Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Aws-lambda
- Gin
- Gorilla
- Gorm
- Grpc
- Jwt-go
- Lang
- Net
- Active-debug-code
- Command-injection
- Csrf
- Dos
- Nosql
- Path-traversal
- Net-http-path-traversal-taint-mux
- Net-http-path-traversal-taint
- Sql
- Ssrf
- Xss
- Xxe
- Otto
- Secrets
- Template
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Net http path traversal taint mux
Untrusted input might be used to build a path, which can lead to a path traversal vulnerability. An attacker can manipulate the path which the application uses to access files. If the application does not validate user input and sanitize file paths, sensitive files can be accessed, such as configuration files or user data, potentially creating or overwriting files. To prevent this vulnerability, validate and sanitize any input that is used to create references to file paths. Also, enforce strict file access controls. For example, choose privileges allowing public-facing applications to access only the required files. In Go, it is possible to sanitize user input and mitigate path traversal by using the SecureJoin
function in filepath-securejoin
.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
OWASP:
- A01:2021 - Broken Access Control
- A05:2017 - Broken Access Control