(BAN-B314) Use of an insecure method from `xml.etree.ElementTree` detected

Question

(BAN-B314) Use of an insecure method from `xml.etree.ElementTree` detected

Closed this issue 4 years ago · 0 comments

Description

Using various XML methods to parse untrusted XML data is known to be vulnerable to XML attacks. Using the defusedxml module is recommended. Methods should be replaced with their defusedxml equivalents.

Occurrences

There is 1 occurrence of this issue in the repository.

See all occurrences on DeepSource → deepsource.io/gh/ZigRazor/PyStateMachine/issue/BAN-B314/occurrences/