CVE-2026-28427: Rust Path Traversal Starts With
Validating a path prefix using `starts_with` without first canonicalizing it can allow path traversal bypassing authorization checks. Because `starts_with` only performs a lexical comparison, an attacker can use dot-dot-slash (`../`) sequences to step out of the allowed directory (e.g., `/allowed/dir/../../etc/passwd` starts with `/allowed/dir`). Call `.cano
greprules fetch cve-2026-28427-rust-path-traversal-starts-with --engine opengrepDescription
Validating a path prefix using `starts_with` without first canonicalizing it can allow path traversal bypassing authorization checks. Because `starts_with` only performs a lexical comparison, an attacker can use dot-dot-slash (`../`) sequences to step out of the allowed directory (e.g., `/allowed/dir/../../etc/passwd` starts with `/allowed/dir`). Call `.cano
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.