Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data #137

New issue
New issue
Closed
Closed
[JAVA] CWE-706: Use of Incorrectly-Resolved Name or Reference & CWE-201: Exposure of Sensitive Information Through Sent Data#137
Labels
The Bug SlayerSubmissions to The Bug Slayer bounty
@intrigus-lgtm

Description

@intrigus-lgtm
intrigus-lgtm
opened on Jun 24, 2020

CVE ID(s)

List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the GitHub Advisory Database.

Report

Paths that can be influenced by users (= Directory traversal) where the content of the path is returned to the user or where user data is written to.
"Arbitrary read and write"
Query: github/codeql#3794

  • Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing

Metadata

Metadata

Assignees

No one assigned

    Labels

    The Bug SlayerSubmissions to The Bug Slayer bounty

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions