Statements (27)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
gptkbp:affects |
gptkb:software
|
gptkbp:category |
Software weakness
|
gptkbp:cause |
information disclosure
arbitrary code execution modification of files unauthorized file access |
gptkbp:describes |
Path traversal vulnerability
|
gptkbp:documentedIn |
gptkb:MITRE
|
gptkbp:example |
../../etc/passwd
|
gptkbp:firstPublished |
2006
|
https://www.w3.org/2000/01/rdf-schema#label |
CWE-22
|
gptkbp:name |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
|
gptkbp:partOf |
gptkb:CWE
|
gptkbp:prevention |
use safe API functions
validate and sanitize user input restrict file access to intended directories |
gptkbp:relatedTo |
directory traversal
CWE-23 CWE-36 |
gptkbp:vulnerableTo |
22
|
gptkbp:bfsParent |
gptkb:CVE-2018-14847
gptkb:CWE gptkb:CVE-2019-19781 gptkb:CVE-2019-11510 gptkb:CVE-2018-0296 |
gptkbp:bfsLayer |
7
|