Query module ExecTainted

name
Uncontrolled command line
description
Using externally controlled strings in a command line is vulnerable to malicious changes in the strings.
kind
path-problem
problem.severity
error
precision
high
id
java/command-line-injection
tags
security external/cwe/cwe-078 external/cwe/cwe-088

Imports

ExecCommon
Expr

Provides classes for working with Java expressions.

ExternalProcess
FlowSources

Provides classes representing various flow sources for taint tracking.

PathGraph

Provides the query predicates needed to include a graph in a path-problem query.