GrepRules
Sign inPublish rule
Explore/cve-2026-47904-discarded-sanitization-result

CVE-2026-47904: Discarded Sanitization Result

A sanitization or normalization function was called, but its result was assigned to a discarded variable (prefixed with `_`). In Rust, this means the sanitized value is silently dropped. While any error-validation side-effects will run, data transformations (like normalization) are completely bypassed, often leading to path traversal or injection vulnerabili

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0Rustβ
greprules fetch cve-2026-47904-discarded-sanitization-result --engine opengrep

Description

A sanitization or normalization function was called, but its result was assigned to a discarded variable (prefixed with `_`). In Rust, this means the sanitized value is silently dropped. While any error-validation side-effects will run, data transformations (like normalization) are completely bypassed, often leading to path traversal or injection vulnerabili

License
Apache-2.0
Source context
Public repository
Source
Provally CVE rule catalog
Validation status
Verified
Quality signals
145 downloads0 direct145 via packs
· 0 stars · Quality score 72How quality works
Included packs
2 packs