Tainted flow: 'web_search_plus' from os.environ.get (line 275, credential/environment) → subprocess.run (code execution)
Medium
- Category
- Data Flow
- Content
safe_query = re.sub(r'[\x00-\x1f\x7f]', '', query)[:500] if verbose: print(f" 🔍 Searching via web-search-plus: {safe_query}") result = subprocess.run( ["python3", str(web_search_plus), "--query", safe_query, "--max-results", "5"], capture_output=True, text=True,- Confidence
- 95% confidence
- Finding
- result = subprocess.run( ["python3", str(web_search_plus), "--query", safe_query, "--max-results", "5"], capture_output=True, text=True,
