B408 - blacklist: Test case result

The below summarizes the result of the test "B408 - blacklist" in build 10 of CASA - Release Engineering Cmake Package Audit - Vulnerability - Bandit CASA6 CasaTasks.

Description: B408 - blacklist
Test class: /wheeldirectory/casa6/casatasks/src/private/casaxmlutil.py
Method: B408 - blacklist

Duration: < 1 sec
Status: Failed (New Failure)

Error Log

LOW: Using minidom to parse untrusted XML data is known to be vulnerable to XML attacks. Replace minidom with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.
Test ID: B408
Severity: LOW
Confidence: HIGH
CWE: 20 (https://cwe.mitre.org/data/definitions/20.html)
Location: /wheeldirectory/casa6/casatasks/src/private/casaxmlutil.py:4
Code: 4
Using minidom to parse untrusted XML data is known to be vulnerable to XML attacks. Replace minidom with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.
More info: https://bandit.readthedocs.io/en/1.9.4/blacklists/blacklist_imports.html#b408-import-xml-minidom

Build: #10 failed

Job: Bandit CASA6 CasaTasks failed

Stages & jobs

3.10 Stage

B408 - blacklist: Test case result

Error Log

Build #10

Build: #10 failed

Job: Bandit CASA6 CasaTasks failed

Stages & jobs

3.10 Stage

B408 - blacklist: Test case result

Error Log