Possible path traversal vulnerability detected

Rule ID: java_lang_path_traversal
Languages: java
Source: path_traversal.yml

Description

Allowing unsanitized user input in path resolution methods means an attacker could gain access to files and folders outside of the intended scope.

Remediations

❌ Avoid wherever possible

✅ Sanitize user input when resolving paths, for example: Use FilenameUtils.getName() to mitigate against unwanted patterns in the path (such as \..\..)

  public class Cls extends HttpServlet
  {

      public void handleRequest(HttpServletRequest request, HttpServletResponse response)
      {
          String image = request.getParameter("user_profile_picture");
          File file = new File("user/profile/" + FilenameUtils.getName(image));
      }
  }

Resources

OWASP path traversal

Associated CWE

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

OWASP Top 10

A01:2021 - Broken Access Control

Configuration

To skip this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --skip-rule=java_lang_path_traversal

To run only this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --only-rule=java_lang_path_traversal

Ready to take the next step? Learn more about Bearer Cloud.