From ef9c11c95fa4fc8a64cf6e54956c9d4631b82ef6 Mon Sep 17 00:00:00 2001
From: Justin Collins <justin@presidentbeef.com>
Date: Thu, 25 Jan 2024 17:10:36 -0800
Subject: [PATCH] Site updated at Thu Jan 25 05:10:36 PM PST 2024

---
 docs/warning_types/index.html                |   1 +
 docs/warning_types/path_traversal/index.html | 194 +++++++++++++++++++
 feed.xml                                     |   2 +-
 3 files changed, 196 insertions(+), 1 deletion(-)
 create mode 100644 docs/warning_types/path_traversal/index.html

diff --git a/docs/warning_types/index.html b/docs/warning_types/index.html
index 754ec3ac1..9afb6774c 100644
--- a/docs/warning_types/index.html
+++ b/docs/warning_types/index.html
@@ -100,6 +100,7 @@ <h1 class="entry-title">Warning Types</h1>
   <li><a href="/docs/warning_types/information_disclosure">Information Disclosure</a></li>
   <li><a href="/docs/warning_types/CVE-2011-0446">Mail Link</a></li>
   <li><a href="/docs/warning_types/mass_assignment">Mass Assignment</a></li>
+  <li><a href="/docs/warnings_types/path_traversal">Path Traversal</a></li>
   <li><a href="/docs/warning_types/remote_code_execution">Remote Code Execution</a></li>
   <li><a href="/docs/warning_types/remote_code_execution_yaml_load">Remote Execution in YAML.load</a></li>
   <li><a href="/docs/warning_types/session_manipulation">Session Manipulation</a></li>
diff --git a/docs/warning_types/path_traversal/index.html b/docs/warning_types/path_traversal/index.html
new file mode 100644
index 000000000..49b148281
--- /dev/null
+++ b/docs/warning_types/path_traversal/index.html
@@ -0,0 +1,194 @@
+
+<!DOCTYPE html>
+<!--[if IEMobile 7 ]><html class="no-js iem7"><![endif]-->
+<!--[if lt IE 9]><html class="no-js lte-ie8"><![endif]-->
+<!--[if (gt IE 8)|(gt IEMobile 7)|!(IEMobile)|!(IE)]><!--><html class="no-js" lang="en"><!--<![endif]-->
+<head>
+  <meta charset="utf-8">
+  <title>Brakeman: Path Traversal</title>
+  <meta name="description" content="Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications."/>
+
+  <!-- http://t.co/dKP3o1e -->
+  <meta name="HandheldFriendly" content="True">
+  <meta name="MobileOptimized" content="320">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+
+  <meta name="keywords" content="brakeman,ruby on rails,security,scanner,vulnerabilities,static analysis"/>
+
+  <link rel="canonical" href="https://brakemanscanner.org/docs/warning_types/path_traversal/"/>
+  <link href="/favicon.png" rel="shortcut icon" />
+  <link href="/stylesheets/screen.css" media="screen, projection" rel="stylesheet" type="text/css">
+  <script src="/javascripts/modernizr-2.0.js"></script>
+  <script src="/javascripts/octopress.js" type="text/javascript"></script>
+  <link href="feed.xml" rel="alternate" title="Brakeman" type="application/atom+xml"/>
+  
+
+  
+
+  <!--Fonts from Google's Web font directory at http://google.com/webfonts -->
+<link href='https://fonts.googleapis.com/css?family=PT+Serif:regular,italic,bold,bolditalic' rel='stylesheet' type='text/css'>
+<link href='https://fonts.googleapis.com/css?family=PT+Sans:regular,italic,bold,bolditalic' rel='stylesheet' type='text/css'>
+<script language="javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js" type="text/javascript"></script>
+<script src="/javascripts/jquery.github_badge.js"></script>
+<meta property="twitter:account_id" content="23978537" />
+
+<meta name="twitter:card" content="summary" />
+<meta name="twitter:site" content="@brakeman" />
+<meta name="twitter:title" content="Brakeman - Path Traversal" />
+<meta name="twitter:description" content="Brakeman Static Analysis Security Scanner for Ruby on Rails" />
