This page collects WhisperX intelligence signals tagged #directory-traversal. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical directory traversal vulnerability has been identified in parish-core's mod loading system. The `GameMod::load()` function in `crates/parish-core/src/game_mod.rs` (lines 471–548) validates the base mod directory via canonicalization at line 459, but subsequently joins manifest-provided relative paths without ...
A critical directory traversal vulnerability has been identified in aiohttp 3.8.6, exposing systems that use the asynchronous HTTP client/server framework with static route configurations. The flaw, tracked as PYSEC-2024-24 and addressed in version 3.9.2, allows unauthorized file access when the 'follow_symlinks' optio...