Command_Injection issue exists @ projects/Terminal_progress_bar_with_images_resizing/progressbar with_images_resizing.py in branch master
*The application's input method calls an OS (shell) command with input, at line 17 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py, using an untrusted string with the command to execute. This could allow an attacker to inject an arbitrary command, and enable a Command Injection attack.The attacker may be able to inject the executed command via user input, input, which is retrieved by the application in the input method, at line 17 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py.Similarity ID: -930650913
The application's input method calls an OS (shell) command with input, at line 18 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py, using an untrusted string with the command to execute. This could allow an attacker to inject an arbitrary command, and enable a Command Injection attack.The attacker may be able to inject the executed command via user input, input, which is retrieved by the application in the input method, at line 18 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py.Similarity ID: 1630544287*
Command_Injection issue exists @ projects/Terminal_progress_bar_with_images_resizing/progressbar with_images_resizing.py in branch master
*The application's input method calls an OS (shell) command with input, at line 17 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py, using an untrusted string with the command to execute. This could allow an attacker to inject an arbitrary command, and enable a Command Injection attack.The attacker may be able to inject the executed command via user input, input, which is retrieved by the application in the input method, at line 17 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py.Similarity ID: -930650913
The application's input method calls an OS (shell) command with input, at line 18 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py, using an untrusted string with the command to execute. This could allow an attacker to inject an arbitrary command, and enable a Command Injection attack.The attacker may be able to inject the executed command via user input, input, which is retrieved by the application in the input method, at line 18 of projects\Terminal_progress_bar_with_images_resizing\progressbar with_images_resizing.py.Similarity ID: 1630544287*
Severity: High
CWE:77
Vulnerability details and guidance
Internal Guidance
Checkmarx
Training Recommended Fix
Lines: [17](https://github.com/mariana-bteixeira/python-mini-projects/blob/master/projects/Terminal_progress_bar_with_images_resizing/progress_bar_ with_images_resizing.py#L17) [18](https://github.com/mariana-bteixeira/python-mini-projects/blob/master/projects/Terminal_progress_bar_with_images_resizing/progress_bar_ with_images_resizing.py#L18)
[Code (Line #17):](https://github.com/mariana-bteixeira/python-mini-projects/blob/master/projects/Terminal_progress_bar_with_images_resizing/progress_bar_ with_images_resizing.py#L17)
[Code (Line #18):](https://github.com/mariana-bteixeira/python-mini-projects/blob/master/projects/Terminal_progress_bar_with_images_resizing/progress_bar_ with_images_resizing.py#L18)