[tests-stage_2-merge_v15.0] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Checking syntax of Robot tests
Checking tabs in robot files. No tabs should be present
No tabs are present in robot files. Correct!
Checking param separation in robot files. Three spaces is the recommendation, instead of two
No presence of two spaces to separate params in robot files. Correct!
Checking param separation in robot files. Three spaces is the recommendation, instead of four or more
Only three spaces must be used between params in robot files. Correct!
Checking CRLF terminators in robot files. No CRLF should be found
No presence of CRLF terminators in robot files. Correct!
Checking spaces at the end of lines in robot files. No spaces at EOL should be found
No presence of spaces at EOL in robot files. Correct!
Launching tox
✔ OK black in 6.519 seconds
black create: /tmp/.tox/black
black installdeps: black
black installed: black==24.4.2,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.2,tomli==2.0.1,typing_extensions==4.11.0
black run-test-pre: PYTHONHASHSEED='422588794'
black run-test: commands[0] | black --check --diff robot-systest --fast
All done! ✨ 🍰 ✨
7 files would be left unchanged.
✔ OK flake8 in 8.787 seconds
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8
flake8 develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v15.0
flake8 installed: flake8==7.0.0,mccabe==0.7.0,pycodestyle==2.11.1,pyflakes==3.2.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@b9ea77a47f7a746b4320534f5029d4622c35a72e#egg=tests
flake8 run-test-pre: PYTHONHASHSEED='3200713904'
flake8 run-test: commands[0] | flake8 robot-systest
✔ OK cover in 51.564 seconds
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_v15.0/requirements.txt
cover develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v15.0
cover installed: appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pbr==5.11.1,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@b9ea77a47f7a746b4320534f5029d4622c35a72e#egg=tests,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
cover run-test-pre: PYTHONHASHSEED='604493165'
cover run-test: commands[0] | sh -c 'echo No unit tests'
No unit tests
✔ OK pylint in 59.783 seconds
pylint create: /tmp/.tox/pylint
pylint installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_v15.0/requirements.txt, -r/home/jenkins/workspace/tests-stage_2-merge_v15.0/requirements-dev.txt, pylint
pylint develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v15.0
pylint installed: appdirs==1.4.4,argcomplete==3.1.2,astroid==3.2.2,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dill==0.3.8,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,isort==5.13.2,Jinja2==3.1.2,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,MarkupSafe==2.1.3,mccabe==0.7.0,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,osmclient @ git+https://osm.etsi.org/gerrit/osm/osmclient.git@c9c8f15561064379419abd92e42017d2011dba26,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pbr==5.11.1,platformdirs==4.2.2,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,pylint==3.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-magic==0.4.27,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@b9ea77a47f7a746b4320534f5029d4622c35a72e#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
pylint run-test-pre: PYTHONHASHSEED='1506760997'
pylint run-test: commands[0] | pylint -E robot-systest
✔ OK rflint in 60.089 seconds
rflint create: /tmp/.tox/rflint
rflint installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_v15.0/requirements.txt, -r/home/jenkins/workspace/tests-stage_2-merge_v15.0/requirements-dev.txt, robotframework-lint, robotframework-robocop==4.2.2
rflint develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v15.0
rflint installed: appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,Jinja2==3.1.2,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,MarkupSafe==2.1.3,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,osmclient @ git+https://osm.etsi.org/gerrit/osm/osmclient.git@c9c8f15561064379419abd92e42017d2011dba26,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pathspec==0.11.2,pbr==5.11.1,platformdirs==4.1.0,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-dateutil==2.9.0.post0,python-keystoneclient==5.2.0,python-magic==0.4.27,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-lint==1.1,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-robocop==4.2.2,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@b9ea77a47f7a746b4320534f5029d4622c35a72e#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
rflint run-test-pre: PYTHONHASHSEED='3221509393'
rflint run-test: commands[0] | rflint --ignore LineTooLong --ignore TooFewTestSteps --ignore TooManyTestCases --ignore TooManyTestSteps --ignore TooFewKeywordSteps testsuite lib resources
rflint run-test: commands[1] | robocop --configure return_status:quality_gate:E=0:W=0:I=0 --exclude '050*,0701,0923' .
