profile photo of Vasilii ErmilovVasilii Ermilov
Download Count*

Secure defaults for Command injection prevention

Run Locally

Rules (5)

profile photo of returntocorpreturntocorp

Detected non-static command inside exec.Cmd. Audit the input to 'exec.Cmd'. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.