PyPI · pypi.org
girder-slicer-cli-web
Py Runtime Subprocess: subprocess call with shell=True — passes argv to /bin/sh.
Why PkgRadar flagged 5.0.9
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Runtime Subprocess | subprocess call with shell=True — passes argv to /bin/sh. · girder_slicer_cli_web-5.0.9/slicer_cli_web/worker_tools.py |
| medium | Py Runtime Subprocess | subprocess call — process spawning. · girder_slicer_cli_web-5.0.9/example-average-color/cli_list.py |
| medium | Py Runtime Subprocess | subprocess call — process spawning. · girder_slicer_cli_web-5.0.9/example-girder-requests/cli_list.py |
| medium | Py Runtime Subprocess | subprocess call — process spawning. · girder_slicer_cli_web-5.0.9/slicer_cli_web/cli_list_entrypoint.py |
| medium | Py Runtime Subprocess | subprocess call — process spawning. · girder_slicer_cli_web-5.0.9/slicer_cli_web/upload_slicer_cli_task.py |
| medium | Py Runtime Subprocess | subprocess call — process spawning. · girder_slicer_cli_web-5.0.9/small-docker/cli_list.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
5.0.11.dev11 | Low risk | 0 | 2026-06-10 |
5.0.11.dev9 | Low risk | 0 | 2026-06-09 |
5.0.11.dev7 | Low risk | 0 | 2026-06-09 |
5.0.11.dev4 | Low risk | 0 | 2026-06-02 |
5.0.11.dev2 | Low risk | 0 | 2026-06-02 |
5.0.10 | Low risk | 0 | 2026-06-02 |
5.0.10.dev8 | Low risk | 0 | 2026-06-01 |
5.0.10.dev6 | Low risk | 0 | 2026-06-01 |
5.0.10.dev4 | Low risk | 0 | 2026-06-01 |
5.0.10.dev2 | Low risk | 0 | 2026-06-01 |
5.0.9 | Review | 25 | 2026-05-26 |
5.0.9.dev4 | Review | 25 | 2026-05-26 |
Block this in CI
pkgradar gate --ecosystem pypi girder-slicer-cli-web==5.0.9