heise online

Secure Coding: Best practices for using Java NIO against path traversal

The article Secure Coding: Preventing unauthorized access through path traversal (CWE-22) has already described the dangers posed by the critical vulnerability CWE-22 (path traversal) in software ...
heise online

Page 2: Java libraries that help mitigate CWE-22

Apache Commons IO provides a set of utilities for working with the file system that can be helpful in preventing path traversal vulnerabilities. The FilenameUtils class contains methods for ...
IT News For Australia Business

Serious path traversal bug found in Microsoft's NLWeb "Agentic Web" tool

Microsoft's open source NLWeb framework for delivering AI-driven agentic web applications shipped with an easy to exploit path traversal vulnerability that revealed the context of sensitive system ...
CSOonline

CISA, FBI urge developers to patch path traversal bugs before shipping

US Cybersecurity Infrastructure and Security Agency (CISA) and the FBI have issued a joint advisory to developers, urging them to check for path traversal vulnerabilities before shipping a software.
CSOonline

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated. A now-fixed critical flaw in the jsPDF library could ...
TechRadar

FBI and CISA tell devs to crack down on security issues before releasing

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of ...