Fix example vulnerable method for Python
These example steps provide a fix for a BERserk attack vulnerable method in rsa, which is included in the example-python repository.
To complete this task:
-
In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
-
Click the Agent-Based Scan tab.
-
Select your workspace.
-
Click Projects.
-
Click the srcclr/example-python project.
-
Click BERserk Attack Vulnerability in the rsa library in the Vulnerabilities table.
The Vulnerable Methods section shows that the
verify
method is the vulnerable part of the library. -
To address the identified vulnerable method, do one of these tasks:
- Change your code to perform in the same manner without relying on this particular method.
- Follow the provided instructions to update the library to a safe version.