Bandit output: Issue: [B411:blacklist] Using Fault to parse untrusted XML data is known to be vulnerable to XML attacks. Use defused.xmlrpc.monkey_patch() function to monkey-patch xmlrpclib and mitigate XML vulnerabilities. Severity: High Confidence: High Location: glances/compat.py:91 90 from SimpleXMLRPCServer import SimpleXMLRPCRequestHandler, SimpleXMLRPCServer 91 from xmlrpclib import Fault, ProtocolError, ServerProxy, Transport 92 from urllib2 import urlopen, URLError References: https://github.com/nicolargo/glances/issues/1025
Created glances tracking bugs for this issue: Affects: epel-all [bug 1963987] Affects: fedora-all [bug 1963986]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.