • CVE-2023-3765Jul 19, 2023
    risk 0.00cvss epss 0.71

    Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.

  • CVE-2023-1176Mar 24, 2023
    risk 0.00cvss epss 0.01

    Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.

  • CVE-2022-1554May 3, 2022
    risk 0.00cvss epss 0.01

    Path Traversal due to `send_file` call in GitHub repository clinical-genomics/scout prior to 4.52.