CWE-29
AllowedPath Traversal: '\..\filename'
Abstraction: Variant · Status: Incomplete
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.
127 vulnerabilities reference this CWE, most recent first.
GHSA-JXCC-G75X-QGW9
Vulnerability from github – Published: 2021-06-08 18:47 – Updated: 2023-09-07 20:15This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "calipso"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.3.54"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-23391"
],
"database_specific": {
"cwe_ids": [
"CWE-29",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2021-06-08T16:15:33Z",
"nvd_published_at": "2021-06-07T21:15:00Z",
"severity": "HIGH"
},
"details": "This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.",
"id": "GHSA-jxcc-g75x-qgw9",
"modified": "2023-09-07T20:15:39Z",
"published": "2021-06-08T18:47:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23391"
},
{
"type": "WEB",
"url": "https://github.com/cliftonc/calipso"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JS-CALIPSO-1300555"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Calipso Arbitrary File Write via Archive Extraction (Zip Slip)"
}
GHSA-M7QG-V9RW-76M9
Vulnerability from github – Published: 2024-05-16 09:33 – Updated: 2024-05-16 09:33A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due to insufficient sanitization of user-supplied input in the configuration settings, specifically within the 'extensions' parameter. Attackers can exploit this by crafting a payload that includes relative path traversal sequences ('../../../'), enabling them to navigate to arbitrary directories. This flaw subsequently allows the server to load and execute a malicious 'init.py' file, leading to remote code execution. The issue affects the latest version of parisneo/lollms-webui.
{
"affected": [],
"aliases": [
"CVE-2024-2358"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-16T09:15:09Z",
"severity": "CRITICAL"
},
"details": "A path traversal vulnerability in the \u0027/apply_settings\u0027 endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due to insufficient sanitization of user-supplied input in the configuration settings, specifically within the \u0027extensions\u0027 parameter. Attackers can exploit this by crafting a payload that includes relative path traversal sequences (\u0027../../../\u0027), enabling them to navigate to arbitrary directories. This flaw subsequently allows the server to load and execute a malicious \u0027__init__.py\u0027 file, leading to remote code execution. The issue affects the latest version of parisneo/lollms-webui.",
"id": "GHSA-m7qg-v9rw-76m9",
"modified": "2024-05-16T09:33:07Z",
"published": "2024-05-16T09:33:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2358"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/b2771df3-be50-45bd-93c4-0974ce38bc22"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-M7R8-2R98-VPPJ
Vulnerability from github – Published: 2024-06-22 06:30 – Updated: 2024-07-05 17:40This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An attacker can create arbitrary files in the web root of the application and overwrite other existing files by exploiting this vulnerability.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "opencart/opencart"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-21518"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-29"
],
"github_reviewed": true,
"github_reviewed_at": "2024-06-24T20:39:16Z",
"nvd_published_at": "2024-06-22T05:15:11Z",
"severity": "HIGH"
},
"details": "This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An attacker can create arbitrary files in the web root of the application and overwrite other existing files by exploiting this vulnerability. ",
"id": "GHSA-m7r8-2r98-vppj",
"modified": "2024-07-05T17:40:18Z",
"published": "2024-06-22T06:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21518"
},
{
"type": "PACKAGE",
"url": "https://github.com/opencart/opencart"
},
{
"type": "WEB",
"url": "https://github.com/opencart/opencart/blob/04c1724370ab02967d3b4f668c1b67771ecf1ff4/upload/admin/controller/marketplace/installer.php%23L383C1-L383C1"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266578"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Zip slip in opencart"
}
GHSA-MQ2P-W6P2-6MRV
Vulnerability from github – Published: 2026-02-09 06:30 – Updated: 2026-03-06 21:30A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server.
The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
{
"affected": [],
"aliases": [
"CVE-2025-66608"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-09T04:15:50Z",
"severity": "HIGH"
},
"details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nThis product does not\nproperly validate URLs. An attacker could send specially crafted requests to\nsteal files from the web server.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
"id": "GHSA-mq2p-w6p2-6mrv",
"modified": "2026-03-06T21:30:30Z",
"published": "2026-02-09T06:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66608"
},
{
"type": "WEB",
"url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-MQ4W-5HP5-6G52
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 12:32A vulnerability in danny-avila/librechat version git 81f2936 allows for path traversal due to improper sanitization of file paths by the multer middleware. This can lead to arbitrary file write and potentially remote code execution. The issue is fixed in version 0.7.6.
{
"affected": [],
"aliases": [
"CVE-2024-11170"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T10:15:24Z",
"severity": "HIGH"
},
"details": "A vulnerability in danny-avila/librechat version git 81f2936 allows for path traversal due to improper sanitization of file paths by the multer middleware. This can lead to arbitrary file write and potentially remote code execution. The issue is fixed in version 0.7.6.",
"id": "GHSA-mq4w-5hp5-6g52",
"modified": "2025-03-20T12:32:41Z",
"published": "2025-03-20T12:32:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11170"
},
{
"type": "WEB",
"url": "https://github.com/danny-avila/librechat/commit/629be5c0ca2b332178524b4e3f6fac715aea8cc4"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/b64156c2-5380-4d4d-af30-b2938dcdd46e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MQP7-6VH9-99R6
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 12:32A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041 allows for path traversal, leading to arbitrary file read and write in the storage directory. This can result in privilege escalation from manager to admin. The issue is fixed in version 1.2.2.
{
"affected": [],
"aliases": [
"CVE-2024-8248"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T10:15:41Z",
"severity": "HIGH"
},
"details": "A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041 allows for path traversal, leading to arbitrary file read and write in the storage directory. This can result in privilege escalation from manager to admin. The issue is fixed in version 1.2.2.",
"id": "GHSA-mqp7-6vh9-99r6",
"modified": "2025-03-20T12:32:48Z",
"published": "2025-03-20T12:32:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8248"
},
{
"type": "WEB",
"url": "https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/7d6c3b7a-1116-450d-b539-9c911a97537e"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-MVRM-FH8Q-6WR2
Vulnerability from github – Published: 2024-06-22 18:30 – Updated: 2024-06-24 21:22CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the ExtensionBuilder().build_extension() function. The vulnerability arises from the /mount_extension endpoint, where a path traversal issue allows attackers to navigate beyond the intended directory structure. This is facilitated by the data.category and data.folder parameters accepting empty strings (""), which, due to inadequate input sanitization, can lead to the construction of a package_path that points to the root directory. Consequently, if an attacker can create a config.yaml file in a controllable path, this path can be appended to the extensions list and trigger the execution of __init__.py in the current directory, leading to remote code execution. The vulnerability affects versions from 5.9.0, and has been addressed in version 9.5.1.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "lollms"
},
"ranges": [
{
"events": [
{
"introduced": "5.9.0"
},
{
"fixed": "9.5.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-5443"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": true,
"github_reviewed_at": "2024-06-24T21:22:50Z",
"nvd_published_at": "2024-06-22T17:15:34Z",
"severity": "CRITICAL"
},
"details": "CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().build_extension()` function. The vulnerability arises from the `/mount_extension` endpoint, where a path traversal issue allows attackers to navigate beyond the intended directory structure. This is facilitated by the `data.category` and `data.folder` parameters accepting empty strings (`\"\"`), which, due to inadequate input sanitization, can lead to the construction of a `package_path` that points to the root directory. Consequently, if an attacker can create a `config.yaml` file in a controllable path, this path can be appended to the `extensions` list and trigger the execution of `__init__.py` in the current directory, leading to remote code execution. The vulnerability affects versions from 5.9.0, and has been addressed in version 9.5.1.",
"id": "GHSA-mvrm-fh8q-6wr2",
"modified": "2024-06-24T21:22:51Z",
"published": "2024-06-22T18:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5443"
},
{
"type": "WEB",
"url": "https://github.com/parisneo/lollms/commit/2d0c4e76be93195836ecd0948027e791b8a2626f"
},
{
"type": "PACKAGE",
"url": "https://github.com/ParisNeo/lollms"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/db52848a-4dbe-4110-a981-03739834bf45"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Remote Code Execution via path traversal bypass in lollms"
}
GHSA-P4VX-W5Q8-CQ9J
Vulnerability from github – Published: 2024-06-23 15:30 – Updated: 2024-06-23 15:30A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode' function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. By exploiting this vulnerability, an attacker can predict the folders, subfolders, and files present on the victim's computer. The vulnerability is present in the way the application handles the 'path' parameter in HTTP requests to the '/add_reference_to_local_model' endpoint.
{
"affected": [],
"aliases": [
"CVE-2024-4841"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-23T15:15:09Z",
"severity": "MODERATE"
},
"details": "A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the \u0027add_reference_to_local_mode\u0027 function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. By exploiting this vulnerability, an attacker can predict the folders, subfolders, and files present on the victim\u0027s computer. The vulnerability is present in the way the application handles the \u0027path\u0027 parameter in HTTP requests to the \u0027/add_reference_to_local_model\u0027 endpoint.",
"id": "GHSA-p4vx-w5q8-cq9j",
"modified": "2024-06-23T15:30:37Z",
"published": "2024-06-23T15:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4841"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/740dda3e-7104-4ccf-9ac4-8870e4d6d602"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PGFV-GVC5-PRFG
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 20:35A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. This vulnerability allows an attacker to control the format of the audio file, leading to arbitrary file content deletion. By manipulating the output format, an attacker can reset any file to an empty file, causing a denial of service (DOS) on the server.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "gradio"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"last_affected": "5.0.0b2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-10648"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-20T20:35:16Z",
"nvd_published_at": "2025-03-20T10:15:18Z",
"severity": "HIGH"
},
"details": "A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. This vulnerability allows an attacker to control the format of the audio file, leading to arbitrary file content deletion. By manipulating the output format, an attacker can reset any file to an empty file, causing a denial of service (DOS) on the server.",
"id": "GHSA-pgfv-gvc5-prfg",
"modified": "2025-03-20T20:35:17Z",
"published": "2025-03-20T12:32:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10648"
},
{
"type": "PACKAGE",
"url": "https://github.com/gradio-app/gradio"
},
{
"type": "WEB",
"url": "https://github.com/gradio-app/gradio/blame/98cbcaef827de7267462ccba180c7b2ffb1e825d/gradio/processing_utils.py#L234"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/667d664d-8189-458c-8ed7-483fe8f33c76"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
],
"summary": "Gradio Vulnerable to Arbitrary File Deletion"
}
GHSA-Q6GG-J289-2HM4
Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 12:32An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the load_credentials method, where user-controlled input for realm_name and zuliprc_content is used to construct file paths and write file contents. This allows attackers to overwrite or create arbitrary files if a zuliprc- directory already exists in the temporary directory.
{
"affected": [],
"aliases": [
"CVE-2024-7957"
],
"database_specific": {
"cwe_ids": [
"CWE-29"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T10:15:38Z",
"severity": "CRITICAL"
},
"details": "An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the load_credentials method, where user-controlled input for realm_name and zuliprc_content is used to construct file paths and write file contents. This allows attackers to overwrite or create arbitrary files if a zuliprc- directory already exists in the temporary directory.",
"id": "GHSA-q6gg-j289-2hm4",
"modified": "2025-03-20T12:32:47Z",
"published": "2025-03-20T12:32:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7957"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/21e9b909-036c-4544-ad35-6a5117836275"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-5.1
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
- Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation MIT-20
Strategy: Input Validation
Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
No CAPEC attack patterns related to this CWE.