Skip to main content

SECU0018 alert: Java code injection pattern identified

Suggest edit Updated on October 8, 2021

The security alert SECU0018 is generated when a potential Java injection vulnerability is found in a rule that was created before version 8.3 and the dynamic system setting security/enableJavaInjectionMitigation is not defined or is set to false.

For more information, see Configuring the Java injection check.

Example of message text

Java code injection pattern identified in the java source code. Vulnerable code detected: Runtime.getRuntime()  -- RuleName: MyRule  -- Applies to class: MyClass

Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us