Scan Requirement File by Severity
pyraider check -f /raidersource/Documents/application/requirements.txt -s mediumcommand will find the packages inside the file, then finds only specified known security vulnerabilities by severity.
Supported severities
- high
- medium
- low
Scan requirement file by severity
pyraider check -f /raidersource/Documents/application/requirements.txt -s medium
You should get a result like this.
_____ _____ _ _
| __ \ | __ \ (_) | |
| |__) | _| |__) |__ _ _ __| | ___ _ __
| ___/ | | | _ // _` | |/ _` |/ _ \ '__|
| | | |_| | | \ \ (_| | | (_| | __/ |
|_| \__, |_| \_\__,_|_|\__,_|\___|_|
__/ |
|___/
by RaiderSource version 1.0.19
Started Scanning .....
+-----------------+------------------------------------------------------------+
| Package | flask |
+-----------------+------------------------------------------------------------+
| Severity | MEDIUM |
+-----------------+------------------------------------------------------------+
| CWE | 399 |
+-----------------+------------------------------------------------------------+
| CVE | CVE-2019-1010083 |
+-----------------+------------------------------------------------------------+
| Current version | 1.0.19 |
+-----------------+------------------------------------------------------------+
| Update To | 1.1.2 |
+-----------------+------------------------------------------------------------+
| Description | The Pallets Project Flask before 1.0 is affected by: unexp |
| | ected memory usage. The impact is: denial of service. The |
| | attack vector is: crafted encoded JSON data. The fixed ver |
| | sion is: 1. NOTE: this may overlap CVE-2018-1000656. |
+-----------------+------------------------------------------------------------+
| Resolve | pip install flask==1.1.2 |
+-----------------+------------------------------------------------------------+
| More Info | https://nvd.nist.gov/vuln/detail/CVE-2019-1010083 |
+-----------------+------------------------------------------------------------+