OS Command Injection in Talend/component-runtime (master)
Issue Details
- Vulnerability: OS Command Injection
- Severity: High
- Project: Talend/component-runtime
- Branch: master
- Scan Date: Unknown
Issue Description
maven-shared-utils is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands on the host OS via the Commandline class due to insecure validation and escaping of double-quoted strings.
and https://sca.analysiscenter.veracode.com/workspaces/WzzF47x/issues/vulnerabilities/51179269