Skip to content

Introducing Bento 0.9: Enhanced Security with High-Severity Python Vulnerability Checks and Jinja Template Support

Original Post: Bento 0.9: Checks for a high-severity Python vulnerability and Jinja templates

Bento version 0.9 introduces a critical check for a high-severity Python vulnerability (CVE-2020-8492) related to regex denial of service (ReDoS). This vulnerability had previously caused significant outages, such as Cloudflare’s in July 2019. Users can now run this ReDoS check using Bento. Additionally, new checks for Jinja, Flaskā€™s HTML template engine, have been added to address cross-site scripting (XSS) vulnerabilities, including checks for missing noreferrer and noopener attributes.

A new GitHub Action is also in development, and the team invites early users to try it out.

To update to the latest version of Bento, use:

$ pip3 install --upgrade bento-cli

To enable the new ReDoS check, run:

# Run Dlint tool and its ReDoS check once:
$ bento check --tool=dlint --all
# Enable Dlint and its ReDoS check to run on every commit:
$ bento enable tool dlint

For Jinja template checks, use:

# Run Jinja checks once:
$ bento check --tool=r2c.jinja --all
# Run Jinja checks on every commit:
$ bento enable tool r2c.jinja

For early access to the GitHub Action, contact the team via email.

For more details, read the blog post.

Go here to read the Original Post

Leave a Reply

Your email address will not be published. Required fields are marked *