2021-03-11 19:13:27 +05:30
{
"version" : "1.2" ,
"vulnerabilities" : [
{
"category" : "sast" ,
"message" : "Probable insecure usage of temp file/directory." ,
"cve" : "python/hardcoded/hardcoded-tmp.py:52865813c884a507be1f152d654245af34aba8a391626d01f1ab6d3f52ec8779:B108" ,
"severity" : "Medium" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-tmp.py" ,
"start_line" : 1 ,
"end_line" : 1
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B108" ,
"value" : "B108" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html"
}
] ,
"priority" : "Medium" ,
"file" : "python/hardcoded/hardcoded-tmp.py" ,
"line" : 1 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" ,
2021-04-17 20:07:23 +05:30
"tool" : "bandit" ,
"tracking" : {
"type" : "source" ,
"items" : [
{
"file" : "python/hardcoded/hardcoded-tmp.py" ,
"start_line" : 1 ,
"end_line" : 1 ,
"fingerprints" : [
{ "algorithm" : "hash" , "value" : "HASHVALUE" } ,
{ "algorithm" : "scope_offset" , "value" : "python/hardcoded/hardcoded-tmp.py:ClassA:method_b:2" }
]
}
]
}
2021-03-11 19:13:27 +05:30
} ,
{
"category" : "sast" ,
"name" : "Predictable pseudorandom number generator" ,
"message" : "Predictable pseudorandom number generator" ,
"cve" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:47:PREDICTABLE_RANDOM" ,
"severity" : "Medium" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "find_sec_bugs" ,
"name" : "Find Security Bugs"
} ,
"location" : {
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"start_line" : 47 ,
"end_line" : 47 ,
"class" : "com.gitlab.security_products.tests.App" ,
"method" : "generateSecretToken2"
} ,
"identifiers" : [
{
"type" : "find_sec_bugs_type" ,
"name" : "Find Security Bugs-PREDICTABLE_RANDOM" ,
"value" : "PREDICTABLE_RANDOM" ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM"
}
] ,
"priority" : "Medium" ,
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"line" : 47 ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" ,
"tool" : "find_sec_bugs"
} ,
{
"category" : "sast" ,
"name" : "Predictable pseudorandom number generator" ,
"message" : "Predictable pseudorandom number generator" ,
"cve" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:41:PREDICTABLE_RANDOM" ,
"severity" : "Medium" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "find_sec_bugs" ,
"name" : "Find Security Bugs"
} ,
"location" : {
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"start_line" : 41 ,
"end_line" : 41 ,
"class" : "com.gitlab.security_products.tests.App" ,
"method" : "generateSecretToken1"
} ,
"identifiers" : [
{
"type" : "find_sec_bugs_type" ,
"name" : "Find Security Bugs-PREDICTABLE_RANDOM" ,
"value" : "PREDICTABLE_RANDOM" ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM"
}
] ,
"priority" : "Medium" ,
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"line" : 41 ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" ,
"tool" : "find_sec_bugs"
} ,
{
"category" : "sast" ,
"message" : "Use of insecure MD2, MD4, or MD5 hash function." ,
"cve" : "python/imports/imports-aliases.py:cb203b465dffb0cb3a8e8bd8910b84b93b0a5995a938e4b903dbb0cd6ffa1254:B303" ,
"severity" : "Medium" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 11 ,
"end_line" : 11
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B303" ,
"value" : "B303"
}
] ,
"priority" : "Medium" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 11 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Use of insecure MD2, MD4, or MD5 hash function." ,
"cve" : "python/imports/imports-aliases.py:a7173c43ae66bd07466632d819d450e0071e02dbf782763640d1092981f9631b:B303" ,
"severity" : "Medium" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 12 ,
"end_line" : 12
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B303" ,
"value" : "B303"
}
] ,
"priority" : "Medium" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 12 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Use of insecure MD2, MD4, or MD5 hash function." ,
"cve" : "python/imports/imports-aliases.py:017017b77deb0b8369b6065947833eeea752a92ec8a700db590fece3e934cf0d:B303" ,
"severity" : "Medium" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 13 ,
"end_line" : 13
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B303" ,
"value" : "B303"
}
] ,
"priority" : "Medium" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 13 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Use of insecure MD2, MD4, or MD5 hash function." ,
"cve" : "python/imports/imports-aliases.py:45fc8c53aea7b84f06bc4e590cc667678d6073c4c8a1d471177ca2146fb22db2:B303" ,
"severity" : "Medium" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 14 ,
"end_line" : 14
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B303" ,
"value" : "B303"
}
] ,
"priority" : "Medium" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 14 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Pickle library appears to be in use, possible security issue." ,
"cve" : "python/imports/imports-aliases.py:5f200d47291e7bbd8352db23019b85453ca048dd98ea0c291260fa7d009963a4:B301" ,
