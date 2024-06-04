On May 02, 2024, CISA and the FBI released a Security by Design alert to all software manufacturers and customers regarding an ongoing security vulnerability associated with “directory traversal” (also known as path traversal) in the software design process.

The software industry has already documented directory traversal vulnerabilities in the past, as well as identified practical approaches to eliminate these vulnerabilities entirely over the next two decades. However, many software manufacturers have still not addressed those issues and are continuing to put customers at risk as a result.