Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Sensitive Code Example

      public class Main {
          public static void main (String[] args) {
              System.getenv();  // Sensitive
              System.getenv("myvar");  // Sensitive
      
              ProcessBuilder processBuilder = new ProcessBuilder();
              Map<String, String> environment = processBuilder.environment();  // Sensitive
              environment.put("VAR", "value");
      
              Runtime.getRuntime().exec("ping", new String[]{"env=val"});   // Sensitive
          }
      }
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              nicolas.harraudeau Nicolas Harraudeau
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: