About GET A DEMO

Backslash Vulnerability Database

Path Equivalence: 'filename.' (Trailing Dot)

Path Equivalence: 'filename.' (Trailing Dot)

CWE-42

Per technology (GHSA, All time)

100%-Maven

Short description

The product accepts path input in the form of trailing dot ('filedir.') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

Recently published GHSA

GHSA-6q4g-84f3-mw74

Prioritize and Uncover Reachable Vulnerabilities in Your Application Code

Identify externally reachable data flows and vulnerabilities for effective risk mitigation

© 2023 Backslash. 28 HaArba'a St., Tel-Aviv Privacy Policy | Terms of Use