CWE-243
Creation of chroot Jail Without Changing Working Directory
The product uses the chroot() system call to create a jail, but does not change the working directory afterward. This does not prevent access to files outside of the jail.
Official CWE-243 definition at MITREImpactr finds and proves weaknesses like CWE-243 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist