gitlab.find_sec_bugs.WEAK_FILENAMEUTILS-1

unknown
Download Count*
License

A file is opened to read its content. The filename comes from an input parameter. If an unfiltered parameter is passed to this file API, files from an arbitrary filesystem location could be read.

Run Locally

Run in CI

Defintion

rules:
  - id: find_sec_bugs.WEAK_FILENAMEUTILS-1
    patterns:
      - pattern-inside: |
          import static org.apache.commons.io.FilenameUtils;
          ...
      - pattern-either:
          - pattern: normalize(...)
          - pattern: getExtension(...)
          - pattern: isExtensions(...)
          - pattern: getName(...)
          - pattern: getBaseName(...)
          - pattern: org.apache.commons.io.FilenameUtils.normalize(...)
          - pattern: org.apache.commons.io.FilenameUtils.getExtension(...)
          - pattern: org.apache.commons.io.FilenameUtils.isExtensions(...)
          - pattern: org.apache.commons.io.FilenameUtils.getName(...)
          - pattern: org.apache.commons.io.FilenameUtils.getBaseName(...)
    message: >
      A file is opened to read its content. The filename comes from an input

      parameter. If an unfiltered parameter is passed to this file API, files from an

      arbitrary filesystem location could be read.
    languages:
      - java
    severity: ERROR
    metadata:
      category: security
      cwe: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path
        Traversal')"
      technology:
        - java
      primary_identifier: find_sec_bugs.WEAK_FILENAMEUTILS-1
      secondary_identifiers:
        - name: Find Security Bugs-WEAK_FILENAMEUTILS
          type: find_sec_bugs_type
          value: WEAK_FILENAMEUTILS
      license: MIT