You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mnemonic.apache.org by "Zhen Li (Jira)" <ji...@apache.org> on 2022/03/12 06:02:00 UTC
[jira] [Closed] (MNEMONIC-734) Unsanitized input from a command line argument in run.py
[ https://issues.apache.org/jira/browse/MNEMONIC-734?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Zhen Li closed MNEMONIC-734.
----------------------------
PR merged.
> Unsanitized input from a command line argument in run.py
> --------------------------------------------------------
>
> Key: MNEMONIC-734
> URL: https://issues.apache.org/jira/browse/MNEMONIC-734
> Project: Mnemonic
> Issue Type: Bug
> Components: Tools
> Affects Versions: 0.17.0
> Reporter: Wang, Gang
> Assignee: Zhen Li
> Priority: Major
> Fix For: 0.17.0
>
> Time Spent: 2h 20m
> Remaining Estimate: 0h
>
> There are 3 security vulnerabilities identified in script run.py, which is about command argument of subprocess.check_call(...). It needs to be sanitized before passing to this call.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)