Sign upLogin

avocado-framework/avocado

View on GitHub
Star

Showing 885 of 902 total issues

Standard pseudo-random generators are not suitable for security/cryptographic purposes.
Open

            value_choice = random.choice(possible_values)
Severity: Info
Found in optional_plugins/varianter_cit/avocado_varianter_cit/Cit.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    return process.run(cmd, shell=True).stdout_text
Severity: Minor
Found in optional_plugins/varianter_pict/avocado_varianter_pict/varianter_pict.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

            result = process.run(cmd, env=env, shell=True)
Severity: Minor
Found in selftests/functional/streams.py by bandit

Consider possible security implications associated with CalledProcessError module.
Open

from subprocess import CalledProcessError, run
Severity: Info
Found in setup.py by bandit

Consider possible security implications associated with subprocess module.
Open

import subprocess
Severity: Info
Found in avocado/core/nrunner/runnable.py by bandit

Starting a process with a shell, possible injection detected, security issue.
Open

        self.pipe = os.popen(paginator, "w")
Severity: Major
Found in avocado/core/output.py by bandit

subprocess call - check for execution of untrusted input.
Open

            process = subprocess.Popen(
                cmd,
                stdin=subprocess.DEVNULL,
                stdout=subprocess.PIPE,
                stderr=subprocess.DEVNULL,
Severity: Info
Found in avocado/plugins/spawners/podman.py by bandit

Consider possible security implications associated with subprocess module.
Open

import subprocess
Severity: Info
Found in avocado/utils/network/interfaces.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

            interface_type = process.system_output(
                cmd, shell=True, ignore_status=True
Severity: Minor
Found in avocado/utils/network/interfaces.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    output = process.run(cmd, shell=True, sudo=True, ignore_status=True).stdout_text
Severity: Minor
Found in avocado/utils/nvme.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    data = process.run(cmd, ignore_status=True, sudo=True, shell=True).stdout_text
Severity: Minor
Found in avocado/utils/nvme.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    output = process.run(cmd, ignore_status=True, shell=True).stdout_text
Severity: Minor
Found in avocado/utils/pci.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

        device_property = process.run(cmd, shell=True, ignore_status=True)
Severity: Minor
Found in avocado/utils/pmem.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

        if process.system(write_cmd, shell=True, ignore_status=True):
Severity: Minor
Found in avocado/utils/pmem.py by bandit

Consider possible security implications associated with subprocess module.
Open

import subprocess
Severity: Info
Found in avocado/utils/ssh.py by bandit

subprocess call - check for execution of untrusted input.
Open

                master = subprocess.Popen(
                    cmd,
                    stdin=subprocess.DEVNULL,
                    stdout=subprocess.DEVNULL,
                    stderr=subprocess.DEVNULL,
Severity: Info
Found in avocado/utils/ssh.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

            interface_type = process.system_output(
                cmd, shell=True, ignore_status=True
Severity: Minor
Found in avocado/utils/network/interfaces.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

    out = process.run(cmd, ignore_status=True, sudo=True, shell=True).stdout_text
Severity: Minor
Found in avocado/utils/nvme.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

            result = process.run(
                self.cmd,
                timeout=self.timeout,
                verbose=False,
                ignore_status=True,
Severity: Minor
Found in avocado/utils/sysinfo.py by bandit

Function call with shell=True parameter identified, possible security issue.
Open

            process.system_output(f"yes | {mkfs_cmd}", shell=True)
Severity: Minor
Found in avocado/utils/partition.py by bandit
Severity
Category
Status
Source
Language