Back to Codebase

Vulnerability Analysis Report

Drush Drush v13.7.3

Scan ID: SCAN-DRUSH-DRUSH-unLEIQ • Hash: 33322217

Severity Score
High
Total Findings
5
Engine Version
ECOMGUARD-HYBRID-AST-1.5
Scan Duration
0.876s

Vulnerability Details

L119

Dynamic Code Execution in BootstrapManager.php

CWE-94
File Location: src/Boot/BootstrapManager.php:119
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($this->bootstrap instanceof DrupalBoot8);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L22

Dynamic Code Execution in ConfigAwareTrait.php

CWE-94
File Location: src/Config/ConfigAwareTrait.php:22
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($return instanceof DrushConfig, 'Expected DrushConfig, got ' . get_class($return) . '.');
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L291

Dynamic Code Execution in Drush.php

CWE-94
File Location: src/Drush.php:291
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($return instanceof SiteProcess);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L316

Dynamic Code Execution in DrupalBoot8.php

CWE-94
File Location: src/Boot/DrupalBoot8.php:316
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($this->kernel instanceof TerminableInterface);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L66

Dynamic Code Execution in DrushCommands.php

CWE-94
File Location: src/Commands/DrushCommands.php:66
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- assert($this->io instanceof DrushStyle);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.