+<meta name="twitter:image" content="https://brakemanscanner.org/images/brakeman_logo_dark.png" />
+
+</head>
+
+<body  >
+  <header><hgroup>
+  <h1><a href="/">Brakeman</a></h1>
+  
+    <h2>Ruby on Rails Static Analysis Security Tool</h2>
+  
+</hgroup>
+
+</header>
+  <nav role=navigation><ul role=subscription data-subscription="rss">
+  <li><a href="feed.xml" rel="subscribe-rss" title="subscribe via RSS">RSS</a></li>
+  
+</ul>
+<form action="" method="get">
+  <fieldset role="site-search">
+    <input type="hidden" name="q" value="site:https://brakemanscanner.org" />
+    <input class="search" type="text" name="q" results="0" placeholder="Search"/>
+  </fieldset>
+</form>
+<ul role=main-navigation>
+  <li><a href="/">Home</a></li>
+  <li><a href="/docs">Documentation</a></li>
+  <li><a href="https://github.com/presidentbeef/brakeman">Source</a></li>
+  <li><a href="/docs/contributing">Contributing</a></li>
+  <li><a href="/brakeman_users">Users</a></li>
+  <li><a href="/contact">Contact</a></li>
+</ul>
+
+</nav>
+  <div id="main">
+    <div id="content">
+      <div>
+<article>
+  
+  <header>
+    <h1 class="entry-title">Path Traversal</h1>
+  </header>
+  
+  <p>Path traversal vulnerabilities allow an attacker to access or manipulate files outside the intended
+directory by providing specially crafted paths as input to read or write sensitive data. This can occur when 
+improperly handling user-supplied input in filesystem-related operations such as image uploads, dynamic content loading, and user file downloads.</p>
+
+<p>An attacker could exploit a path traversal vulnerability to:</p>
+
+<ul>
+  <li>Read sensitive files, including configuration files or other data containing credentials or encryption keys.</li>
+  <li>Write files into restricted directories that enables code injection or privilege escalation.</li>
+  <li>Download or delete critical system files.</li>
+  <li>Gain access to user data and perform unauthorized actions.</li>
+</ul>
+
+<h2 id="example">Example</h2>
+
+<div class="language-ruby highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c1"># `params[:file][:path]` could contain "../../../../../etc/passwd", e.g.</span>
+
+<span class="n">send_file</span> <span class="no">File</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="s1">'some'</span><span class="p">,</span> <span class="s1">'path'</span><span class="p">,</span> <span class="n">params</span><span class="p">[</span><span class="ss">:file</span><span class="p">][</span><span class="ss">:path</span><span class="p">])</span>
+</code></pre></div></div>
+
+<h2 id="pathname-confusion">Pathname Confusion</h2>
+
+<p><code class="language-plaintext highlighter-rouge">Pathname#join</code> has some confusing behavior: <em>any</em> absolute path segment (e.g. starting with <code class="language-plaintext highlighter-rouge">/</code>) causes the path to be absolute from that point.</p>
+
+<p>Example:</p>
+
+<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>&gt; Pathname.new('a').join("a", "b", "/c", "d")
+ =&gt; #&lt;Pathname:/c/d&gt; 
+</code></pre></div></div>
+
+<p>Note that <code class="language-plaintext highlighter-rouge">Rails.root</code> is a <code class="language-plaintext highlighter-rouge">Pathname</code>.</p>
+
+<p>Exercise extreme caution when passing user-provided input to this function.</p>
+
+<hr />
+<p>Back to <a href="/docs/warning_types">Warning Types</a></p>
+
+  
+    <footer>
+      <p class="meta">
+        
+        
+      </p>
+    </footer>
+  
+</article>
+
+</div>
+
+<aside role=sidebar>
+  <section>
+  <p></p>
+  <p>Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.</p>
