B406 - blacklist: Test case result

The below summarizes the result of the test "B406 - blacklist" in build 10 of CASA - Release Engineering Cmake Package Audit - Vulnerability - Bandit CASA6 CasaTasks.

Description: B406 - blacklist
Test class: /wheeldirectory/casa6/casatasks/tests/run.py
Method: B406 - blacklist

Duration: < 1 sec
Status: Failed (New Failure)

Error Log

LOW: Using escape to parse untrusted XML data is known to be vulnerable to XML attacks. Replace escape with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.
Test ID: B406
Severity: LOW
Confidence: HIGH
CWE: 20 (https://cwe.mitre.org/data/definitions/20.html)
Location: /wheeldirectory/casa6/casatasks/tests/run.py:14
Code: 14
Using escape to parse untrusted XML data is known to be vulnerable to XML attacks. Replace escape with the equivalent defusedxml package, or make sure defusedxml.defuse_stdlib() is called.
More info: https://bandit.readthedocs.io/en/1.9.4/blacklists/blacklist_imports.html#b406-import-xml-sax

Build: #10 failed

Job: Bandit CASA6 CasaTasks failed

Stages & jobs

3.10 Stage

B406 - blacklist: Test case result

Error Log

Build #10

Build: #10 failed

Job: Bandit CASA6 CasaTasks failed

Stages & jobs

3.10 Stage

B406 - blacklist: Test case result

Error Log