search

blro-ep / ITCNE23-SEM-III

0 stars 0 forks source link

Security Issue in Deployment Script - CWE-78 #30

Open blro-ep opened 5 months ago

blro-ep commented 5 months ago

Der Check von Bandit hat ein Security Issue bei den Deployment Scripts gefunden. Dieser soll korrigiert werden.

DoR

DoD

Skip to content Navigation Menu

blro-ep
/
ITCNE23-SEM-III

Code Issues 29 Pull requests Discussions Actions Projects 1 Wiki Security Insights

Settings

Bandit Code Analysis Update Security for deployment #36

Jobs

Run details

Run Bandit failed Jun 24, 2024 in 20s 2s 3s 0s 14s 1s Run bandit -r . [main] INFO profile include tests: None [main] INFO profile exclude tests: None [main] INFO cli include tests: None [main] INFO cli exclude tests: None [main] INFO running on Python 3.12.4 Run started:2024-06-24 06:12:25.390947

Test results:

Issue: [B404:blacklist] Consider possible security implications associated with the subprocess module. Severity: Low Confidence: High CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html) More Info: https://bandit.readthedocs.io/en/1.7.9/blacklists/blacklist_imports.html#b404-import-subprocess Location: ./python/deployment_prometheus.py:4:0 3 import time 4 import subprocess 5

Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input. Severity: Low Confidence: High CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html) More Info: https://bandit.readthedocs.io/en/1.7.9/plugins/b603_subprocess_without_shell_equals_true.html Location: ./python/deployment_prometheus.py:34:12 33 # Skript ausführen 34 subprocess.run(command, check=True) 35

Issue: [B404:blacklist] Consider possible security implications associated with the subprocess module. Severity: Low Confidence: High CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html) More Info: https://bandit.readthedocs.io/en/1.7.9/blacklists/blacklist_imports.html#b404-import-subprocess Location: ./python/deployment_prometheus_destroy.py:4:0 3 import time 4 import subprocess 5

Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input. Severity: Low Confidence: High CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html) More Info: https://bandit.readthedocs.io/en/1.7.9/plugins/b603_subprocess_without_shell_equals_true.html Location: ./python/deployment_prometheus_destroy.py:28:12 27 # Skript ausführen 28 subprocess.run(command, check=True) 29 time.sleep(2)

Code scanned: Total lines of code: 756 Total lines skipped (#nosec): 0 Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics: Total issues (by severity): Undefined: 0 Low: 4 Medium: 0 High: 0 Total issues (by confidence): Undefined: 0 Low: 0 Medium: 0 High: 4 Files skipped (0): Error: Process completed with exit code 1. 0s 0s 0s