Sign upLogin

avocado-framework/avocado

View on GitHub
Star
selftests/functional/plugin/xunit.py

Summary

Maintainability
A
0 mins
Test Coverage

Using minidom to parse untrusted XML data is known to be vulnerable to XML attacks. Replace minidom with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.
Open

from xml.dom import minidom
Severity: Info
Found in selftests/functional/plugin/xunit.py by bandit

Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
Open

            dom = minidom.parseString(xml)
Severity: Minor
Found in selftests/functional/plugin/xunit.py by bandit

Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
Open

            dom = minidom.parseString(xml)
Severity: Minor
Found in selftests/functional/plugin/xunit.py by bandit

Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
Open

            dom = minidom.parseString(xml)
Severity: Minor
Found in selftests/functional/plugin/xunit.py by bandit

Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
Open

            dom = minidom.parseString(xml)
Severity: Minor
Found in selftests/functional/plugin/xunit.py by bandit

There are no issues that match your filters.

Category
Status