[tests-stage_2-merge_master] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Checking syntax of Robot tests
Checking tabs in robot files. No tabs should be present
No tabs are present in robot files. Correct!
Checking param separation in robot files. Three spaces is the recommendation, instead of two
No presence of two spaces to separate params in robot files. Correct!
Checking param separation in robot files. Three spaces is the recommendation, instead of four or more
Only three spaces must be used between params in robot files. Correct!
Checking CRLF terminators in robot files. No CRLF should be found
No presence of CRLF terminators in robot files. Correct!
Checking spaces at the end of lines in robot files. No spaces at EOL should be found
No presence of spaces at EOL in robot files. Correct!
Launching tox
✔ OK black in 7.65 seconds
black create: /tmp/.tox/black
black installdeps: black
black installed: black==24.4.2,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.1,tomli==2.0.1,typing_extensions==4.11.0
black run-test-pre: PYTHONHASHSEED='3140930281'
black run-test: commands[0] | black --check --diff robot-systest --fast
All done! ✨ 🍰 ✨
6 files would be left unchanged.
✔ OK flake8 in 11.364 seconds
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8
flake8 develop-inst: /home/jenkins/workspace/tests-stage_2-merge_master
flake8 installed: flake8==7.0.0,mccabe==0.7.0,pycodestyle==2.11.1,pyflakes==3.2.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@9e5450fcb5eda9f9792eb502a2efd741d5f7a1aa#egg=tests
flake8 run-test-pre: PYTHONHASHSEED='4211810473'
flake8 run-test: commands[0] | flake8 robot-systest
✔ OK cover in 1 minute, 22.39 seconds
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_master/requirements.txt
cover develop-inst: /home/jenkins/workspace/tests-stage_2-merge_master
cover installed: appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pbr==5.11.1,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@9e5450fcb5eda9f9792eb502a2efd741d5f7a1aa#egg=tests,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
cover run-test-pre: PYTHONHASHSEED='4086827929'
cover run-test: commands[0] | sh -c 'echo No unit tests'
No unit tests
✔ OK rflint in 1 minute, 39.175 seconds
rflint create: /tmp/.tox/rflint
rflint installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/tests-stage_2-merge_master/requirements-dev.txt, robotframework-lint, robotframework-robocop==4.2.2
rflint develop-inst: /home/jenkins/workspace/tests-stage_2-merge_master
rflint installed: appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,Jinja2==3.1.2,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,MarkupSafe==2.1.3,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,osmclient @ git+https://osm.etsi.org/gerrit/osm/osmclient.git@b9317cf8db6ede10ee63a1e648a2ed066ee05892,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pathspec==0.11.2,pbr==5.11.1,platformdirs==4.1.0,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-dateutil==2.9.0.post0,python-keystoneclient==5.2.0,python-magic==0.4.27,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-lint==1.1,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-robocop==4.2.2,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@9e5450fcb5eda9f9792eb502a2efd741d5f7a1aa#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
rflint run-test-pre: PYTHONHASHSEED='1643567979'
rflint run-test: commands[0] | rflint --ignore LineTooLong --ignore TooFewTestSteps --ignore TooManyTestCases --ignore TooManyTestSteps --ignore TooFewKeywordSteps testsuite lib resources
rflint run-test: commands[1] | robocop --configure return_status:quality_gate:E=0:W=0:I=0 --exclude '050*,0701,0923' .
