python
Use of software with known vulnerabilities in environments - Python
Need Regular software updates and patch management Context Usage of Python 3.7 for developing Python applications Usage of Django for building web applications Description Non compliant code # Django settings for mysite project. import os # Build ...
Insecure encryption algorithm - Insecure Elliptic Curve - Python
Need Secure encryption algorithm using strong elliptic curves Context Usage of Python 3 for general-purpose programming and scripting Usage of cryptography for secure data encryption and decryption Description Non compliant code from ...
Password reset poisoning - Python
Need Secure password reset functionality Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth.tokens import ...
Dependency Confusion - Python
Need Secure and accurate dependency management Context Usage of Python 3.0 for developing Python applications Usage of Django for building web applications in Python Usage of the app package for building and running a Node.js application Usage of ...
Insecure generation of random numbers - Static IV - Python
Need Secure generation of random numbers and dynamic initialization vectors Context Usage of Python 3 for scripting and application development Usage of Crypto for cryptographic operations Usage of base64 for encoding and decoding data in base64 ...
Use of software with known vulnerabilities in development - Python
Need Mitigation of software vulnerabilities in development environments Context Usage of Python 3.7 for developing Python applications Usage of Django version 1.9.7 for web application development Description Non compliant code # Django settings for ...
Inappropriate coding practices - Unused properties - Python
Need Elimination of unused properties in the codebase Context Usage of Python 3 for scripting and application development Usage of Django for building web applications in Python Description Non compliant code from django.db import models class ...
Non-encrypted confidential information - Keys - Python
Need Secure storage of confidential information Context Usage of Python 3 for scripting and application development Usage of Django for building web applications in Python Description Non compliant code from django.db import models class ...
Inappropriate coding practices - Wildcard export - Python
Need Enforce explicit exports in code modules Context Usage of Python for general-purpose programming and scripting Usage of my_module for custom functionality or feature implementation Description Non compliant code # my_module.py def ...
Non-encrypted confidential information - Hexadecimal - Python
Need Encryption of confidential information to ensure its confidentiality Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications Description Non compliant code from django.http import ...
Use of an insecure channel - HTTP - Python
Need Secure transmission of client information Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse from django.views import ...
Sensitive information in source code - Git history - Python
Need Protection of sensitive information in source code history Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Usage of psycopg2 for connecting to and interacting with ...
Sensitive information in source code - Credentials - Python
Need Protection of sensitive information in source code Context Usage of Python 3 for writing Python code and running Python applications Usage of Django for building web applications Description Non compliant code # settings.py DATABASES = { ...
Insecure service configuration - BREACH Attack - Python
Need Secure service configuration to prevent BREACH attacks Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code # settings.py from django.conf import ...
Insecure service configuration - Salt - Python
Need Secure generation of salt for password hashing Context Usage of Python 3 for writing and executing Python code Usage of hashlib for cryptographic hashing operations Usage of random for generating random numbers or values Description Non ...
Business information leak - Corporate information - Python
Need Protection of sensitive corporate information from unauthorized access Context Usage of Python 3.6+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.views ...
Use of insecure channel - Source code - Python
Need Secure transmission of customer information Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
Lack of protection against brute force attacks - Credentials - Python
Need Implementation of strong protection against brute force attacks on promotional code credentials Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant ...
Sensitive information in source code - Dependencies - Python
Need Secure storage of sensitive information in separate, protected environments Context Usage of Python 3 for scripting and application development Usage of Django for building web applications in Python Usage of psycopg2 for connecting to and ...
Insecurely generated token - Lifespan - Python
Need Securely generate and manage session tokens with appropriate expiration times Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from ...
Insecure service configuration - Roles - Python
Need Proper configuration and assignment of roles to ensure accurate representation of security responsibilities Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications Description Non ...
Insecurely generated token - Validation - Python
Need Secure token generation and validation Context Usage of Python 3.0+ for developing Python applications Usage of JWT for secure authentication and authorization Usage of Django for building web applications Usage of Django Rest Framework for ...
Improper resource allocation - Memory leak - Python
Need Proper resource management and deallocation Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse from django.views ...
Insecurely generated token - JWT - Python
Need Secure token generation for user creation service Context Usage of Python 3 for scripting and application development Usage of JWT for secure authentication and authorization Usage of Django for building web applications in Python Description ...
Weak credential policy - Password Change Limit - Python
Need Implementation of a strong password change policy Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth.models import User ...
Insecure service configuration - OTP - Python
Need Secure service configuration - Disable OTP mock Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications in Python Description Non compliant code from django.conf import settings def ...
Technical information leak - Logs - Python
Need Prevention of unauthorized access to system logs Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Usage of logging for capturing and recording application events or messages ...
Non-encrypted confidential information - Base 64 - Python
Need Secure storage of confidential information Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code # settings.py DATABASES = { 'default': { 'ENGINE': ...
Automatic information enumeration - Personal Information - Python
Need Enhancement of user privacy and data protection Context Usage of Python 3 for scripting and software development Usage of Django for building web applications in Python Description Non compliant code from django.http import JsonResponse from ...
Insecure encryption algorithm - ECB - Python
Need Secure encryption algorithm implementation Context Usage of Python 3 for writing and executing Python code Usage of Crypto for cryptographic operations Usage of base64 for encoding and decoding data in base64 format Description Non compliant ...
Sensitive information sent via URL parameters - Session - Python
Need Secure transmission of sensitive information in session tokens Context Usage of Python 3 for programming and scripting Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Non-encrypted confidential information - Local data - Python
Need Secure storage of confidential data on local devices Context Requirement of Python 3.7 or later for running the application Usage of firebase_admin for server-side Firebase operations Usage of Google Cloud Firestore for managing and storing data ...
Insecure functionality - Masking - Python
Need Secure data masking Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import JsonResponse def user_info(request): user = ...
Insecure functionality - Password management - Python
Need Secure password management Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from django.contrib.auth.models import User from django.shortcuts import ...
Insecure functionality - File Creation - Python
Need Enforce server-side validation and authorization for restricted functionality Context Usage of Python 3 for scripting and application development Usage of Django for building web applications Description Non compliant code from django.http ...
Insecure encryption algorithm - Blowfish - Python
Need Secure encryption algorithm for data protection Context Usage of Python 3 for developing Python applications Usage of pycryptodome for cryptographic operations in Python Description Non compliant code from Crypto.Cipher import Blowfish import os ...
Insecure encryption algorithm - AES - Python
Need Implementation of secure encryption algorithms Context Usage of Python 3 for writing and executing Python code Usage of pycryptodome for cryptographic operations in Python Description Non compliant code from Crypto.Cipher import AES from ...
Insecure encryption algorithm - TripleDES - Python
Need Secure encryption algorithm for data protection Context Usage of Python 3 for writing and executing Python code Usage of pycryptodome for cryptographic operations in Python Description Non compliant code from Crypto.Cipher import DES3 from ...
Insecure encryption algorithm - MD5 - Python
Need Implementation of secure encryption algorithms for password hashing Context Usage of Python 3 for developing applications or scripts Usage of hashlib for cryptographic hashing operations Description Non compliant code import hashlib def ...
Insecure encryption algorithm - SHA1 - Python
Need Implementation of secure encryption algorithms Context Usage of Python 3 for scripting and application development Usage of hashlib for cryptographic hashing operations Description Non compliant code import hashlib def ...
Next page