CSOonline

Directory traversal explained: Definition, examples and prevention

In September, researchers discovered a “critical severity” directory traversal vulnerability in Atlassian’s Jira Service Desk Server and Jira Service Desk Data Center that could allow attackers to ...
CSOonline

CISA, FBI urge developers to patch path traversal bugs before shipping

US Cybersecurity Infrastructure and Security Agency (CISA) and the FBI have issued a joint advisory to developers, urging them to check for path traversal vulnerabilities before shipping a software.
ITWire

From path traversal to supply chain compromise: breaking MCP server hosting

COMPANY NEWS: We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered ...
heise online

Page 2: Java libraries that help mitigate CWE-22

Apache Commons IO provides a set of utilities for working with the file system that can be helpful in preventing path traversal vulnerabilities. The FilenameUtils class contains methods for ...
IT News For Australia Business

Serious path traversal bug found in Microsoft's NLWeb "Agentic Web" tool

Microsoft's open source NLWeb framework for delivering AI-driven agentic web applications shipped with an easy to exploit path traversal vulnerability that revealed the context of sensitive system ...
Dark Reading

Don't Underestimate Directory Traversal Attacks

About as simple to fix as they are to exploit, directory traversal vulnerabilities stand as a persistent threat in the application environment. Yet it is one that many developers and even security ...