{
"id": "176a0c0874da9fdbe343da3dfba3d57745cffa34aab8c965d123a3051c5f8970",
"category": "sast",
"name": "Improper neutralization of special elements used in an OS Command ('OS Command Injection')",
"description": "Found `subprocess` function `run` with `shell=True`. This is dangerous because this call will\nspawn the command using a shell process. Doing so propagates current shell settings and\nvariables,\nwhich makes it much easier for a malicious actor to execute commands. Use `shell=False`\ninstead.\n",
"cve": "semgrep_id:bandit.B602:121:123",
"severity": "High",
"scanner": {
"id": "semgrep",
"name": "Semgrep"
},
"location": {
"file": "src/engine/test/health_test/initialState.py",
"start_line": 121,
"end_line": 123
},
"identifiers": [
{
"type": "semgrep_id",
"name": "bandit.B602",
"value": "bandit.B602",
"url": "https://semgrep.dev/r/gitlab.bandit.B602"
},
{
"type": "cwe",
"name": "CWE-78",
"value": "78",
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"type": "owasp",
"name": "A03:2021 - Injection",
"value": "A03:2021"
},
{
"type": "owasp",
"name": "A1:2017 - Injection",
"value": "A1:2017"
},
{
"type": "bandit_test_id",
"name": "Bandit Test ID B602",
"value": "B602"
}
]
}