+  <p><a href="/docs/quickstart">Get started!</a></p>
+</section>
+
+  <section>
+  <script type='text/javascript'>
+    $(document).ready(function(){
+      $("#github").GitHubBadge({
+        login: "presidentbeef",
+        kind: "project",
+        repo_name: "brakeman",
+        include_github_logo: false,
+        image_path: "",
+        commit_count: "1",
+        issue_count: "0",
+        repo_count: "0"
+      });
+    });
+  </script>
+  <div id="github"></div>
+  <a href="https://dl.circleci.com/status-badge/redirect/gh/presidentbeef/brakeman/tree/main"><img src="https://dl.circleci.com/status-badge/img/gh/presidentbeef/brakeman/tree/main.svg?style=svg" /></a>
+</section>
+
+  <section>
+  <h1>Recent Posts</h1>
+  <ul id="recent_posts">
+    
+      <li class="post">
+        <a href="/blog/2023/12/04/brakeman-6-dot-1-dot-0-released">Brakeman 6.1.0 Released</a>
+      </li>
+    
+      <li class="post">
+        <a href="/blog/2023/07/20/brakeman-6-dot-0-dot-1-released">Brakeman 6.0.1 Released</a>
+      </li>
+    
+      <li class="post">
+        <a href="/blog/2023/05/24/brakeman-6-dot-0-released">Brakeman 6.0.0 Released</a>
+      </li>
+    
+      <li class="post">
+        <a href="/blog/2023/02/21/brakeman-5-dot-4-dot-1-released">Brakeman 5.4.1 Released</a>
+      </li>
+    
+      <li class="post">
+        <a href="/blog/2022/11/17/brakeman-5-dot-4-dot-0-released">Brakeman 5.4.0 Released</a>
+      </li>
+    
+  </ul>
+</section>
+
+</aside>
+
+
+    </div>
+  </div>
+  <footer><p>
+<span class="credit">Powered by <a href="http://octopress.org">Octopress</a> | <a href="/content_license">Content license</a></span>
+</p>
+
+</footer>
+</body>
+</html>
diff --git a/feed.xml b/feed.xml
index 919e3630b..8b213a972 100644
--- a/feed.xml
+++ b/feed.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="3.9.3">Jekyll</generator><link href="https://brakemanscanner.org/feed.xml" rel="self" type="application/atom+xml" /><link href="https://brakemanscanner.org/" rel="alternate" type="text/html" /><updated>2024-01-03T16:50:39-08:00</updated><id>https://brakemanscanner.org/feed.xml</id><title type="html">Brakeman</title><entry><title type="html">Brakeman 6.1.0 Released</title><link href="https://brakemanscanner.org/blog/2023/12/04/brakeman-6-dot-1-dot-0-released" rel="alternate" type="text/html" title="Brakeman 6.1.0 Released" /><published>2023-12-04T22:30:00-08:00</published><updated>2023-12-04T22:30:00-08:00</updated><id>https://brakemanscanner.org/blog/2023/12/04/brakeman-6-dot-1-dot-0-released</id><content type="html" xml:base="https://brakemanscanner.org/blog/2023/12/04/brakeman-6-dot-1-dot-0-released">&lt;p&gt;It’s been a while!&lt;/p&gt;
+<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="3.9.3">Jekyll</generator><link href="https://brakemanscanner.org/feed.xml" rel="self" type="application/atom+xml" /><link href="https://brakemanscanner.org/" rel="alternate" type="text/html" /><updated>2024-01-25T17:10:18-08:00</updated><id>https://brakemanscanner.org/feed.xml</id><title type="html">Brakeman</title><entry><title type="html">Brakeman 6.1.0 Released</title><link href="https://brakemanscanner.org/blog/2023/12/04/brakeman-6-dot-1-dot-0-released" rel="alternate" type="text/html" title="Brakeman 6.1.0 Released" /><published>2023-12-04T22:30:00-08:00</published><updated>2023-12-04T22:30:00-08:00</updated><id>https://brakemanscanner.org/blog/2023/12/04/brakeman-6-dot-1-dot-0-released</id><content type="html" xml:base="https://brakemanscanner.org/blog/2023/12/04/brakeman-6-dot-1-dot-0-released">&lt;p&gt;It’s been a while!&lt;/p&gt;
 
 &lt;p&gt;&lt;em&gt;Changes since 6.0.1:&lt;/em&gt;&lt;/p&gt;