✔ OK safety in 1 minute, 2.638 seconds
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_v15.0/requirements.txt, safety
safety develop-inst: /home/jenkins/workspace/tests-stage_2-merge_v15.0
safety installed: annotated-types==0.7.0,appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,Authlib==1.3.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,dparse==0.6.4b0,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,Jinja2==3.1.4,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,markdown-it-py==3.0.0,MarkupSafe==2.1.5,marshmallow==3.21.2,mdurl==0.1.2,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pbr==5.11.1,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pydantic==2.7.1,pydantic_core==2.18.2,Pygments==2.18.0,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,rich==13.7.1,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.2.0,safety-schemas==0.0.2,scp==0.14.5,selenium==4.13.0,shellingham==1.5.4,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@b9ea77a47f7a746b4320534f5029d4622c35a72e#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typer==0.12.3,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
safety run-test-pre: PYTHONHASHSEED='1335359162'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+
/$$$$$$ /$$
/$$__ $$ | $$
/$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$
/$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$
| $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$
\____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$
/$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$
|_______/ \_______/|__/ \_______/ \___/ \____ $$
/$$ | $$
| $$$$$$/
by safetycli.com \______/
+==============================================================================+
[1mREPORT[0m
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
Safety [1mv3.2.0[0m is scanning for [1mVulnerabilities[0m[1m...[0m
[1m Scanning dependencies[0m in your [1menvironment:[0m
-> /usr/lib/python3.10/lib-dynload
-> /usr/lib/python3.10
-> /usr/lib/python310.zip
-> /home/jenkins/workspace/tests-stage_2-merge_v15.0
-> /tmp/.tox/safety/lib/python3.10/site-packages
-> /tmp/.tox/safety/bin
Using [1mopen-source vulnerability database[0m
[1m Found and scanned 121 packages[0m
Timestamp [1m2024-05-23 10:12:37[0m
[1m 13[0m[1m vulnerabilities reported[0m
[1m 0[0m[1m vulnerabilities ignored[0m
+==============================================================================+
[1mVULNERABILITIES REPORTED[0m
+==============================================================================+
[31m-> Vulnerability found in wheel version 0.37.1[0m
[1m Vulnerability ID: [0m51499
[1m Affected spec: [0m<0.38.1
[1m ADVISORY: [0mWheel 0.38.1 includes a fix for CVE-2022-40898: An issue
discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier
allows remote attackers to cause a denial of service via attacker
controlled input to wheel cli.https://pyup.io/posts/pyup-discovers-redos-
vulnerabilities-in-top-python-packages
[1m CVE-2022-40898[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/51499/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 51499 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in urllib3 version 2.0.5[0m
[1m Vulnerability ID: [0m61893
[1m Affected spec: [0m>=2.0.0a1,<2.0.7
[1m ADVISORY: [0mUrllib3 1.26.18 and 2.0.7 include a fix for
CVE-2023-45803: Request body not stripped after redirect from 303 status
changes request method to GET.https://github.com/urllib3/urllib3/security/
advisories/GHSA-g4mx-q9vg-27p4
[1m CVE-2023-45803[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/61893/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 61893 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pip version 22.0.2[0m
[1m Vulnerability ID: [0m62044
[1m Affected spec: [0m<23.3
[1m ADVISORY: [0mAffected versions of Pip are vulnerable to Command
Injection. When installing a package from a Mercurial VCS URL (ie "pip
install hg+...") with pip prior to v23.3, the specified Mercurial revision
could be used to inject arbitrary configuration options to the "hg clone"
call (ie "--config"). Controlling the Mercurial configuration can modify
how and which repository is installed. This vulnerability does not affect
users who aren't installing from Mercurial.
[1m CVE-2023-5752[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/62044/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 62044 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pip version 22.0.2[0m
[1m Vulnerability ID: [0m67599
[1m Affected spec: [0m>=0
[1m ADVISORY: [0m** DISPUTED ** An issue was discovered in pip (all
versions) because it installs the version with the highest version number,
even if the user had intended to obtain a private package from a private
index. This only affects use of the --extra-index-url option, and
exploitation requires that the package does not already exist in the
public index (and thus the attacker can put the package there with an
arbitrary version number). NOTE: it has been reported that this is
intended functionality and the user is responsible for using --extra-
index-url securely.
[1m CVE-2018-20225[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/67599/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 67599 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in paramiko version 3.3.1[0m
[1m Vulnerability ID: [0m65193
[1m Affected spec: [0m<3.4.0
[1m ADVISORY: [0mParamiko's core implementation of the SSH transport
protocol, including certain OpenSSH extensions used before OpenSSH 9.6, is
vulnerable to a "Terrapin attack." This vulnerability allows remote
attackers to manipulate packet integrity during the handshake phase,
potentially leading to security downgrades or disabled features in SSH
connections. Specific attacks target the use of ChaCha20-Poly1305 and CBC
with Encrypt-then-MAC, where sequence numbers and integrity checks are
improperly managed. This issue particularly affects the
chacha20-poly1305@openssh.com and -etm@openssh.com MAC algorithms.
