CWE-21: CWE CATEGORY: DEPRECATED: Pathname Traversal and Equivalence Errors

ClassStable

This category has been deprecated. It was originally used for organizing weaknesses involving file names, which enabled access to files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence). Consider using either the File Handling Issues category ( CWE-1219 ) or the class Use of Incorrectly-Resolved Name or Reference ( CWE-706 ).

View on MITRE

Back to CWE Lookup

Technical Details

Structure: Simple
Vulnerability Mapping: PROHIBITED

Applicable To

Languages

Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-21

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references