CVE-2025-67720: Path Traversal From Fallback Filename
Constructing file paths from untrusted fallbacks without proper sanitization can lead to Path Traversal (CWE-22). Always sanitize filenames derived from external input using `os.path.basename()` and remove null bytes before inspecting them with `os.path.isabs` or opening file handles.
Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0
Python
Pythongreprules fetch cve-2025-67720-path-traversal-from-fallback-filename --engine opengrepDescription
Constructing file paths from untrusted fallbacks without proper sanitization can lead to Path Traversal (CWE-22). Always sanitize filenames derived from external input using `os.path.basename()` and remove null bytes before inspecting them with `os.path.isabs` or opening file handles.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0