CWE-22

GPTKB entity

Statements (27)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:affects gptkb:software
gptkbp:category Software weakness
gptkbp:cause information disclosure
arbitrary code execution
modification of files
unauthorized file access
gptkbp:describes Path traversal vulnerability
gptkbp:documentedIn gptkb:MITRE
gptkbp:example ../../etc/passwd
gptkbp:firstPublished 2006
https://www.w3.org/2000/01/rdf-schema#label CWE-22
gptkbp:name Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
gptkbp:partOf gptkb:CWE
gptkbp:prevention use safe API functions
validate and sanitize user input
restrict file access to intended directories
gptkbp:relatedTo directory traversal
CWE-23
CWE-36
gptkbp:vulnerableTo 22
gptkbp:bfsParent gptkb:CVE-2018-14847
gptkb:CWE
gptkb:CVE-2019-19781
gptkb:CVE-2019-11510
gptkb:CVE-2018-0296
gptkbp:bfsLayer 7