-
Bug
-
Resolution: Duplicate
-
Undefined
-
None
-
None
-
False
-
-
False
-
-
Vulnerability Details
CWE Type(s): CWE-78
Severity: HIGH
Team: Unassigned
Location
- File: scripts/release_notes/common.py
- Lines: 148
Description
Command Injection in git commands via shell=True
subprocess.Popen uses shell=True with user-controlled git parameters, allowing command injection via shell metacharacters
Impact
subprocess.Popen uses shell=True with user-controlled git parameters, allowing command injection via shell metacharacters. Attackers can execute arbitrary commands by injecting shell metacharacters (;, |, &, $, `) into git parameters like branch names or commit references.
Root Cause
subprocess.Popen uses shell=True with user-controlled git parameters, allowing command injection via shell metacharacters
Fix Status
MR Link: https://gitlab.com/redhat/rhel-ai/team-pytorch/pytorch/-/merge_requests/165
Fix Branch: security-fix-cwe78-commitlist-git
Status: IMPLEMENTED
Related Exploit Files
- test_command_injection_commitlist_git.py
Exploit Code Sample
# Security regression test that validates the fix # Test file: test_command_injection_commitlist_git.py # The test verifies: # 1. Proper input validation # 2. Safe subprocess execution # 3. Protection against command injection attacks
References
- CWE Reference: https://cwe.mitre.org/data/definitions/78.html
- CVE Table: /pytorch_workspace/Security_related_files/Security_related_files/Command_Injection/Command_Injection_part_004/results/cve_analyzed_report.csv
Generated by CI Security Bot on 2026-02-03