Common Weakness Enumeration

CWE-29

Allowed

Path Traversal: '\..\filename'

Abstraction: Variant · Status: Incomplete

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

127 vulnerabilities reference this CWE, most recent first.

GHSA-W9PM-MP9P-GPGC

Vulnerability from github – Published: 2024-07-12 00:30 – Updated: 2024-07-12 00:30
VLAI
Details

Path Traversal: '..\filename' in aimhubio/aim

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6396"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-29"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-12T00:15:01Z",
    "severity": "CRITICAL"
  },
  "details": "Path Traversal: \u0027\\..\\filename\u0027 in aimhubio/aim",
  "id": "GHSA-w9pm-mp9p-gpgc",
  "modified": "2024-07-12T00:30:35Z",
  "published": "2024-07-12T00:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6396"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/c1b17afd-4656-47bb-8310-686a9e1b04a0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W9QF-83JG-2X6C

Vulnerability from github – Published: 2024-06-27 21:32 – Updated: 2024-06-28 21:10
VLAI
Summary
lollms vulnerable to dot-dot-slash path traversal in XTTS server
Details

A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in the tts_to_file endpoint.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "lollms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "9.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-6139"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-29"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-28T21:10:38Z",
    "nvd_published_at": "2024-06-27T19:15:20Z",
    "severity": "HIGH"
  },
  "details": "A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in the `tts_to_file` endpoint.",
  "id": "GHSA-w9qf-83jg-2x6c",
  "modified": "2024-06-28T21:10:38Z",
  "published": "2024-06-27T21:32:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6139"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ParisNeo/lollms"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/fd00f112-efd0-40a1-8227-d6733716e4c0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "lollms vulnerable to dot-dot-slash path traversal in XTTS server"
}

GHSA-WJQ3-7JXX-WHJ9

Vulnerability from github – Published: 2023-05-17 21:30 – Updated: 2024-09-24 21:12
VLAI
Summary
mlflow Path Traversal vulnerability
Details

mlflow prior to 2.3.0 is vulnerable to path traversal due to a bypass of the fix for CVE-2023-1177.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "mlflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-2780"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-29"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-05-18T02:01:53Z",
    "nvd_published_at": "2023-05-17T21:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "mlflow prior to 2.3.0 is vulnerable to path traversal due to a bypass of the fix for CVE-2023-1177.",
  "id": "GHSA-wjq3-7jxx-whj9",
  "modified": "2024-09-24T21:12:16Z",
  "published": "2023-05-17T21:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2780"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/commit/fae77a525dd908c56d6204a4cef1c1c75b4e9857"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mlflow/mlflow"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-69.yaml"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/b12b0073-0bb0-4bd1-8fc2-ec7f17fd7689"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "mlflow Path Traversal vulnerability"
}

GHSA-WXJ7-97FP-J53J

Vulnerability from github – Published: 2022-02-01 00:46 – Updated: 2022-02-07 21:20
VLAI
Summary
Exposure of Resource to Wrong Sphere in Zip-Local
Details

The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "zip-local"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.3.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-23484"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-29",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-01-31T19:55:36Z",
    "nvd_published_at": "2022-01-28T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory.",
  "id": "GHSA-wxj7-97fp-j53j",
  "modified": "2022-02-07T21:20:28Z",
  "published": "2022-02-01T00:46:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23484"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Mostafa-Samir/zip-local/commit/6bb9b59733df379ac168aa705790bd8339b4bf9b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Mostafa-Samir/zip-local/commit/949446a95a660c0752b1db0c654f0fd619ae6085"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Mostafa-Samir/zip-local"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Mostafa-Samir/zip-local/blob/master/main.js%23L365"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-ZIPLOCAL-2327477"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Exposure of Resource to Wrong Sphere in Zip-Local"
}

GHSA-XG73-94FP-G449

Vulnerability from github – Published: 2023-03-24 22:01 – Updated: 2024-10-01 19:24
VLAI
Summary
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs
Details

Impact

Users of the MLflow Open Source Project who are hosting the MLflow Model Registry using the mlflow server or mlflow ui commands using an MLflow version older than MLflow 2.2.1 may be vulnerable to a remote file access exploit if they are not limiting who can query their server (for example, by using a cloud VPC, an IP allowlist for inbound requests, or authentication / authorization middleware).

This issue only affects users and integrations that run the mlflow server and mlflow ui commands. Integrations that do not make use of mlflow server or mlflow ui are unaffected; for example, the Databricks Managed MLflow product and MLflow on Azure Machine Learning do not make use of these commands and are not impacted by these vulnerabilities in any way.

The vulnerability detailed in https://nvd.nist.gov/vuln/detail/CVE-2023-1177 enables an actor to download arbitrary files unrelated to MLflow from the host server, including any files stored in remote locations to which the host server has access.

Patches

This vulnerability has been patched in MLflow 2.2.1, which was released to PyPI on March 2nd, 2023. If you are using mlflow server or mlflow ui with the MLflow Model Registry, we recommend upgrading to MLflow 2.2.1 as soon as possible.

Workarounds

If you are using the MLflow open source mlflow server or mlflow ui commands, we strongly recommend limiting who can access your MLflow Model Registry and MLflow Tracking servers using a cloud VPC, an IP allowlist for inbound requests, authentication / authorization middleware, or another access restriction mechanism of your choosing.

If you are using the MLflow open source mlflow server or mlflow ui commands, we also strongly recommend limiting the remote files to which your MLflow Model Registry and MLflow Tracking servers have access. For example, if your MLflow Model Registry or MLflow Tracking server uses cloud-hosted blob storage for MLflow artifacts, make sure to restrict the scope of your server's cloud credentials such that it can only access files and directories related to MLflow.

References

More information about the vulnerability is available at https://nvd.nist.gov/vuln/detail/CVE-2023-1177.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.2.0"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "mlflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-1177"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-29"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-24T22:01:09Z",
    "nvd_published_at": "2023-03-24T15:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\n\nUsers of the MLflow Open Source Project who are hosting the MLflow Model Registry using the `mlflow server` or `mlflow ui` commands using an MLflow version older than MLflow 2.2.1 may be vulnerable to a remote file access exploit if they are not limiting who can query their server (for example, by using a cloud VPC, an IP allowlist for inbound requests, or authentication / authorization middleware).\n\nThis issue only affects users and integrations that run the `mlflow server` and `mlflow ui` commands. Integrations that do not make use of `mlflow server` or `mlflow ui` are unaffected; for example, the Databricks Managed MLflow product and MLflow on Azure Machine Learning do not make use of these commands and are not impacted by these vulnerabilities in any way.\n\nThe vulnerability detailed in https://nvd.nist.gov/vuln/detail/CVE-2023-1177 enables an actor to download arbitrary files unrelated to MLflow from the host server, including any files stored in remote locations to which the host server has access.\n\n### Patches\nThis vulnerability has been patched in MLflow 2.2.1, which was released to PyPI on March 2nd, 2023. If you are using `mlflow server` or `mlflow ui` with the MLflow Model Registry, we recommend upgrading to MLflow 2.2.1 as soon as possible.\n\n### Workarounds\nIf you are using the MLflow open source `mlflow server` or `mlflow ui` commands, we strongly recommend limiting who can access your MLflow Model Registry and MLflow Tracking servers using a cloud VPC, an IP allowlist for inbound requests, authentication / authorization middleware, or another access restriction mechanism of your choosing.\n\nIf you are using the MLflow open source `mlflow server` or `mlflow ui` commands, we also strongly recommend limiting the remote files to which your MLflow Model Registry and MLflow Tracking servers have access. For example, if your MLflow Model Registry or MLflow Tracking server uses cloud-hosted blob storage for MLflow artifacts, make sure to restrict the scope of your server\u0027s cloud credentials such that it can only access files and directories related to MLflow.\n\n### References\nMore information about the vulnerability is available at https://nvd.nist.gov/vuln/detail/CVE-2023-1177.",
  "id": "GHSA-xg73-94fp-g449",
  "modified": "2024-10-01T19:24:26Z",
  "published": "2023-03-24T22:01:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/security/advisories/GHSA-xg73-94fp-g449"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1177"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/pull/7891/commits/7162a50c654792c21f3e4a160eb1a0e6a34f6e6e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mlflow/mlflow/commit/7162a50c654792c21f3e4a160eb1a0e6a34f6e6e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mlflow/mlflow"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2023-29.yaml"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/1fe8f21a-c438-4cba-9add-e8a5dab94e28"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs"
}

GHSA-XP3G-2729-RXM3

Vulnerability from github – Published: 2023-01-16 03:30 – Updated: 2023-01-24 18:05
VLAI
Summary
Froxlor is vulnerable to path traversal
Details

Path Traversal: '..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "froxlor/froxlor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-0316"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-29"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-19T18:24:42Z",
    "nvd_published_at": "2023-01-16T01:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Path Traversal: \u0027\\..\\filename\u0027 in GitHub repository froxlor/froxlor prior to 2.0.0.",
  "id": "GHSA-xp3g-2729-rxm3",
  "modified": "2023-01-24T18:05:17Z",
  "published": "2023-01-16T03:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0316"
    },
    {
      "type": "WEB",
      "url": "https://github.com/froxlor/froxlor/commit/983d9294603925018225d672795bd8b4a526f41e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Froxlor/Froxlor"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/c190e42a-4806-47aa-aa1e-ff5d6407e244"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Froxlor is vulnerable to path traversal"
}

GHSA-XWXM-HG2J-HPJQ

Vulnerability from github – Published: 2022-08-20 00:00 – Updated: 2022-08-25 00:00
VLAI
Details

Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2788"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-29"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-19T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Emerson Electric\u0027s Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: \u0027\\..\\Filename\u0027, also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering station onto Windows in a way that executes the malicious code.",
  "id": "GHSA-xwxm-hg2j-hpjq",
  "modified": "2022-08-25T00:00:29Z",
  "published": "2022-08-20T00:00:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2788"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-5.1
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
  • Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation MIT-20
Implementation

Strategy: Input Validation

Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.

No CAPEC attack patterns related to this CWE.