Statements (27)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:affects |
gptkb:software
|
| gptkbp:category |
Software weakness
|
| gptkbp:cause |
information disclosure
arbitrary code execution modification of files unauthorized file access |
| gptkbp:describes |
Path traversal vulnerability
|
| gptkbp:documentedIn |
gptkb:MITRE
|
| gptkbp:example |
../../etc/passwd
|
| gptkbp:firstPublished |
2006
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-22
|
| gptkbp:name |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
|
| gptkbp:partOf |
gptkb:CWE
|
| gptkbp:prevention |
use safe API functions
validate and sanitize user input restrict file access to intended directories |
| gptkbp:relatedTo |
directory traversal
CWE-23 CWE-36 |
| gptkbp:vulnerableTo |
22
|
| gptkbp:bfsParent |
gptkb:CVE-2018-14847
gptkb:CWE gptkb:CVE-2019-19781 gptkb:CVE-2019-11510 gptkb:CVE-2018-0296 |
| gptkbp:bfsLayer |
7
|