GMS-2023-5275: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

November 28, 2023

Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) in apache-superset.

References

www.openwall.com/lists/oss-security/2023/11/27/2
github.com/advisories/GHSA-f678-j579-4xf5
github.com/orangecertcc/security-research/security/advisories/GHSA-f678-j579-4xf5
lists.apache.org/thread/jvgxpk4dbxyqtsgtl4pdgbd520rc0rot
nvd.nist.gov/vuln/detail/CVE-2023-40610

Code Behaviors & Features

Detect and mitigate GMS-2023-5275 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →