selftests/unit/plugin/xunit.py
Using xml.dom.minidom.parseString to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.dom.minidom.parseString with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called Open
Open
dom = minidom.parseString(xml)
- Exclude checks
Using minidom to parse untrusted XML data is known to be vulnerable to XML attacks. Replace minidom with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called. Open
Open
from xml.dom import minidom
- Exclude checks