✔ OK pylint in 1 minute, 40.321 seconds
pylint create: /tmp/.tox/pylint
pylint installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/tests-stage_2-merge_master/requirements-dev.txt, pylint
pylint develop-inst: /home/jenkins/workspace/tests-stage_2-merge_master
pylint installed: appdirs==1.4.4,argcomplete==3.1.2,astroid==3.1.0,attrs==23.1.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dill==0.3.8,dogpile.cache==1.2.2,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,isort==5.13.2,Jinja2==3.1.2,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,MarkupSafe==2.1.3,mccabe==0.7.0,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,osmclient @ git+https://osm.etsi.org/gerrit/osm/osmclient.git@b9317cf8db6ede10ee63a1e648a2ed066ee05892,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pbr==5.11.1,platformdirs==4.2.1,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pyjsonselect==0.2.2,pylint==3.1.0,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-magic==0.4.27,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,scp==0.14.5,selenium==4.13.0,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@9e5450fcb5eda9f9792eb502a2efd741d5f7a1aa#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
pylint run-test-pre: PYTHONHASHSEED='1169204839'
pylint run-test: commands[0] | pylint -E robot-systest
✔ OK safety in 1 minute, 46.422 seconds
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/tests-stage_2-merge_master/requirements.txt, safety
safety develop-inst: /home/jenkins/workspace/tests-stage_2-merge_master
safety installed: annotated-types==0.6.0,appdirs==1.4.4,argcomplete==3.1.2,attrs==23.1.0,Authlib==1.3.0,autopage==0.5.1,bcrypt==4.0.1,bitarray==2.8.1,certifi==2023.7.22,cffi==1.15.1,charset-normalizer==3.2.0,click==8.1.7,cliff==4.3.0,cmd2==2.4.3,cryptography==41.0.4,debtcollector==2.5.0,decorator==5.1.1,dogpile.cache==1.2.2,dparse==0.6.4b0,enum34==1.1.10,exceptiongroup==1.1.3,h11==0.14.0,haikunator==2.1.0,idna==3.4,importlib-metadata==6.8.0,iso8601==2.0.0,Jinja2==3.1.3,jmespath==1.0.1,jsonpatch==1.33,jsonpath-ng==1.6.0,jsonpath-rw==1.4.0,jsonpath-rw-ext==1.2.2,jsonpointer==2.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,keystoneauth1==5.3.0,lxml==4.9.3,markdown-it-py==3.0.0,MarkupSafe==2.1.5,marshmallow==3.21.2,mdurl==0.1.2,msgpack==1.0.7,netaddr==0.9.0,netifaces==0.11.0,objectpath==0.6.1,openstacksdk==1.5.0,os-service-types==1.7.0,osc-lib==2.8.1,oslo.config==9.2.0,oslo.i18n==6.1.0,oslo.serialization==5.2.0,oslo.utils==6.2.1,outcome==1.2.0,packaging==23.1,paramiko==3.3.1,pbr==5.11.1,ply==3.11,prettytable==3.9.0,pyang==2.5.3,pyangbind==0.8.3.post1,pycparser==2.21,pydantic==2.7.1,pydantic_core==2.18.2,Pygments==2.17.2,pyjsonselect==0.2.2,PyNaCl==1.5.0,pyparsing==3.1.1,pyperclip==1.8.2,PySocks==1.7.1,python-cinderclient==9.4.0,python-keystoneclient==5.2.0,python-novaclient==18.4.0,python-openstackclient==6.3.0,pytz==2023.3.post1,PyYAML==6.0.1,referencing==0.30.2,regex==2023.8.8,requests==2.31.0,requestsexceptions==1.4.0,rfc3986==2.0.0,rich==13.7.1,robotframework==6.1.1,robotframework-jsonlibrary==0.5,robotframework-jsonvalidator==2.0.0,robotframework-pythonlibcore==4.2.0,robotframework-requests==0.9.5,robotframework-seleniumlibrary==6.1.2,robotframework-sshlibrary==3.8.0,robotframework-yamllibrary==0.2.8,rpds-py==0.10.3,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.2.0,safety-schemas==0.0.2,scp==0.14.5,selenium==4.13.0,shellingham==1.5.4,simplejson==3.19.1,six==1.16.0,sniffio==1.3.0,sortedcontainers==2.4.0,stevedore==5.1.0,-e git+https://osm.etsi.org/gerrit/osm/tests.git@9e5450fcb5eda9f9792eb502a2efd741d5f7a1aa#egg=tests,tomli==2.0.1,tomlkit==0.12.1,trio==0.22.2,trio-websocket==0.11.1,typer==0.12.3,typing_extensions==4.8.0,tzdata==2023.3,urllib3==2.0.5,verboselogs==1.7,wcwidth==0.2.6,wrapt==1.15.0,wsproto==1.2.0,xmltodict==0.13.0,yq==3.2.3,zipp==3.17.0
safety run-test-pre: PYTHONHASHSEED='747257140'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+
/$$$$$$ /$$
/$$__ $$ | $$
/$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$
/$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$
| $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$
\____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$
/$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$
|_______/ \_______/|__/ \_______/ \___/ \____ $$
/$$ | $$
| $$$$$$/
by safetycli.com \______/
+==============================================================================+
[1mREPORT[0m
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
Safety [1mv3.2.0[0m is scanning for [1mVulnerabilities[0m[1m...[0m
[1m Scanning dependencies[0m in your [1menvironment:[0m
-> /tmp/.tox/safety/lib/python3.10/site-packages
-> /usr/lib/python3.10
-> /home/jenkins/workspace/tests-stage_2-merge_master
-> /usr/lib/python310.zip
-> /usr/lib/python3.10/lib-dynload
-> /tmp/.tox/safety/bin
Using [1mopen-source vulnerability database[0m
[1m Found and scanned 121 packages[0m
Timestamp [1m2024-05-02 09:05:34[0m
[1m 10[0m[1m vulnerabilities reported[0m
[1m 0[0m[1m vulnerabilities ignored[0m
+==============================================================================+
[1mVULNERABILITIES REPORTED[0m
+==============================================================================+
[31m-> Vulnerability found in wheel version 0.37.1[0m
[1m Vulnerability ID: [0m51499
[1m Affected spec: [0m<0.38.1
[1m ADVISORY: [0mWheel 0.38.1 includes a fix for CVE-2022-40898: An issue
discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier
allows remote attackers to cause a denial of service via attacker
controlled input to wheel cli.https://pyup.io/posts/pyup-discovers-redos-
vulnerabilities-in-top-python-packages
[1m CVE-2022-40898[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/51499/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 51499 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in urllib3 version 2.0.5[0m
[1m Vulnerability ID: [0m61893
[1m Affected spec: [0m>=2.0.0a1,<2.0.7
[1m ADVISORY: [0mUrllib3 1.26.18 and 2.0.7 include a fix for
CVE-2023-45803: Request body not stripped after redirect from 303 status
changes request method to GET.https://github.com/urllib3/urllib3/security/
advisories/GHSA-g4mx-q9vg-27p4
[1m CVE-2023-45803[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/61893/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 61893 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pip version 22.0.2[0m
[1m Vulnerability ID: [0m62044
[1m Affected spec: [0m<23.3
[1m ADVISORY: [0mAffected versions of Pip are vulnerable to Command
Injection. When installing a package from a Mercurial VCS URL (ie "pip
install hg+...") with pip prior to v23.3, the specified Mercurial revision
could be used to inject arbitrary configuration options to the "hg clone"
call (ie "--config"). Controlling the Mercurial configuration can modify
how and which repository is installed. This vulnerability does not affect
users who aren't installing from Mercurial.
[1m CVE-2023-5752[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/62044/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 62044 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in paramiko version 3.3.1[0m
[1m Vulnerability ID: [0m65193
[1m Affected spec: [0m<3.4.0
[1m ADVISORY: [0mThe SSH transport protocol with certain OpenSSH
extensions, found in OpenSSH before 9.6 and other products, allows remote
attackers to bypass integrity checks such that some packets are omitted
(from the extension negotiation message), and a client and server may
consequently end up with a connection for which some security features
have been downgraded or disabled, aka a Terrapin attack. This occurs
because the SSH Binary Packet Protocol (BPP), implemented by these
extensions, mishandles the handshake phase and mishandles use of sequence
numbers. For example, there is an effective attack against SSH's use of
ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in
chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com
MAC algorithms.
