Thanks to visit codestin.com Credit goes to github.com
We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent 01cec04 commit a697063Copy full SHA for a697063
1 file changed
java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.ql
@@ -1,6 +1,6 @@
1
/**
2
* @name Partial Path Traversal Vulnerability
3
- * @description A misuse of the String `startsWith` method as a guard to protect against path traversal is insufficient.
+ * @description A prefix used to check that a canonicalised path falls within another must be slash-terminated.
4
* @kind problem
5
* @problem.severity error
6
* @security-severity 9.3
0 commit comments