CWE 73: External Control of File Name or Path is a type of security flaw in which users can access resources from restricted locations on a file system. It is commonly called Path Traversal. If an attackers perform a Path Traversal attack successfully, they could potentially view sensitive fil...
I was asked to verify the code I wrote with Veracode. Vercacode reports a problem “CWE-73: External Control of File Name or Path”. There are several models involved including “entityframework.dll”, “microsoft.ai.agent.intercept.dll”, “mysql.data.entityframework.dll”, “microsoft...
As per the description of the flaw "External Control of File Name or Path (CWE ID 73)(33 flaws)", it says that someone from the external can have the control of the file name or the path. So you need to protect the file and the path so that the intruders should not be ab...
ava环境配置 | cmd命令 java正常,javac不是内部或外部命令 对Java一窍不通的初学者,正准备准备参照...
什么是CWE:Common Weakness Enumeration 中文翻译就是通用缺陷枚举 http://cwe.mitre.org/ 另外一个是...
This scenario seeks to find **External Control of File Name or Path**. See `CWE-73<https://cwe.mitre.org/data/definitions/73.html>`__ for more details. This scenario seeks to find **External Control of File Name or Path** in the APK file. ...
好的,所以问题是您允许用户控制该文件路径。想象一下,它在UNIX机器上,他们输入: