[23 Jul 2024 12:35:23,0314] PIPELINE-SCAN INFO: Pipeline Scan Tool Version 24.7.1-0. [23 Jul 2024 12:35:23,0324] PIPELINE-SCAN INFO: Getting resource policy Veracode Recommended Medium + SCA [23 Jul 2024 12:35:23,0367] PIPELINE-SCAN INFO: Successfully retrieved the policy [23 Jul 2024 12:35:23,0368] PIPELINE-SCAN INFO: Policy name: Veracode Recommended Medium + SCA [23 Jul 2024 12:35:23,0368] PIPELINE-SCAN INFO: CWE filter: [23 Jul 2024 12:35:23,0368] PIPELINE-SCAN INFO: Severity filter: 4, 5, [23 Jul 2024 12:35:23,0369] PIPELINE-SCAN INFO: Beginning scanning of './veracode_artifact_directory/BundletoolScriptSample.zip'. [23 Jul 2024 12:35:23,0369] PIPELINE-SCAN INFO: Sending 11032 bytes to the server for analysis. [23 Jul 2024 12:35:26,0932] PIPELINE-SCAN INFO: Upload complete. [23 Jul 2024 12:35:26,0933] PIPELINE-SCAN INFO: Scan ID: ce01af86-8808-4b20-a5f0-5e5207c51cae [23 Jul 2024 12:35:27,0193] PIPELINE-SCAN INFO: Analysis Started. =========================== Found 1 Scannable modules. =========================== Python files within BundletoolScriptSample.zip [23 Jul 2024 12:35:39,0688] PIPELINE-SCAN INFO: Analysis Complete. [23 Jul 2024 12:35:39,0698] PIPELINE-SCAN INFO: Analysis Results: Received 22055 bytes in 16329ms. [23 Jul 2024 12:35:39,0704] PIPELINE-SCAN INFO: Writing Raw JSON Results to file '/home/runner/work/veracode/veracode/results.json'. [23 Jul 2024 12:35:39,0708] PIPELINE-SCAN INFO: Writing Filtered JSON Results to file '/home/runner/work/veracode/veracode/filtered_results.json'. Scan Summary: PIPELINE_SCAN_VERSION: 24.7.1-0 DEV-STAGE: DEVELOPMENT SCAN_ID: ce01af86-8808-4b20-a5f0-5e5207c51cae SCAN_STATUS: SUCCESS SCAN_MESSAGE: Scan successful. Results size: 21533 bytes ==================== Analysis Successful. ==================== ========================== Found 1 Scannable modules. ========================== Python files within BundletoolScriptSample.zip =================== Analyzed 1 modules. =================== Python files within BundletoolScriptSample.zip =================== Analyzed 14 issues. =================== ------------------------------------- Found 3 issues of Very High severity. ------------------------------------- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): add_packs.py:247 CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): add_packs.py:365 CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): add_packs.py:446 -------------------------------------- Skipping 11 issues of Medium severity. -------------------------------------- ======================== FAILURE: Found 3 issues! ========================