Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2021-46104 | Path Traversal vulnerability in Webp Server GO 0.4.0 An issue was discovered in webp_server_go 0.4.0. | 7.5 |
| 2022-01-18 | CVE-2022-21693 | Path Traversal vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 6.5 |
| 2022-01-14 | CVE-2022-22054 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. | 6.5 |
| 2022-01-13 | CVE-2022-21682 | Path Traversal vulnerability in multiple products Flatpak is a Linux application sandboxing and distribution framework. | 6.5 |
| 2022-01-13 | CVE-2021-23514 | Path Traversal vulnerability in Crowcpp Crow This affects the package Crow before 0.3+4. | 7.5 |
| 2022-01-12 | CVE-2022-23107 | Path Traversal vulnerability in Jenkins Warnings Next Generation Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system. | 8.1 |
| 2022-01-12 | CVE-2022-23113 | Path Traversal vulnerability in Jenkins Publish Over SSH Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. | 4.3 |
| 2022-01-12 | CVE-2022-21675 | Path Traversal vulnerability in Bytecode Viewer Project Bytecode Viewer 2.10.16 Bytecode Viewer (BCV) is a Java/Android reverse engineering suite. | 7.8 |
| 2022-01-12 | CVE-2021-28376 | Path Traversal vulnerability in Chronoengine Chronoforums 7.0.7 ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files. | 2.7 |
| 2022-01-12 | CVE-2021-28377 | Path Traversal vulnerability in Chronoengine Chronoforums 2.0.11 ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files. | 5.3 |