Path Traversal Vulnerability
Description
The software uses an HTTP request parameter to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.
Examples
Insecure Code
scala
new java.io.File(request.getParameter("path"))Secure Code
scala
new java.io.File(org.apache.commons.io.FilenameUtils.getName(request.getParameter("path")))Remediation
Validate and sanitize user input to prevent absolute path sequences. Use methods like `org.apache.commons.io.FilenameUtils.getName()` to extract the file name from the input path.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0052 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-22 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | path traversal, absolute path sequences |
| OWASP | A5:2017-Broken Access Control, A01:2021-Broken Access Control |