Skip to main content

Path Traversal: '\..\filename'

CVE-2024-2083

Severity High
Score 9.9/10

Summary

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the "/api/v1/steps" endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory. This issue affects zenml versions prior to 0.55.5.

  • LOW
  • NETWORK
  • HIGH
  • CHANGED
  • NONE
  • LOW
  • HIGH
  • HIGH

CWE-29 - Path Traversal: '\..\filename'

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

Advisory Timeline

  • Published