New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(asm): cmdi patch refactor + rasp support #11870

Merged

christophe-papazian merged 15 commits into main from christophe-papazian/cmdi_support

Jan 9, 2025

Merged

feat(asm): cmdi patch refactor + rasp support #11870

add support for shell injection on subprocess

GitHub Advanced Security / CodeQL succeeded Jan 9, 2025 in 8s

No new alerts in code changed by this pull request

View all branch alerts.

Annotations

Check failure on line 140 in tests/appsec/contrib_appsec/django_app/urls.py

Code scanning / CodeQL

Uncontrolled command line Critical test

This command line depends on a

user-provided value

.

Check failure on line 142 in tests/appsec/contrib_appsec/django_app/urls.py

Code scanning / CodeQL

Uncontrolled command line Critical test

This command line depends on a

user-provided value

.

Check failure on line 159 in tests/appsec/contrib_appsec/django_app/urls.py

Code scanning / CodeQL

Uncontrolled command line Critical test

This command line depends on a

user-provided value

.

Check failure on line 137 in tests/appsec/contrib_appsec/flask_app/app.py

Code scanning / CodeQL

Uncontrolled command line Critical test

This command line depends on a

user-provided value

.

Check failure on line 139 in tests/appsec/contrib_appsec/flask_app/app.py

Code scanning / CodeQL

Uncontrolled command line Critical test

This command line depends on a

user-provided value

.

Check failure on line 156 in tests/appsec/contrib_appsec/flask_app/app.py

Code scanning / CodeQL

Uncontrolled command line Critical test

This command line depends on a

user-provided value

.