Path Traversal: '\..\filename'
CVE-2024-2083
Summary
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the "/api/v1/steps" endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory. This issue affects zenml versions prior to 0.55.5.
- LOW
- NETWORK
- HIGH
- CHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-29 - Path Traversal: '\..\filename'
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.
References
Advisory Timeline
- Published