CVE-2024-23334: Conditional Pathlib Relative To
Boundary validation using `relative_to()` is executed conditionally after resolving a path. This can lead to path traversal vulnerabilities if the condition is not met, allowing the resolved path to escape the intended directory base. Ensure boundary checks are unconditional.
Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0
Python
Pythongreprules fetch cve-2024-23334-conditional-pathlib-relative-to --engine opengrepDescription
Boundary validation using `relative_to()` is executed conditionally after resolving a path. This can lead to path traversal vulnerabilities if the condition is not met, allowing the resolved path to escape the intended directory base. Ensure boundary checks are unconditional.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0