Showing 885 of 902 total issues
Probable insecure usage of temp file/directory. Open
Open
os.environ["TMP"] = "/var/tmp"
- Exclude checks
Use of insecure MD2, MD4, MD5, or SHA1 hash function. Open
Open
+ hashlib.sha1(fingerprint.encode(astring.ENCODING)).hexdigest()[:4]
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
subprocess.Popen( # pylint: disable=W1509
cmd,
close_fds=True,
stdin=in_out,
stdout=in_out,
- Exclude checks
Consider possible security implications associated with subprocess module. Open
Open
import subprocess
- Exclude checks
Try, Except, Pass detected. Open
Open
except Exception: # pylint: disable=W0703
- Exclude checks
Consider possible security implications associated with subprocess module. Open
Open
import subprocess
- Exclude checks
Use of insecure MD2, MD4, MD5, or SHA1 hash function. Open
Open
device_hash = hashlib.sha1(self.device.encode("utf-8")).hexdigest()
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
if process.system(
f"{self.ndctl} enable-namespace {args}", shell=True, ignore_status=True
- Exclude checks
Standard pseudo-random generators are not suitable for security/cryptographic purposes. Open
Open
row_index = random.randint(0, len(matrix) - 1)
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
out = process.run(cmd, ignore_status=True, shell=True)
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
proc = subprocess.Popen(
cmd.split(), stdout=subprocess.PIPE, stderr=subprocess.STDOUT
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
output = process.run(cmd, ignore_status=True, shell=True).stdout_text
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
result = process.run(
cmd_line, shell=True, ignore_status=True, env={"LC_ALL": "C"}
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
process.system_output(
f"{self.ndctl} read-labels -j {nmem} ", shell=True
- Exclude checks
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open
Open
assert len(j.result.tests) == 1
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
run([cmd, "man/avocado.rst", "man/avocado.1"], check=True)
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
cmd_result = run(
cmd=cmd,
timeout=timeout,
verbose=verbose,
ignore_status=ignore_status,
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
cmd_result = process.run(cmd_format, verbose=False, shell=True)
- Exclude checks
Consider possible security implications associated with subprocess module. Open
Open
import subprocess
- Exclude checks
Consider possible security implications associated with subprocess module. Open
Open
import subprocess
- Exclude checks