Bleeping Computer

SolarWinds Serv-U path traversal flaw actively exploited in attacks

Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. Although the attacks do not appear particularly ...
heise online

Page 2: Java libraries that help mitigate CWE-22

Apache Commons IO provides a set of utilities for working with the file system that can be helpful in preventing path traversal vulnerabilities. The FilenameUtils class contains methods for ...
heise online

Secure coding: Prevent unauthorized access through path traversal (CWE-22)

Common Weakness Enumeration CWE-22, commonly referred to as "path traversal", is a vulnerability in which an application does not appropriately restrict the paths that users can access via ...