[jira] [Commented] (MNEMONIC-734) Unsanitized input from a command line argument in run.py

Zhen Li (Jira) Thu, 10 Mar 2022 22:25:07 -0800


    [ 
https://issues.apache.org/jira/browse/MNEMONIC-734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17504740#comment-17504740
 ]


Zhen Li commented on MNEMONIC-734:
----------------------------------

https://github.com/apache/mnemonic/pull/278

> Unsanitized input from a command line argument in run.py
> --------------------------------------------------------
>
>                 Key: MNEMONIC-734
>                 URL: https://issues.apache.org/jira/browse/MNEMONIC-734
>             Project: Mnemonic
>          Issue Type: Bug
>          Components: Tools
>    Affects Versions: 0.17.0
>            Reporter: Wang, Gang
>            Assignee: Zhen Li
>            Priority: Major
>             Fix For: 0.17.0
>
>          Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> There are 3 security vulnerabilities identified in script run.py, which is 
> about command argument of subprocess.check_call(...). It needs to be 
> sanitized before passing to this call.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (MNEMONIC-734) Unsanitized input from a command line argument in run.py

Reply via email to