Sign upLogin

stellargraph/stellargraph

View on GitHub
Star
scripts/ci/junit_to_github_checks.py

Summary

Maintainability
A
0 mins
Test Coverage

Using xml.etree.ElementTree to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.ElementTree with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.
Open

import xml.etree.ElementTree as ET
Severity: Info
Found in scripts/ci/junit_to_github_checks.py by bandit

Using xml.etree.ElementTree.parse to parse untrusted XML data is known to be vulnerable to XML attacks. Replace xml.etree.ElementTree.parse with its defusedxml equivalent function or make sure defusedxml.defuse_stdlib() is called
Open

    tree = ET.parse(args.file)
Severity: Minor
Found in scripts/ci/junit_to_github_checks.py by bandit

There are no issues that match your filters.

Category
Status