add cmd-injection.js #3
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| const app = express(); | ||
|
|
||
| app.get("/run", function run(req, res, next) { // OS_CMD_INJECTION defect | ||
| require("child_process").exec(req.query.cmd); |
There was a problem hiding this comment.
Automated PR Comment From coverity
Coverity Issue - OS Command Injection
High CWE-78
Calling "require("child_process").exec" with the tainted value in "req.query.cmd". This passes the tainted value to the process-invoking API and may thus allow an attacker to modify the intention of the command.
A user can change the intent of an operating system command. This change may result in the disclosure, destruction, or modification of sensitive data or operating system resources.
How to fix
Ensure the tainted data cannot modify the intent of the OS command. Sanitize the data before using inside a sensitive function call. If possible, use a safer library or API call instead.
| // https://documentation.blackduck.com/bundle/coverity-docs/page/checker-ref/checkers/NO/os_cmd_injection.html | ||
|
|
||
| const express = require("express"); | ||
| const app = express(); |
There was a problem hiding this comment.
Automated PR Comment From coverity
Coverity Issue - Sending X-Powered-By header
Low CWE-201
HTTP responses contain an X-Powered-By header that reveals information about the server which helps attackers exploit known vulnerabilities or craft more targeted exploits.
How to fix
Use app.disable('x-powered-by') to disable the X-Powered-By header. If you're using an older version of Express that does not support this setting and you can't upgrade, create a middleware to call res.removeHeader("x-powered-by") where res is the response object.
No description provided.