{
"id": "b6883daf38390ddd346db4c001212d76830b1f8a3169a4ffa37139105099e183",
"category": "sast",
"name": "Improper neutralization of special elements used in an OS Command ('OS Command Injection')",
"description": "Python possesses many mechanisms to invoke an external executable. However,\ndoing so may present a security issue if appropriate care is not taken to\nsanitize any user provided or variable input. This plugin test is part of a\nfamily of tests built to check for process spawning and warn appropriately.\nSpecifically, this test looks for the spawning of a subprocess without the\nuse of a command shell. This type of subprocess invocation is not\nvulnerable to shell injection attacks, but care should still be taken to\nensure validity of input.\n",
"cve": "semgrep_id:bandit.B603:893:893",
"severity": "High",
"scanner": {
"id": "semgrep",
"name": "Semgrep"
},
"location": {
"file": "mytoninstaller/settings.py",
"start_line": 893
},
"identifiers": [
{
"type": "semgrep_id",
"name": "bandit.B603",
"value": "bandit.B603",
"url": "https://semgrep.dev/r/gitlab.bandit.B603"
},
{
"type": "cwe",
"name": "CWE-78",
"value": "78",
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"type": "owasp",
"name": "A03:2021 - Injection",
"value": "A03:2021"
},
{
"type": "owasp",
"name": "A1:2017 - Injection",
"value": "A1:2017"
},
{
"type": "bandit_test_id",
"name": "Bandit Test ID B603",
"value": "B603"
}
]
}