Sign upLogin

avocado-framework/avocado

View on GitHub
Star

Showing 885 of 902 total issues

Probable insecure usage of temp file/directory.
Open

            os.environ["TMP"] = "/var/tmp"
Severity: Minor
Found in avocado/core/main.py by bandit

Use of insecure MD2, MD4, MD5, or SHA1 hash function.
Open

        + hashlib.sha1(fingerprint.encode(astring.ENCODING)).hexdigest()[:4]
Severity: Minor
Found in avocado/core/varianter.py by bandit

subprocess call - check for execution of untrusted input.
Open

                subprocess.Popen(  # pylint: disable=W1509
                    cmd,
                    close_fds=True,
                    stdin=in_out,
                    stdout=in_out,
Severity: Info
Found in avocado/plugins/diff.py by bandit

Consider possible security implications associated with subprocess module.
Open

import subprocess
Severity: Info
Found in avocado/plugins/spawners/podman.py by bandit

Try, Except, Pass detected.
Open

                except Exception:  # pylint: disable=W0703
Severity: Info
Found in avocado/utils/filelock.py by bandit

Consider possible security implications associated with subprocess module.
Open

import subprocess
Severity: Info
Found in avocado/utils/gdb.py by bandit

Use of insecure MD2, MD4, MD5, or SHA1 hash function.
Open

        device_hash = hashlib.sha1(self.device.encode("utf-8")).hexdigest()
Severity: Minor
Found in avocado/utils/partition.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

        if process.system(
            f"{self.ndctl} enable-namespace {args}", shell=True, ignore_status=True
Severity: Minor
Found in avocado/utils/pmem.py by bandit

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

            row_index = random.randint(0, len(matrix) - 1)
Severity: Info
Found in optional_plugins/varianter_cit/avocado_varianter_cit/Cit.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    out = process.run(cmd, ignore_status=True, shell=True)
Severity: Minor
Found in avocado/utils/pci.py by bandit

subprocess call - check for execution of untrusted input.
Open

        proc = subprocess.Popen(
            cmd.split(), stdout=subprocess.PIPE, stderr=subprocess.STDOUT
Severity: Info
Found in selftests/functional/interrupt.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    output = process.run(cmd, ignore_status=True, shell=True).stdout_text
Severity: Minor
Found in avocado/utils/pci.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

        result = process.run(
            cmd_line, shell=True, ignore_status=True, env={"LC_ALL": "C"}
Severity: Minor
Found in selftests/functional/output.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

                process.system_output(
                    f"{self.ndctl} read-labels -j {nmem} ", shell=True
Severity: Minor
Found in avocado/utils/pmem.py by bandit

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

assert len(j.result.tests) == 1
Severity: Info
Found in selftests/jobs/unix_status_server.py by bandit

subprocess call - check for execution of untrusted input.
Open

            run([cmd, "man/avocado.rst", "man/avocado.1"], check=True)
Severity: Info
Found in setup.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    cmd_result = run(
        cmd=cmd,
        timeout=timeout,
        verbose=verbose,
        ignore_status=ignore_status,
Severity: Minor
Found in avocado/utils/process.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

            cmd_result = process.run(cmd_format, verbose=False, shell=True)
Severity: Minor
Found in avocado/utils/software_manager/backends/rpm.py by bandit

Consider possible security implications associated with subprocess module.
Open

import subprocess
Severity: Info
Found in optional_plugins/html/avocado_result_html/__init__.py by bandit

Consider possible security implications associated with subprocess module.
Open

import subprocess
Severity: Info
Found in avocado/plugins/runners/exec_test.py by bandit
Severity
Category
Status
Source
Language