"severity" : "Medium" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 15 ,
"end_line" : 15
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B301" ,
"value" : "B301"
}
] ,
"priority" : "Medium" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 15 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"name" : "ECB mode is insecure" ,
"message" : "ECB mode is insecure" ,
"cve" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:ECB_MODE" ,
"severity" : "Medium" ,
"confidence" : "High" ,
"scanner" : {
"id" : "find_sec_bugs" ,
"name" : "Find Security Bugs"
} ,
"location" : {
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"start_line" : 29 ,
"end_line" : 29 ,
"class" : "com.gitlab.security_products.tests.App" ,
"method" : "insecureCypher"
} ,
"identifiers" : [
{
"type" : "find_sec_bugs_type" ,
"name" : "Find Security Bugs-ECB_MODE" ,
"value" : "ECB_MODE" ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE"
}
] ,
"priority" : "Medium" ,
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"line" : 29 ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE" ,
"tool" : "find_sec_bugs"
} ,
{
"category" : "sast" ,
"name" : "Cipher with no integrity" ,
"message" : "Cipher with no integrity" ,
"cve" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:CIPHER_INTEGRITY" ,
"severity" : "Medium" ,
"confidence" : "High" ,
"scanner" : {
"id" : "find_sec_bugs" ,
"name" : "Find Security Bugs"
} ,
"location" : {
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"start_line" : 29 ,
"end_line" : 29 ,
"class" : "com.gitlab.security_products.tests.App" ,
"method" : "insecureCypher"
} ,
"identifiers" : [
{
"type" : "find_sec_bugs_type" ,
"name" : "Find Security Bugs-CIPHER_INTEGRITY" ,
"value" : "CIPHER_INTEGRITY" ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY"
}
] ,
"priority" : "Medium" ,
"file" : "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy" ,
"line" : 29 ,
"url" : "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY" ,
"tool" : "find_sec_bugs"
} ,
{
"category" : "sast" ,
"message" : "Probable insecure usage of temp file/directory." ,
"cve" : "python/hardcoded/hardcoded-tmp.py:63dd4d626855555b816985d82c4614a790462a0a3ada89dc58eb97f9c50f3077:B108" ,
"severity" : "Medium" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-tmp.py" ,
"start_line" : 14 ,
"end_line" : 14
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B108" ,
"value" : "B108" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html"
}
] ,
"priority" : "Medium" ,
"file" : "python/hardcoded/hardcoded-tmp.py" ,
"line" : 14 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Probable insecure usage of temp file/directory." ,
"cve" : "python/hardcoded/hardcoded-tmp.py:4ad6d4c40a8c263fc265f3384724014e0a4f8dd6200af83e51ff120420038031:B108" ,
"severity" : "Medium" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-tmp.py" ,
"start_line" : 10 ,
"end_line" : 10
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B108" ,
"value" : "B108" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html"
}
] ,
"priority" : "Medium" ,
"file" : "python/hardcoded/hardcoded-tmp.py" ,
"line" : 10 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with Popen module." ,
"cve" : "python/imports/imports-aliases.py:2c3e1fa1e54c3c6646e8bcfaee2518153c6799b77587ff8d9a7b0631f6d34785:B404" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 1 ,
"end_line" : 1
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B404" ,
"value" : "B404"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 1 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with pickle module." ,
"cve" : "python/imports/imports.py:af58d07f6ad519ef5287fcae65bf1a6999448a1a3a8bc1ac2a11daa80d0b96bf:B403" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports.py" ,
"start_line" : 2 ,
"end_line" : 2
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B403" ,
"value" : "B403"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports.py" ,
"line" : 2 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with subprocess module." ,
"cve" : "python/imports/imports.py:8de9bc98029d212db530785a5f6780cfa663548746ff228ab8fa96c5bb82f089:B404" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports.py" ,
"start_line" : 4 ,
"end_line" : 4
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B404" ,
"value" : "B404"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports.py" ,
"line" : 4 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Possible hardcoded password: 'blerg'" ,
"cve" : "python/hardcoded/hardcoded-passwords.py:97c30f1d76d2a88913e3ce9ae74087874d740f87de8af697a9c455f01119f633:B106" ,
"severity" : "Low" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"start_line" : 22 ,
"end_line" : 22
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B106" ,
"value" : "B106" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html"
}
] ,
"priority" : "Low" ,
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"line" : 22 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Possible hardcoded password: 'root'" ,
"cve" : "python/hardcoded/hardcoded-passwords.py:7431c73a0bc16d94ece2a2e75ef38f302574d42c37ac0c3c38ad0b3bf8a59f10:B105" ,
"severity" : "Low" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"start_line" : 5 ,
"end_line" : 5
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B105" ,
"value" : "B105" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html"
}
] ,
"priority" : "Low" ,
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"line" : 5 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Possible hardcoded password: ''" ,
"cve" : "python/hardcoded/hardcoded-passwords.py:d2d1857c27caedd49c57bfbcdc23afcc92bd66a22701fcdc632869aab4ca73ee:B105" ,
"severity" : "Low" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"start_line" : 9 ,
"end_line" : 9
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B105" ,
"value" : "B105" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html"
}
] ,
"priority" : "Low" ,
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"line" : 9 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Possible hardcoded password: 'ajklawejrkl42348swfgkg'" ,
"cve" : "python/hardcoded/hardcoded-passwords.py:fb3866215a61393a5c9c32a3b60e2058171a23219c353f722cbd3567acab21d2:B105" ,
"severity" : "Low" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"start_line" : 13 ,
"end_line" : 13
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B105" ,
"value" : "B105" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html"
}
] ,
"priority" : "Low" ,
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"line" : 13 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Possible hardcoded password: 'blerg'" ,
"cve" : "python/hardcoded/hardcoded-passwords.py:63c62a8b7e1e5224439bd26b28030585ac48741e28ca64561a6071080c560a5f:B105" ,
"severity" : "Low" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"start_line" : 23 ,
"end_line" : 23
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B105" ,
"value" : "B105" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html"
}
] ,
"priority" : "Low" ,
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"line" : 23 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Possible hardcoded password: 'blerg'" ,
"cve" : "python/hardcoded/hardcoded-passwords.py:4311b06d08df8fa58229b341c531da8e1a31ec4520597bdff920cd5c098d86f9:B105" ,
"severity" : "Low" ,
"confidence" : "Medium" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"start_line" : 24 ,
"end_line" : 24
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B105" ,
"value" : "B105" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html"
}
] ,
"priority" : "Low" ,
"file" : "python/hardcoded/hardcoded-passwords.py" ,
"line" : 24 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with subprocess module." ,
"cve" : "python/imports/imports-function.py:5858400c2f39047787702de44d03361ef8d954c9d14bd54ee1c2bef9e6a7df93:B404" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-function.py" ,
"start_line" : 4 ,
"end_line" : 4
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B404" ,
"value" : "B404"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-function.py" ,
"line" : 4 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with pickle module." ,
"cve" : "python/imports/imports-function.py:dbda3cf4190279d30e0aad7dd137eca11272b0b225e8af4e8bf39682da67d956:B403" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-function.py" ,
"start_line" : 2 ,
"end_line" : 2
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B403" ,
"value" : "B403"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-function.py" ,
"line" : 2 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with Popen module." ,
"cve" : "python/imports/imports-from.py:eb8a0db9cd1a8c1ab39a77e6025021b1261cc2a0b026b2f4a11fca4e0636d8dd:B404" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-from.py" ,
"start_line" : 7 ,
"end_line" : 7
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B404" ,
"value" : "B404"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-from.py" ,
"line" : 7 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell" ,
"cve" : "python/imports/imports-aliases.py:f99f9721e27537fbcb6699a4cf39c6740d6234d2c6f06cfc2d9ea977313c483d:B602" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 9 ,
"end_line" : 9
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B602" ,
"value" : "B602" ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 9 ,
"url" : "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html" ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with subprocess module." ,
"cve" : "python/imports/imports-from.py:332a12ab1146698f614a905ce6a6a5401497a12281aef200e80522711c69dcf4:B404" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-from.py" ,
"start_line" : 6 ,
"end_line" : 6
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B404" ,
"value" : "B404"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-from.py" ,
