Skip to content

Sanitize GitHub action shell cmd to prevent cmd injection #3509 #213

Sanitize GitHub action shell cmd to prevent cmd injection #3509

Sanitize GitHub action shell cmd to prevent cmd injection #3509 #213

Triggered via pull request October 15, 2024 08:42
Status Failure
Total duration 40s
Artifacts

github-action-scan.yml

on: pull_request
build-scan
29s

Annotations

10 errors and 5 warnings
build-scan
Argument has invalid characters: rm-rf/;echohacked
build-scan
Argument has invalid characters: echo$(whoami)
build-scan
Argument has invalid characters: cat/etc/passwd|greproot
build-scan
Argument has invalid characters: touch/tmp/test&&ls/tmp
build-scan
Argument has invalid characters: echohello>/tmp/test
build-scan
Argument has invalid characters: `reboot`
build-scan
Argument has invalid characters: $(reboot)
build-scan
Argument has invalid characters: ;reboot
build-scan
Argument has invalid characters: |reboot
build-scan
Argument has invalid characters: &reboot
build-scan
No files were found with the provided path: /home/runner/work/sechub/sechub/build/git-status.txt. No artifacts will be uploaded.
build-scan
No files were found with the provided path: ./build/sechub-runtime/**/*.log. No artifacts will be uploaded.
build-scan
Field "project" not found in the JSON report.
build-scan
Field "project" not found in the JSON report.
build-scan
No files were found with the provided path: ./github-actions/scan/sechub_report*.* ./sechub_report*.*. No artifacts will be uploaded.