gitlab.bandit.B316

unknown

Download Count*

MIT

License

Insecure XML parsing functionality, prefer defusedxml

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: bandit.B316
    pattern-either:
      - patterns:
          - pattern: xml.dom.expatbuilder.parse(...)
          - pattern-not: xml.dom.expatbuilder.parse("...")
      - pattern: xml.dom.expatbuilder.parseString(...)
    message: |
      Insecure XML parsing functionality, prefer `defusedxml`
    metadata:
      cwe: "CWE-611: Improper Restriction of XML External Entity Reference"
      owasp: "A4: XML External Entities (XXE)"
      primary_identifier: bandit.B316
      secondary_identifiers:
        - name: Bandit Test ID B316
          type: bandit_test_id
          value: B316
      license: MIT
    severity: WARNING
    languages:
      - python

Short Link: https://sg.run/Jp8w