Uploaded image for project: 'Talend Component Kit'
  1. Talend Component Kit
  2. TCOMP-1816

Apache Maven Shared Utils: OS Command Injection in Talend/component-runtime

Apply templateInsert Lucidchart DiagramXMLWordPrintable

    • Icon: Work Item Work Item
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.1.27
    • None
    • None
    • GreenHopper Ranking:
      0|i1wsuj:
    • 9223372036854775807
    • Small

      OS Command Injection in Talend/component-runtime (master)

      Issue Details

      • Vulnerability: OS Command Injection
      • Severity: High
      • Project: Talend/component-runtime
      • Branch: master
      • Scan Date: Unknown

      Issue Description

      maven-shared-utils is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands on the host OS via the Commandline class due to insecure validation and escaping of double-quoted strings.

      View more details

      and https://sca.analysiscenter.veracode.com/workspaces/WzzF47x/issues/vulnerabilities/51179269

            emmanuel_g emmanuel gallois
            pteyssier pierre teyssier
            emmanuel gallois
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: