CISA and FBI urge software developers to address path traversal vulnerabilities before product releases.
US Cybersecurity and Infrastructure Security Agency (CISA) and FBI issue a joint alert, urging software developers to address path traversal vulnerabilities before releasing products. Path traversal allows threat actors to access sensitive files and directories, and remains a persistent issue. Developers are advised to conduct formal testing, follow "secure by design" approach, and use well-known mitigations to eliminate these vulnerabilities.
May 03, 2024
3 Articles