[1m CVE-2023-48795[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65193/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65193 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in paramiko version 3.3.1[0m
[1m Vulnerability ID: [0m63227
[1m Affected spec: [0m<3.4.0
[1m ADVISORY: [0mParamiko 3.4.0 has been released to fix vulnerabilities
affecting encrypt-then-MAC digest algorithms in tandem with CBC ciphers,
and ChaCha20-poly1305. The fix requires cooperation from both ends of the
connection, making it effective when the remote end is OpenSSH >= 9.6 and
configured to use the new “strict kex” mode. For further details, refer to
the official Paramiko documentation or GitHub
repository.https://github.com/advisories/GHSA-45x7-px36-x8w8
[1m CVE-2023-48795[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/63227/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 63227 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in idna version 3.4[0m
[1m Vulnerability ID: [0m67895
[1m Affected spec: [0m<3.7
[1m ADVISORY: [0mCVE-2024-3651 impacts the idna.encode() function, where
a specially crafted argument could lead to significant resource
consumption, causing a denial-of-service. In version 3.7, this function
has been updated to reject such inputs efficiently, minimizing resource
use. A practical workaround involves enforcing a maximum domain name
length of 253 characters before encoding, as the vulnerability is
triggered by unusually large inputs that normal operations wouldn't
encounter.
[1m CVE-2024-3651[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/67895/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 67895 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m65278
[1m Affected spec: [0m<42.0.0
[1m ADVISORY: [0mA flaw was found in the python-cryptography package.
This issue may allow a remote attacker to decrypt captured messages in TLS
servers that use RSA key exchanges, which may lead to exposure of
confidential or sensitive data. See CVE-2023-50782.
[1m CVE-2023-50782[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65278/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65278 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m62556
[1m Affected spec: [0m>=3.1,<41.0.6
[1m ADVISORY: [0mCryptography 41.0.6 includes a fix for CVE-2023-49083:
NULL-dereference when loading PKCS7
certificates.https://github.com/advisories/GHSA-jfhm-5ghh-2f97
[1m CVE-2023-49083[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/62556/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 62556 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m65647
[1m Affected spec: [0m<42.0.5
[1m ADVISORY: [0mCryptography version 42.0.5 introduces a limit on the
number of name constraint checks during X.509 path validation to prevent
denial of service attacks.https://github.com/pyca/cryptography/commit/4be5
3bf20cc90cbac01f5f94c5d1aecc5289ba1f
[1m PVE-2024-65647[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65647/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65647 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m66704
[1m Affected spec: [0m>=38.0.0,<42.0.4
[1m ADVISORY: [0mcryptography is a package designed to expose
cryptographic primitives and recipes to Python developers. Starting in
version 38.0.0 and before version 42.0.4, if
`pkcs12.serialize_key_and_certificates` is called with both a certificate
whose public key did not match the provided private key and an
`encryption_algorithm` with `hmac_hash` set (via
`PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL
pointer dereference would occur, crashing the Python process. This has
been resolved in version 42.0.4, the first version in which a `ValueError`
is properly raised.
[1m CVE-2024-26130[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/66704/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 66704 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m65212
[1m Affected spec: [0m>=35.0.0,<42.0.2
[1m ADVISORY: [0mVersions of Cryptograph starting from 35.0.0 are
susceptible to a security flaw in the POLY1305 MAC algorithm on PowerPC
CPUs, which allows an attacker to disrupt the application's state. This
disruption might result in false calculations or cause a denial of
service. The vulnerability's exploitation hinges on the attacker's ability
to alter the algorithm's application and the dependency of the software on
non-volatile XMM registers.https://github.com/pyca/cryptography/commit/89d
0d56fb104ac4e0e6db63d78fc22b8c53d27e9
[1m CVE-2023-6129[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65212/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65212 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m66777
[1m Affected spec: [0m>=35.0.0,<42.0.2
[1m ADVISORY: [0mCVE-2023-6237 addresses a vulnerability in RSA public
key verification where checking a large, incorrect RSA key with
EVP_PKEY_public_check() could take an excessive amount of time. This is
due to no size limit on the RSA public key and an unnecessarily high
number of Miller-Rabin rounds for modulus non-primality checks. The fix
sets a maximum key size of 16384 bits and reduces Miller-Rabin rounds to
5, enhancing security and performance by preventing the
RSA_R_MODULUS_TOO_LARGE error.
[1m CVE-2023-6237[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/66777/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 66777 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
+==============================================================================+
[32m[1mREMEDIATIONS[0m
13 vulnerabilities were reported in 6 packages. For detailed remediation &
fix recommendations, upgrade to a commercial license.
+==============================================================================+
Scan was completed. 13 vulnerabilities were reported.
+==============================================================================+
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
+==============================================================================+[0m
___________________________________ summary ____________________________________
black: commands succeeded
cover: commands succeeded
flake8: commands succeeded
pylint: commands succeeded
rflint: commands succeeded
safety: commands succeeded
congratulations :)