Issues - avocado-framework/avocado

Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell
Open

    return os.system("perl -e 'use TAP::Parser;'") != 0

Found in selftests/functional/output.py by bandit

Exclude checks
- Disable engine
- Disable check

Try, Except, Pass detected.
Open

            except Exception:  # pylint: disable=W0703

Found in avocado/plugins/teststmpdir.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

    out = process.system_output(cmd, shell=True, ignore_status=True).decode("utf-8")

Found in avocado/utils/disk.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

    output = process.run(cmd, ignore_status=True, shell=True).stdout_text

Found in avocado/utils/pci.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

        if process.system(
            f"{self.ndctl} destroy-namespace {args}", shell=True, ignore_status=True

Found in avocado/utils/pmem.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

            process.system(up_cmd, shell=True, sudo=True)

Found in avocado/utils/software_manager/backends/apt.py by bandit

Exclude checks
- Disable engine
- Disable check

Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
Open

            data = urlopen(url).read()

Found in avocado/utils/vmimage.py by bandit

Exclude checks
- Disable engine
- Disable check

Consider possible security implications associated with subprocess module.
Open

import subprocess

Found in optional_plugins/golang/avocado_golang/runner.py by bandit

Exclude checks
- Disable engine
- Disable check

Probable insecure usage of temp file/directory.
Open

        output_lxc_path = "/tmp/.avocado_task_output_dir"

Found in optional_plugins/spawner_remote/avocado_spawner_remote/__init__.py by bandit

Exclude checks
- Disable engine
- Disable check

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

                column_index = random.randint(0, len(row) - 1)

Found in optional_plugins/varianter_cit/avocado_varianter_cit/Cit.py by bandit

Exclude checks
- Disable engine
- Disable check

Try, Except, Pass detected.
Open

        except Exception:

Found in selftests/unit/utils/cloudinit.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

        p = process.SubProcess(cmd="ls -l", sudo=True, shell=True)

Found in selftests/unit/utils/process.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

        p = process.run(cmd="ls -l", sudo=True, shell=True, ignore_status=True)

Found in selftests/unit/utils/process.py by bandit

Exclude checks
- Disable engine
- Disable check

Consider possible security implications associated with subprocess module.
Open

import subprocess

Found in avocado/plugins/diff.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

            self.process = subprocess.Popen(
                args,
                stdin=subprocess.PIPE,
                stdout=subprocess.PIPE,
                stderr=subprocess.PIPE,

Found in avocado/utils/gdb.py by bandit

Exclude checks
- Disable engine
- Disable check

Try, Except, Pass detected.
Open

    except Exception:  # pylint: disable=W0703

Found in avocado/utils/genio.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

    if process.system(cmd, ignore_status=True, sudo=True, shell=True):

Found in avocado/utils/multipath.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

    output = process.run(cmd, shell=True, sudo=True, ignore_status=True).stdout_text

Found in avocado/utils/nvme.py by bandit

Exclude checks
- Disable engine
- Disable check

Function call with shell=True parameter identified, possible security issue.
Open

    output = process.run(cmd, ignore_status=True, shell=True).stdout_text

Found in avocado/utils/pci.py by bandit

Exclude checks
- Disable engine
- Disable check

Consider possible security implications associated with pickle module.
Open

import pickle

Found in avocado/utils/stacktrace.py by bandit

Exclude checks
- Disable engine
- Disable check

avocado-framework/avocado

Showing 885 of 902 total issues

Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell
Open

Try, Except, Pass detected.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
Open

Consider possible security implications associated with subprocess module.
Open

Probable insecure usage of temp file/directory.
Open

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

Try, Except, Pass detected.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Consider possible security implications associated with subprocess module.
Open

subprocess call - check for execution of untrusted input.
Open

Try, Except, Pass detected.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Consider possible security implications associated with pickle module.
Open

Severity

Category

Status

Source

Language

avocado-framework/avocado

Showing 885 of 902 total issues

Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell Open

Try, Except, Pass detected. Open

Function call with shell=True parameter identified, possible security issue. Open

Function call with shell=True parameter identified, possible security issue. Open

Function call with shell=True parameter identified, possible security issue. Open

Function call with shell=True parameter identified, possible security issue. Open

Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected. Open

Consider possible security implications associated with subprocess module. Open

Probable insecure usage of temp file/directory. Open

Standard pseudo-random generators are not suitable for security/cryptographic purposes. Open

Try, Except, Pass detected. Open

Function call with shell=True parameter identified, possible security issue. Open

Function call with shell=True parameter identified, possible security issue. Open

Consider possible security implications associated with subprocess module. Open

subprocess call - check for execution of untrusted input. Open

Try, Except, Pass detected. Open

Function call with shell=True parameter identified, possible security issue. Open

Function call with shell=True parameter identified, possible security issue. Open

Function call with shell=True parameter identified, possible security issue. Open

Consider possible security implications associated with pickle module. Open

Severity

Category

Status

Source

Language

Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell
Open

Try, Except, Pass detected.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
Open

Consider possible security implications associated with subprocess module.
Open

Probable insecure usage of temp file/directory.
Open

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

Try, Except, Pass detected.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Consider possible security implications associated with subprocess module.
Open

subprocess call - check for execution of untrusted input.
Open

Try, Except, Pass detected.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Function call with shell=True parameter identified, possible security issue.
Open

Consider possible security implications associated with pickle module.
Open