oidc-auth-armada-app repo: Bandit code scan report of high severity security vulnerability

Bug #1875559 reported by sharath kumar
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Triaged
Low
Unassigned

Bug Description

Issue: [B605:start_process_with_a_shell] Starting a process with a shell, possible injection detected, security issue.
   Severity: High Confidence: High
   Location: ./oidc-auth-armada-app/oidc-auth-tools/oidcauthtools/oidcauthtools/oidc_auth.py:113
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b605_start_process_with_a_shell.html
     import os
     result = os.system(updateCredsCmd)

Revision history for this message
Ghada Khalil (gkhalil) wrote :

The priority of addressing bandit findings need to be discussed with the TSC. At this time, this work is unplanned.

tags: added: stx.tools
Changed in starlingx:
status: New → Triaged
importance: Undecided → Low
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.