"line" : 6 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with Popen module." ,
"cve" : "python/imports/imports-from.py:0a48de4a3d5348853a03666cb574697e3982998355e7a095a798bd02a5947276:B404" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-from.py" ,
"start_line" : 1 ,
"end_line" : 2
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B404" ,
"value" : "B404"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-from.py" ,
"line" : 1 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with pickle module." ,
"cve" : "python/imports/imports-aliases.py:51b71661dff994bde3529639a727a678c8f5c4c96f00d300913f6d5be1bbdf26:B403" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 7 ,
"end_line" : 8
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B403" ,
"value" : "B403"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 7 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Consider possible security implications associated with loads module." ,
"cve" : "python/imports/imports-aliases.py:6ff02aeb3149c01ab68484d794a94f58d5d3e3bb0d58557ef4153644ea68ea54:B403" ,
"severity" : "Low" ,
"confidence" : "High" ,
"scanner" : {
"id" : "bandit" ,
"name" : "Bandit"
} ,
"location" : {
"file" : "python/imports/imports-aliases.py" ,
"start_line" : 6 ,
"end_line" : 6
} ,
"identifiers" : [
{
"type" : "bandit_test_id" ,
"name" : "Bandit Test ID B403" ,
"value" : "B403"
}
] ,
"priority" : "Low" ,
"file" : "python/imports/imports-aliases.py" ,
"line" : 6 ,
"tool" : "bandit"
} ,
{
"category" : "sast" ,
"message" : "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)" ,
"cve" : "c/subdir/utils.c:b466873101951fe96e1332f6728eb7010acbbd5dfc3b65d7d53571d091a06d9e:CWE-119!/CWE-120" ,
"confidence" : "Low" ,
"solution" : "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length" ,
"scanner" : {
"id" : "flawfinder" ,
"name" : "Flawfinder"
} ,
"location" : {
"file" : "c/subdir/utils.c" ,
"start_line" : 4
} ,
"identifiers" : [
{
"type" : "flawfinder_func_name" ,
"name" : "Flawfinder - char" ,
"value" : "char"
} ,
{
"type" : "cwe" ,
"name" : "CWE-119" ,
"value" : "119" ,
"url" : "https://cwe.mitre.org/data/definitions/119.html"
} ,
{
"type" : "cwe" ,
"name" : "CWE-120" ,
"value" : "120" ,
"url" : "https://cwe.mitre.org/data/definitions/120.html"
}
] ,
"file" : "c/subdir/utils.c" ,
"line" : 4 ,
"url" : "https://cwe.mitre.org/data/definitions/119.html" ,
"tool" : "flawfinder"
} ,
{
"category" : "sast" ,
"message" : "Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)" ,
"cve" : "c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362" ,
"confidence" : "Low" ,
"scanner" : {
"id" : "flawfinder" ,
"name" : "Flawfinder"
} ,
"location" : {
"file" : "c/subdir/utils.c" ,
"start_line" : 8
} ,
"identifiers" : [
{
"type" : "flawfinder_func_name" ,
"name" : "Flawfinder - fopen" ,
"value" : "fopen"
} ,
{
"type" : "cwe" ,
"name" : "CWE-362" ,
"value" : "362" ,
"url" : "https://cwe.mitre.org/data/definitions/362.html"
}
] ,
"file" : "c/subdir/utils.c" ,
"line" : 8 ,
"url" : "https://cwe.mitre.org/data/definitions/362.html" ,
"tool" : "flawfinder"
} ,
{
"category" : "sast" ,
"message" : "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)" ,
"cve" : "cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120" ,
"confidence" : "Low" ,
"solution" : "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length" ,
"scanner" : {
"id" : "flawfinder" ,
"name" : "Flawfinder"
} ,
"location" : {
"file" : "cplusplus/src/hello.cpp" ,
"start_line" : 6
} ,
"identifiers" : [
{
"type" : "flawfinder_func_name" ,
"name" : "Flawfinder - char" ,
"value" : "char"
} ,
{
"type" : "cwe" ,
"name" : "CWE-119" ,
"value" : "119" ,
"url" : "https://cwe.mitre.org/data/definitions/119.html"
} ,
{
"type" : "cwe" ,
"name" : "CWE-120" ,
"value" : "120" ,
"url" : "https://cwe.mitre.org/data/definitions/120.html"
}
] ,
"file" : "cplusplus/src/hello.cpp" ,
"line" : 6 ,
"url" : "https://cwe.mitre.org/data/definitions/119.html" ,
"tool" : "flawfinder"
} ,
{
"category" : "sast" ,
"message" : "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)" ,
"cve" : "cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120" ,
"confidence" : "Low" ,
"solution" : "Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)" ,
"scanner" : {
"id" : "flawfinder" ,
"name" : "Flawfinder"
} ,
"location" : {
"file" : "cplusplus/src/hello.cpp" ,
"start_line" : 7
} ,
"identifiers" : [
{
"type" : "flawfinder_func_name" ,
"name" : "Flawfinder - strcpy" ,
"value" : "strcpy"
} ,
{
"type" : "cwe" ,
"name" : "CWE-120" ,
"value" : "120" ,
"url" : "https://cwe.mitre.org/data/definitions/120.html"
}
] ,
"file" : "cplusplus/src/hello.cpp" ,
"line" : 7 ,
"url" : "https://cwe.mitre.org/data/definitions/120.html" ,
"tool" : "flawfinder"
}
] ,
"remediations" : [ ] ,
"scan" : {
"scanner" : {
"id" : "gosec" ,
"name" : "Gosec" ,
"url" : "https://github.com/securego/gosec" ,
"vendor" : {
"name" : "GitLab"
} ,
"version" : "2.3.0"
} ,
"type" : "sast" ,
"status" : "success" ,
"start_time" : "placeholder-value" ,
"end_time" : "placeholder-value"
}
}