Conversation
⛔ Snyk checks have failed. 8 issues have been found so far.
✅ security/snyk check is complete. No issues have been found. (View Details) ✅ license/snyk check is complete. No issues have been found. (View Details) ⛔ code/snyk check is complete. 8 issues have been found. (View Details) 💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
🎉 Snyk checks have passed. No issues have been found so far.✅ security/snyk check is complete. No issues have been found. (View Details) ✅ license/snyk check is complete. No issues have been found. (View Details) |
| | ||
| try { | ||
| // ruleid: tainted-cmd-from-http-request-deepsemgrep | ||
| Process p = r.exec(args, argsEnv); |
There was a problem hiding this comment.
Indirect Command Injection via User Controlled Environment
Unsanitized input from cookies flows into exec, where it is used to build a shell command with environment variables. It is important to properly validate and sanitize all input parameters, to prevent potential command injection attacks via tainted environment variables.
Line 178 | CWE-78 | Priority score 215 | Learn more about this vulnerability
Data flow: 14 steps
Step 1 - 2
java-testing-example/AIfixtest.java
Line 154 in 14aad55
Step 3 AIfixtest.java#L158
Step 4 - 7 AIfixtest.java#L160
Step 8 - 9 AIfixtest.java#L166
Step 10 - 12 AIfixtest.java#L172
Step 13 - 14
java-testing-example/AIfixtest.java
Line 178 in 14aad55
| throws ServletException, IOException { | ||
| response.setContentType("text/html;charset=UTF-8"); | ||
| javax.servlet.http.Cookie userCookie = | ||
| new javax.servlet.http.Cookie("BenchmarkTest00091", "FOO%3Decho+Injection"); |
There was a problem hiding this comment.
Sensitive Cookie Without 'HttpOnly' Flag
Cookie misses a call to setHttpOnly. Set the HttpOnly flag to true to protect the cookie from possible malicious code on client side.
Line 138 | CWE-1004 | Priority score 410
⚡ Fix this issue by replying with the following command: @snyk /fix
| throws ServletException, IOException { | ||
| response.setContentType("text/html;charset=UTF-8"); | ||
| javax.servlet.http.Cookie userCookie = | ||
| new javax.servlet.http.Cookie("BenchmarkTest00077", "ECHOOO"); |
There was a problem hiding this comment.
Sensitive Cookie Without 'HttpOnly' Flag
Cookie misses a call to setHttpOnly. Set the HttpOnly flag to true to protect the cookie from possible malicious code on client side.
Line 199 | CWE-1004 | Priority score 410
⚡ Fix this issue by replying with the following command: @snyk /fix
| | ||
| ProcessBuilder pb = new ProcessBuilder(); | ||
| | ||
| pb.command(argList); |
There was a problem hiding this comment.
Command Injection
Unsanitized input from an HTTP header flows into command, where it is used as a shell command. This may result in a Command Injection vulnerability.
Line 67 | CWE-78 | Priority score 415 | Learn more about this vulnerability
Data flow: 11 steps
Step 1 - 3
java-testing-example/AIfixtest.java
Line 46 in 14aad55
Step 4 - 6 AIfixtest.java#L50
Step 7 - 9 AIfixtest.java#L63
Step 10 - 11
java-testing-example/AIfixtest.java
Line 67 in 14aad55
| // deepsemgrep-ruleid: tainted-cmd-from-http-request-deepsemgrep | ||
| argList.add("echo " + bar); | ||
| | ||
| ProcessBuilder pb = new ProcessBuilder(argList); |
There was a problem hiding this comment.
Command Injection
Unsanitized input from cookies flows into java.lang.ProcessBuilder, where it is used as a shell command. This may result in a Command Injection vulnerability.
Line 261 | CWE-78 | Priority score 415 | Learn more about this vulnerability
Data flow: 14 steps
Step 1 - 2
java-testing-example/AIfixtest.java
Line 215 in 14aad55
Step 3 AIfixtest.java#L219
Step 4 - 7 AIfixtest.java#L221
Step 8 - 9 AIfixtest.java#L234
Step 10 - 12 AIfixtest.java#L259
Step 13 - 14
java-testing-example/AIfixtest.java
Line 261 in 14aad55
| // URL Decode the header value since req.getHeader() doesn't. Unlike req.getParameter(). | ||
| param = java.net.URLDecoder.decode(param, "UTF-8"); | ||
| | ||
| ProcessBuilder pb = new ProcessBuilder("echo" + param); |
There was a problem hiding this comment.
Command Injection
Unsanitized input from an HTTP header flows into java.lang.ProcessBuilder, where it is used as a shell command. This may result in a Command Injection vulnerability.
Line 299 | CWE-78 | Priority score 415 | Learn more about this vulnerability
Data flow: 9 steps
Step 1 - 3
java-testing-example/AIfixtest.java
Line 293 in 14aad55
Step 4 - 6 AIfixtest.java#L297
Step 7 - 9
java-testing-example/AIfixtest.java
Line 299 in 14aad55
| | ||
| try { | ||
| // ruleid: tainted-cmd-from-http-request-deepsemgrep | ||
| Process p = r.exec(args, argsEnv); |
There was a problem hiding this comment.
Indirect Command Injection via User Controlled Environment
Unsanitized input from an HTTP header flows into exec, where it is used to build a shell command with environment variables. It is important to properly validate and sanitize all input parameters, to prevent potential command injection attacks via tainted environment variables.
Line 115 | CWE-78 | Priority score 215 | Learn more about this vulnerability
Data flow: 11 steps
Step 1 - 3
java-testing-example/AIfixtest.java
Line 99 in 14aad55
Step 4 - 6 AIfixtest.java#L103
Step 7 - 9 AIfixtest.java#L109
Step 10 - 11
java-testing-example/AIfixtest.java
Line 115 in 14aad55
| // ruleid: tainted-cmd-from-http-request-deepsemgrep | ||
| Process p = r.exec(args, argsEnv); | ||
| // ruleid: tainted-cmd-from-http-request-deepsemgrep | ||
| Runtime.getRuntime().exec(args, argsEnv); |
There was a problem hiding this comment.
Indirect Command Injection via User Controlled Environment
Unsanitized input from an HTTP header flows into exec, where it is used to build a shell command with environment variables. It is important to properly validate and sanitize all input parameters, to prevent potential command injection attacks via tainted environment variables.
Line 117 | CWE-78 | Priority score 215 | Learn more about this vulnerability
Data flow: 11 steps
Step 1 - 3
java-testing-example/AIfixtest.java
Line 99 in 14aad55
Step 4 - 6 AIfixtest.java#L103
Step 7 - 9 AIfixtest.java#L109
Step 10 - 11
java-testing-example/AIfixtest.java
Line 117 in 14aad55
No description provided.