Path Traversal in Zoo-project
CVE-2025-25284
The ZOO-Project is an open source processing platform, released under MIT/X11 Licence. A vulnerability in ZOO-Project's WPS (Web Processing Service) implementation allows unauthorized access to files outside the intended directory through…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.006 (43.5th percentile) — read the EPSS interpretation.
Affected products
- Zoo-project — versions Commits before 5f155a8
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)