>>- Does open source mean that the maintainers are free to ignore single line security fixes PR
Yes.
>> Does open source mean that maintainers could plant crypto miner or malware in the project or sell to someone who might do that?
Yes
>> Does open source mean that companies could change the license and keep the product name same or remove a core functionality and migrate it to paid version?
Yes
None of the things you mentioned are restricted (or required) by the license.
You may not agree with these points, or even consider them ethical, but OSS licenses allow for any of the above.
I know license allows it in the same way it allows users to harass burned out maintainers. Both are bad and we should have some ethical guidelines.
A popular open source has lot of community contributions like blog post, answers in stack overflow, issue reporting, PRs etc. And if the maintainer changes the behaviour abruptly with no way for community to fix it, even if they are ready to pay for the development cost like terraform seems like abusing the open source ethos for their advantage.
Yes.
>> Does open source mean that maintainers could plant crypto miner or malware in the project or sell to someone who might do that?
Yes
>> Does open source mean that companies could change the license and keep the product name same or remove a core functionality and migrate it to paid version?
Yes
None of the things you mentioned are restricted (or required) by the license.
You may not agree with these points, or even consider them ethical, but OSS licenses allow for any of the above.