Scan Requirement File by Severity


pyraider check -f /raidersource/Documents/application/requirements.txt -s medium command will find the packages inside the file, then finds only specified known security vulnerabilities by severity.

Supported severities

  1. high
  2. medium
  3. low

Scan requirement file by severity

pyraider check -f /raidersource/Documents/application/requirements.txt -s medium

You should get a result like this.

_____ _____ _ _
| __ \ | __ \ (_) | |
| |__) | _| |__) |__ _ _ __| | ___ _ __
| ___/ | | | _ // _` | |/ _` |/ _ \ '__|
| | | |_| | | \ \ (_| | | (_| | __/ |
|_| \__, |_| \_\__,_|_|\__,_|\___|_|
__/ |
|___/
by RaiderSource version 1.0.19
Started Scanning .....
+-----------------+------------------------------------------------------------+
| Package | flask |
+-----------------+------------------------------------------------------------+
| Severity | MEDIUM |
+-----------------+------------------------------------------------------------+
| CWE | 399 |
+-----------------+------------------------------------------------------------+
| CVE | CVE-2019-1010083 |
+-----------------+------------------------------------------------------------+
| Current version | 1.0.19 |
+-----------------+------------------------------------------------------------+
| Update To | 1.1.2 |
+-----------------+------------------------------------------------------------+
| Description | The Pallets Project Flask before 1.0 is affected by: unexp |
| | ected memory usage. The impact is: denial of service. The |
| | attack vector is: crafted encoded JSON data. The fixed ver |
| | sion is: 1. NOTE: this may overlap CVE-2018-1000656. |
+-----------------+------------------------------------------------------------+
| Resolve | pip install flask==1.1.2 |
+-----------------+------------------------------------------------------------+
| More Info | https://nvd.nist.gov/vuln/detail/CVE-2019-1010083 |
+-----------------+------------------------------------------------------------+