Description
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
CVE vulnerabilities with CWE-427 (1,483)
9.9
CVSS
CRITICAL
CVE-2026-40342
pub. 2026-04-17
9.9
CVSS
CRITICAL
CVE-2025-4981
pub. 2025-06-20
9.8
CVSS
CRITICAL
CVE-2025-69599
pub. 2026-05-08
9.8
CVSS
CRITICAL
CVE-2025-65741
pub. 2025-12-09
9.8
CVSS
CRITICAL
CVE-2024-23054
pub. 2024-02-05
9.8
CVSS
CRITICAL
CVE-2023-31543
pub. 2023-06-30
9.8
CVSS
CRITICAL
CVE-2023-25143
pub. 2023-03-10
9.8
CVSS
CRITICAL
CVE-2022-34825
pub. 2022-11-08
9.8
CVSS
CRITICAL
CVE-2022-24955
pub. 2022-02-11
9.8
CVSS
CRITICAL
CVE-2021-28955
pub. 2021-03-22
9.8
CVSS
CRITICAL
CVE-2020-27955
pub. 2020-11-05
9.8
CVSS
CRITICAL
CVE-2019-20856
pub. 2020-06-19
9.8
CVSS
CRITICAL
CVE-2019-20780
pub. 2020-04-17
9.8
CVSS
CRITICAL
CVE-2020-10515
pub. 2020-04-02
9.8
CVSS
CRITICAL
CVE-2019-9546
pub. 2019-03-01
9.8
CVSS
CRITICAL
CVE-2019-7653
pub. 2019-02-09
9.8
CVSS
CRITICAL
CVE-2018-12805
pub. 2018-07-20
9.8
CVSS
CRITICAL
CVE-2017-3090
pub. 2017-06-20
9.8
CVSS
CRITICAL
CVE-2017-3092
pub. 2017-06-20
9.8
CVSS
CRITICAL
CVE-2017-3097
pub. 2017-06-20
Showing 20 of 1,483 vulnerabilities