Showing 884 of 901 total issues
Function call with shell=True parameter identified, possible security issue. Open
Open
return process.run(cmd, shell=True).stdout_text
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
output = process.run(cmd, ignore_status=True, shell=True).stdout_text
- Exclude checks
Standard pseudo-random generators are not suitable for security/cryptographic purposes. Open
Open
line = "".join(random.choice(string.ascii_letters + string.digits + "\n"))
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
if process.system(cmd, shell=True, ignore_status=True):
- Exclude checks
Consider possible security implications associated with CalledProcessError module. Open
Open
from subprocess import CalledProcessError, run
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
run([sys.executable, "setup.py"] + action, cwd=parent_dir, check=True)
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
if process.system(
f"{self.ndctl} disable-region {name}", shell=True, ignore_status=True
- Exclude checks
Standard pseudo-random generators are not suitable for security/cryptographic purposes. Open
Open
combination_index = random.randint(0, len(possible_combinations) - 1)
- Exclude checks
Consider possible security implications associated with subprocess module. Open
Open
import subprocess
- Exclude checks
Try, Except, Pass detected. Open
Open
except Exception:
- Exclude checks
Possible hardcoded password: 'PASSWORD' Open
Open
session = ssh.Session("hostname", user="user", password="PASSWORD")
- Exclude checks
Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open
Open
assert self.tmpdir is not None, "Job.setup() not called"
- Exclude checks
Probable insecure usage of temp file/directory. Open
Open
output_lxc_path = "/tmp/.avocado_task_output_dir"
- Exclude checks
Consider possible security implications associated with subprocess module. Open
Open
import subprocess
- Exclude checks
subprocess call - check for execution of untrusted input. Open
Open
process = subprocess.Popen(
cmd,
stdin=subprocess.DEVNULL,
stdout=subprocess.PIPE,
stderr=subprocess.DEVNULL,
- Exclude checks
Probable insecure usage of temp file/directory. Open
Open
to = os.path.join("/tmp", asset)
- Exclude checks
Try, Except, Pass detected. Open
Open
except Exception: # pylint: disable=W0703
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
status = process.system(
cmd, timeout=30, ignore_status=True, verbose=False, shell=True, sudo=True
- Exclude checks
Use of possibly insecure function - consider using safer ast.literal_eval. Open
Open
if eval(f"{_} {chunk_sizes}")
- Exclude checks
Function call with shell=True parameter identified, possible security issue. Open
Open
out = process.run(cmd, ignore_status=True, sudo=True, shell=True).stdout_text
- Exclude checks