CWE-73(External Control of File Name or Path)是一种安全漏洞,它允许用户输入控制或影响在文件系统操作中使用的路径或文件名。 CWE-73 概述 CWE-73 漏洞通常发生在以下两个条件同时满足时: 攻击者可以指定在文件系统操作中使用的路径。 通过指定资源,攻击者获得了原本不允许的能力。 例如,程序可能会给攻击者覆...
cmd窗口验证java -version显示正常,输入javac -version提示"javac不是内部或外部命令,也不是可运行的...
I was asked to verify the code I wrote with Veracode. Vercacode reports a problem “CWE-73: External Control of File Name or Path”. There are several models involved including “entityframework.dll”, “microsoft.ai.agent.intercept.dll”, “mysql.data.entityframework.dll”, “microsoft....
External Control of File Name or Path (CWE ID 73)(33 flaws)Hi Team,After R & D i didn't get sloution for this.Please see below line of codes which are causing veracode flaws and help me for fixing this flaw. PdfWriter pdfWriter = PdfWriter.GetInstance(pdfDocument, new FileStrea...
Detect CWE-73 in Android Application This scenario seeks to find External Control of File Name or Path in the APK file. CWE-73 External Control of File Name or Path We analyze the definition of CWE...
This scenario seeks to find **External Control of File Name or Path** in the APK file. @@ -2266,36 +2267,43 @@ We analyze the definition of CWE-73 and identify its characteristics. See `CWE-73 <https://cwe.mitre.org/data/definitions/73.html>`_ for more details. .. image:: htt...
This scenario seeks to find **External Control of File Name or Path**. See 2096- `CWE-73<https://cwe.mitre.org/data/definitions/73.html>`__ for more 2097- details. 2095+ This scenario seeks to find **External Control of File Name or Path** in the APK file. ...