[1m CVE-2023-48795[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65193/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65193 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m66704
[1m Affected spec: [0m>=38.0.0,<42.0.4
[1m ADVISORY: [0mcryptography is a package designed to expose
cryptographic primitives and recipes to Python developers. Starting in
version 38.0.0 and before version 42.0.4, if
`pkcs12.serialize_key_and_certificates` is called with both a certificate
whose public key did not match the provided private key and an
`encryption_algorithm` with `hmac_hash` set (via
`PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL
pointer dereference would occur, crashing the Python process. This has
been resolved in version 42.0.4, the first version in which a `ValueError`
is properly raised.
[1m CVE-2024-26130[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/66704/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 66704 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m62556
[1m Affected spec: [0m>=3.1,<41.0.6
[1m ADVISORY: [0mCryptography 41.0.6 includes a fix for CVE-2023-49083:
NULL-dereference when loading PKCS7
certificates.https://github.com/advisories/GHSA-jfhm-5ghh-2f97
[1m CVE-2023-49083[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/62556/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 62556 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m66777
[1m Affected spec: [0m>=35.0.0,<42.0.2
[1m ADVISORY: [0mCVE-2023-6237 addresses a vulnerability in RSA public
key verification where checking a large, incorrect RSA key with
EVP_PKEY_public_check() could take an excessive amount of time. This is
due to no size limit on the RSA public key and an unnecessarily high
number of Miller-Rabin rounds for modulus non-primality checks. The fix
sets a maximum key size of 16384 bits and reduces Miller-Rabin rounds to
5, enhancing security and performance by preventing the
RSA_R_MODULUS_TOO_LARGE error.
[1m CVE-2023-6237[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/66777/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 66777 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m65212
[1m Affected spec: [0m>=35.0.0,<42.0.2
[1m ADVISORY: [0mVersions of Cryptograph starting from 35.0.0 are
susceptible to a security flaw in the POLY1305 MAC algorithm on PowerPC
CPUs, which allows an attacker to disrupt the application's state. This
disruption might result in false calculations or cause a denial of
service. The vulnerability's exploitation hinges on the attacker's ability
to alter the algorithm's application and the dependency of the software on
non-volatile XMM registers.https://github.com/pyca/cryptography/commit/89d
0d56fb104ac4e0e6db63d78fc22b8c53d27e9
[1m CVE-2023-6129[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65212/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65212 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m65278
[1m Affected spec: [0m<42.0.0
[1m ADVISORY: [0mA flaw was found in the python-cryptography package.
This issue may allow a remote attacker to decrypt captured messages in TLS
servers that use RSA key exchanges, which may lead to exposure of
confidential or sensitive data. See CVE-2023-50782.
[1m CVE-2023-50782[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65278/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65278 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in cryptography version 41.0.4[0m
[1m Vulnerability ID: [0m65647
[1m Affected spec: [0m<42.0.5
[1m ADVISORY: [0mCryptography version 42.0.5 introduces a limit on the
number of name constraint checks during X.509 path validation to prevent
denial of service attacks.https://github.com/pyca/cryptography/commit/4be5
3bf20cc90cbac01f5f94c5d1aecc5289ba1f
[1m PVE-2024-65647[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65647/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65647 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
+==============================================================================+
[32m[1mREMEDIATIONS[0m
10 vulnerabilities were reported in 5 packages. For detailed remediation &
fix recommendations, upgrade to a commercial license.
+==============================================================================+
Scan was completed. 10 vulnerabilities were reported.
+==============================================================================+
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
+==============================================================================+[0m
___________________________________ summary ____________________________________
black: commands succeeded
cover: commands succeeded
flake8: commands succeeded
pylint: commands succeeded
rflint: commands succeeded
safety: commands succeeded
congratulations :)