Back to Codebase

Vulnerability Analysis Report

Drush Drush v13.0.0-beta1

Scan ID: SCAN-DRUSH-DRUSH-6fH7Oa • Hash: eff2afaf

Severity Score
Critical
Total Findings
16
Engine Version
ECOMGUARD-HYBRID-AST-1.5
Scan Duration
0.684s

Vulnerability Details

L64

Dynamic Code Execution in DrushStyle.php

CWE-94
File Location: src-symfony-compatibility/v6/Style/DrushStyle.php:64
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($validator === null, 'The $validator parameter is non-functional. Use $validate instead.');
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L33

Dynamic Code Execution in PhpCommands.php

CWE-94
File Location: src/Commands/core/PhpCommands.php:33
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return eval($code . ';');
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L325

Dynamic Code Execution in DrupalBoot8.php

CWE-94
File Location: src/Boot/DrupalBoot8.php:325
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($this->kernel instanceof TerminableInterface);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L143

Dynamic Code Execution in RsyncCommands.php

CWE-94
File Location: src/Commands/core/RsyncCommands.php:143
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($aliasConfigContext instanceof \Consolidation\Config\Config);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L206

Dynamic Code Execution in SiteInstallCommands.php

CWE-94
File Location: src/Commands/core/SiteInstallCommands.php:206
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($kernel instanceof InstallerKernel);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L49

Dynamic Code Execution in DrushHelpCommand.php

CWE-94
File Location: src/Psysh/DrushHelpCommand.php:49
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($output instanceof ShellOutput);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L55

Dynamic Code Execution in TestFixtureCommands.php

CWE-94
File Location: tests/functional/Commands/TestFixtureCommands.php:55
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return eval($code . ';');
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L322

Dynamic Code Execution in CliCommands.php

CWE-94
File Location: src/Commands/core/CliCommands.php:322
Security Score:
96 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- eval(sprintf('class %s extends %s {
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L60

Dynamic Code Execution in PhpCommands.php

CWE-94
File Location: src/Commands/core/PhpCommands.php:60
Security Score:
96 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return eval($this->stdin()->contents());
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L255

Dynamic Code Execution in FieldDeleteCommands.php

CWE-94
File Location: src/Commands/field/FieldDeleteCommands.php:255
Security Score:
96 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($fieldStorage instanceof FieldStorageConfigInterface);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L618

Dynamic Code Execution in MigrateExecutable.php

CWE-94
File Location: src/Drupal/Migrate/MigrateExecutable.php:618
Security Score:
96 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($eventDispatcher instanceof EventDispatcherInterface);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L66

Dynamic Code Execution in DrushCommand.php

CWE-94
File Location: src/Psysh/DrushCommand.php:66
Security Score:
96 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($output instanceof ShellOutput);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L197

Dynamic Code Execution in DeployHookCommands.php

CWE-94
File Location: src/Commands/core/DeployHookCommands.php:197
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert(isset($module) && isset($name) && isset($filename));
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L492

Dynamic Code Execution in FieldCreateCommands.php

CWE-94
File Location: src/Commands/field/FieldCreateCommands.php:492
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($storage instanceof EntityDisplayInterface);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L168

Dynamic Code Execution in MigrateExecutable.php

CWE-94
File Location: src/Drupal/Migrate/MigrateExecutable.php:168
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($eventDispatcher instanceof EventDispatcherInterface);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L24

Dynamic Code Execution in FixtureCommands.php

CWE-94
File Location: sut/drush/Commands/FixtureCommands.php:24
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return eval($code . ';');
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.