CWE-55 - Path Equivalence: \'/./\' (Single Dot Directory)

Description

The product accepts path input in the form of single dot directory exploit (\'/./\') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

Latest vulnerabilities for CWE-55

No vulnerabilities found using your search criteria

References

Description of CWE-55 on Mitre website