alpine 3.6
shell weakness #92

The software constructs an OS command using externally-influenced input from an upstream component.

4

Weakness Breakdown


Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

./src/Linux-PAM-1.3.0/modules/pam_namespace/pam_namespace.c

Context:
if (execle("/bin/rm", "/bin/rm", "-rf", pptr->instance_prefix, NULL, envp) < 0)

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.