Common Weakness Enumeration

CWE-59

Allowed

Improper Link Resolution Before File Access ('Link Following')

Abstraction: Base · Status: Draft

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1986 vulnerabilities reference this CWE, most recent first.

GHSA-RX3G-MVC3-QFJF

Vulnerability from github – Published: 2026-03-03 00:20 – Updated: 2026-03-20 21:36
VLAI
Summary
OpenClaw's avatar symlink traversal can expose out-of-workspace local files
Details

Summary

OpenClaw avatar handling allowed a symlink traversal path that could expose local files outside an agent workspace through gateway avatar surfaces.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Affected versions: <= 2026.2.21, plus prereleases 2026.2.21-1 and 2026.2.21-2
  • Latest published version at triage time (2026-02-22): 2026.2.21-2 (affected)
  • Planned patched version (pre-set for release workflow): 2026.2.22

Details

In vulnerable builds, local avatar resolution could follow symlinks and return file bytes from outside the configured workspace boundary.

The issue was hardened in two paths: 1. Gateway avatar metadata resolution now enforces canonical containment, O_NOFOLLOW, and fd/file-identity checks. 2. Control UI avatar serving now rejects symlink paths and enforces fd/file-identity and size checks before reads.

Fix Commit(s)

  • 3d0337504349954237d09e4d957df5cb844d5e77
  • 6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2

Release Process Note

patched_versions is pre-set to >= 2026.2.22 so after npm release, the remaining action is to publish this advisory.

Impact

Confidentiality impact only: local files readable by the OpenClaw process could be disclosed via avatar response surfaces.

OpenClaw thanks @tdjackey for reporting.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-32024"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-03T00:20:18Z",
    "nvd_published_at": "2026-03-19T22:16:36Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nOpenClaw avatar handling allowed a symlink traversal path that could expose local files outside an agent workspace through gateway avatar surfaces.\n\n### Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Affected versions: `\u003c= 2026.2.21`, plus prereleases `2026.2.21-1` and `2026.2.21-2`\n- Latest published version at triage time (2026-02-22): `2026.2.21-2` (affected)\n- Planned patched version (pre-set for release workflow): `2026.2.22`\n\n### Details\nIn vulnerable builds, local avatar resolution could follow symlinks and return file bytes from outside the configured workspace boundary.\n\nThe issue was hardened in two paths:\n1. Gateway avatar metadata resolution now enforces canonical containment, `O_NOFOLLOW`, and fd/file-identity checks.\n2. Control UI avatar serving now rejects symlink paths and enforces fd/file-identity and size checks before reads.\n\n### Fix Commit(s)\n- `3d0337504349954237d09e4d957df5cb844d5e77`\n- `6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2`\n\n### Release Process Note\n`patched_versions` is pre-set to `\u003e= 2026.2.22` so after npm release, the remaining action is to publish this advisory.\n\n### Impact\nConfidentiality impact only: local files readable by the OpenClaw process could be disclosed via avatar response surfaces.\n\nOpenClaw thanks @tdjackey for reporting.",
  "id": "GHSA-rx3g-mvc3-qfjf",
  "modified": "2026-03-20T21:36:57Z",
  "published": "2026-03-03T00:20:18Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-rx3g-mvc3-qfjf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32024"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/3d0337504349954237d09e4d957df5cb844d5e77"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/6970c2c2db3ee069ef0fff0ade5cfbdd0134f9d2"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-symlink-traversal-in-avatar-handling"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw\u0027s avatar symlink traversal can expose out-of-workspace local files"
}

GHSA-RXC7-MFVV-R2XP

Vulnerability from github – Published: 2025-02-11 18:31 – Updated: 2025-02-11 18:31
VLAI
Details

Azure Network Watcher VM Extension Elevation of Privilege Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21188"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-11T18:15:30Z",
    "severity": "MODERATE"
  },
  "details": "Azure Network Watcher VM Extension Elevation of Privilege Vulnerability",
  "id": "GHSA-rxc7-mfvv-r2xp",
  "modified": "2025-02-11T18:31:36Z",
  "published": "2025-02-11T18:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21188"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21188"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXXG-CRV8-FGVM

Vulnerability from github – Published: 2023-06-27 00:30 – Updated: 2024-04-04 05:11
VLAI
Details

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-32556"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-26T22:15:10Z",
    "severity": "MODERATE"
  },
  "details": "A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-rxxg-crv8-fgvm",
  "modified": "2024-04-04T05:11:30Z",
  "published": "2023-06-27T00:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32556"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-651"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V28M-HG58-94HP

Vulnerability from github – Published: 2022-09-01 00:00 – Updated: 2022-09-03 00:00
VLAI
Details

Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2898"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-31T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition.",
  "id": "GHSA-v28m-hg58-94hp",
  "modified": "2022-09-03T00:00:16Z",
  "published": "2022-09-01T00:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2898"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V2F6-MG42-536M

Vulnerability from github – Published: 2022-05-17 04:54 – Updated: 2022-05-17 04:54
VLAI
Details

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2012-0786"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-11-23T18:55:00Z",
    "severity": "LOW"
  },
  "details": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.",
  "id": "GHSA-v2f6-mg42-536m",
  "modified": "2022-05-17T04:54:10Z",
  "published": "2022-05-17T04:54:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0786"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hercules-team/augeas/commit/16387744"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
    },
    {
      "type": "WEB",
      "url": "http://augeas.net/news.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/55811"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-V338-M87C-MJX4

Vulnerability from github – Published: 2025-07-10 21:31 – Updated: 2025-07-10 21:31
VLAI
Details

Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow an attacker the opportunity to abuse symbolic links and other methods to delete any file/folder and achieve privilege escalation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-52837"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59",
      "CWE-64"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-10T19:15:25Z",
    "severity": "HIGH"
  },
  "details": "Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow an attacker the opportunity to abuse symbolic links and other methods to delete any file/folder and achieve privilege escalation.",
  "id": "GHSA-v338-m87c-mjx4",
  "modified": "2025-07-10T21:31:52Z",
  "published": "2025-07-10T21:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52837"
    },
    {
      "type": "WEB",
      "url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-12946"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-586"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V35M-J976-RQV4

Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-09-21 00:00
VLAI
Details

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker's choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-7346"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-23T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker\u0027s choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time.",
  "id": "GHSA-v35m-j976-rqv4",
  "modified": "2022-09-21T00:00:38Z",
  "published": "2022-05-24T17:45:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7346"
    },
    {
      "type": "WEB",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10344"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V3JV-WRF4-5845

Vulnerability from github – Published: 2020-09-01 16:03 – Updated: 2021-09-23 21:38
VLAI
Summary
Local Privilege Escalation in npm
Details

Affected versions of npm use predictable temporary file names during archive unpacking. If an attacker can create a symbolic link at the location of one of these temporary file names, the attacker can arbitrarily write to any file that the user which owns the npm process has permission to write to, potentially resulting in local privilege escalation.

Recommendation

Update to version 1.3.3 or later.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "npm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2013-4116"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-08-31T18:12:39Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "Affected versions of `npm` use predictable temporary file names during archive unpacking. If an attacker can create a symbolic link at the location of one of these temporary file names, the attacker can arbitrarily write to any file that the user which owns the `npm` process has permission to write to, potentially resulting in local privilege escalation.\n\n\n\n## Recommendation\n\nUpdate to version 1.3.3 or later.",
  "id": "GHSA-v3jv-wrf4-5845",
  "modified": "2021-09-23T21:38:18Z",
  "published": "2020-09-01T16:03:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4116"
    },
    {
      "type": "WEB",
      "url": "https://github.com/npm/npm/issues/3635"
    },
    {
      "type": "WEB",
      "url": "https://github.com/npm/npm/commit/f4d31693"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715325"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983917"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87141"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/npm/npm"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/152"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/07/10/17"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/07/11/9"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/61083"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Local Privilege Escalation in npm"
}

GHSA-V3M5-RR4Q-J6RP

Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2024-04-04 01:11
VLAI
Details

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker controlled.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-13227"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-07-04T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker controlled.",
  "id": "GHSA-v3m5-rr4q-j6rp",
  "modified": "2024-04-04T01:11:27Z",
  "published": "2022-05-24T16:49:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13227"
    },
    {
      "type": "WEB",
      "url": "https://github.com/linuxdeepin/deepin-clone/commit/e079f3e2712b4f8c28e3e63e71ba1a1f90fce1ab"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1130388"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCHGRJV5CWTMYEE5B5C2FNMCFVP45S7H"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/07/04/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V43W-XVV9-H2CV

Vulnerability from github – Published: 2022-05-02 00:07 – Updated: 2022-05-02 00:07
VLAI
Details

Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2008-4162"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-09-22T18:52:00Z",
    "severity": "MODERATE"
  },
  "details": "Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter.",
  "id": "GHSA-v43w-xvv9-h2cv",
  "modified": "2022-05-02T00:07:34Z",
  "published": "2022-05-02T00:07:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4162"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45075"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/4289"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/496236/100/0/threaded"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation MIT-48.1
Architecture and Design

Strategy: Separation of Privilege

  • Follow the principle of least privilege when assigning access rights to entities in a software system.
  • Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-132: Symlink Attack

An adversary positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name.

CAPEC-17: Using Malicious Files

An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.

CAPEC-35: Leverage Executable Code in Non-Executable Files

An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.

CAPEC-76: Manipulating Web Input to File System Calls

An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.