cxnleach / Vuln_GO_App

MIT License
0 stars 0 forks source link

CX Reflected_Absolute_Path_Traversal @ vulnerable/open.go [master] #84

Open github-actions[bot] opened 3 months ago

github-actions[bot] commented 3 months ago

Reflected_Absolute_Path_Traversal issue exists @ vulnerable/open.go in branch master

Method Open at line 9 of vulnerable\open.go gets dynamic data from the filepath element. This element’s value then flows through the code and is eventually used in a file path for local disk access in Open at line 13 of vulnerable\open.go. This may cause a Path Traversal vulnerability.Similarity ID: 1769450287

Severity: Medium

CWE:36

Vulnerability details and guidance

Internal Guidance

Checkmarx

Training Recommended Fix

Lines: 9


Code (Line #9):

func Open(filepath string) (*os.File, error) {

github-actions[bot] commented 3 months ago

Issue still exists.