python
Insecure encryption algorithm - DSA - Python
Need Implementation of secure encryption algorithms Context Usage of Python 3 for scripting and application development Usage of pycryptodome for cryptographic operations in Python Description Non compliant code from Crypto.PublicKey import DSA from ...
Automatic information enumeration - Credit Cards - Python
Need Enhancement of credit card validation and security measures Context Usage of Python 3 for scripting and general-purpose programming Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Non-encrypted confidential information - Credentials - Python
Need Secure storage of confidential information - Credentials Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications in Python Description Non compliant code from ...
Non-encrypted confidential information - LDAP - Python
Need Secure storage and transmission of LDAP service credentials Context Usage of Python 3 for developing applications and scripts Usage of LDAP for directory services and user authentication Description Non compliant code import ldap # LDAP settings ...
Non-encrypted confidential information - AWS - Python
Need Secure storage of AWS credentials Context Usage of Python 3 for writing and executing Python code Usage of boto3 for interacting with Amazon Web Services (AWS) in Python Description Non compliant code import boto3 # AWS credentials ...
Non-encrypted confidential information - DB - Python
Need Secure storage of confidential information in the database Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant code from django.db import models ...
Non-encrypted confidential information - Credit Cards - Python
Need Secure encryption and masking of credit card information Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications Description Non compliant code from django.db import models class ...
Technical information leak - Errors - Python
Need Prevention of technical information leaks through error messages Context Usage of Python 3.6 for developing Python applications Usage of Django for building web applications in Python Description Non compliant code # views.py from django.http ...
Technical information leak - Print Functions - Python
Need Prevention of sensitive information exposure through print functions in production environment Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications Description Non compliant code from ...
Technical information leak - Headers - Python
Need Prevention of technical information leakage through server response headers Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code # Django settings ...
Business information leak - Personal Information - Python
Need Protection of personal information from unauthorized access or disclosure Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications Description Non compliant code from django.db import models ...
Business information leak - JFROG - Python
Need Protection of sensitive business information from unauthorized access and leakage Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant code # ...
Business information leak - Users - Python
Need Protection of business information and user data confidentiality Context Usage of Python 3 for writing and executing Python code Usage of Django for web application development Description Non compliant code from django.http import JsonResponse ...
Business information leak - Token - Python
Need Protection of sensitive user information in session tokens Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications Description Non compliant code from django.contrib.auth import authenticate, ...
Business information leak - Network Unit - Python
Need Protection of sensitive business information from unauthorized access or disclosure Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from ...
Business information leak - Credit Cards - Python
Need Protection of customer credit card data and business information Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications Description Non compliant code from django.http import JsonResponse ...
Business information leak - Source Code - Python
Need Protection of sensitive business information in source code Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse from ...
Business information leak - Credentials - Python
Need Protection of business credentials from unauthorized access and leakage Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications Description Non compliant code from ...
Business information leak - JWT - Python
Need Protection of sensitive business information in JWT Context Usage of Python 3.0+ for developing Python applications Usage of JWT for secure authentication and authorization Usage of Django for building web applications in Python Usage of Django ...
Asymmetric denial of service - ReDoS - Python
Need Prevention of Regular Expression Denial of Service (ReDoS) attacks Context Usage of Python 3 for scripting and application development Usage of the re library for regular expression pattern matching and manipulation Description Non compliant ...
Traceability loss - Python
Need Improved traceability and logging capabilities Context Usage of Python 3 for developing Python applications Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse from django.views ...
Debugging enabled in production - Python
Need Disabling debugging mode in production environment Context Usage of Python 3 for scripting and software development Usage of Django for building web applications in Python Description Non compliant code # settings.py from django.conf import ...
Insecure service configuration - SMTP - Python
Need Secure configuration of SMTP service Context Usage of Python 3 for writing and executing Python code Usage of smtplib for sending emails in Node.js Description Non compliant code import smtplib def send_email(from_addr, to_addr_list, ...
Insecure service configuration - SMB - Python
Need Secure configuration of SMB service Context Usage of Python 3 for developing applications and scripts Usage of the os module for accessing operating system-related information Description Non compliant code import os def enable_smb_v1(): ...
Uncontrolled external site redirect - Python
Need Controlled and secure external site redirects Context Usage of Python 3 for scripting and application development Usage of Django for building web applications Description Non compliant code from django.http import HttpResponseRedirect from ...
Use of an insecure channel - Telnet - Python
Need Secure transmission of customer information Context Usage of Python 3 for developing applications and scripts Usage of telnetlib for establishing and managing Telnet connections Description Non compliant code import telnetlib def send_data(host, ...
Use of an insecure channel - useSslProtocol() - Python
Need Secure communication channel for production environment Context Usage of Python 3 for developing applications and scripts Usage of SSL for secure communication and data encryption Usage of Socket for real-time communication and event-based ...
Use of an insecure channel - FTP - Python
Need Secure transmission of customer information Context Usage of Python 3 for writing and executing Python scripts Usage of ftplib for FTP file transfer operations Description Non compliant code from ftplib import FTP def ...
Insecure encryption algorithm - SSLContext - Python
Need Implementation of secure encryption algorithms for SSLContext Context Usage of Python 3 for scripting and software development Usage of SSL for secure communication over the network Description Non compliant code import ssl ssl_context = ...
Inappropriate coding practices - Eval function - Python
Need Secure handling of user input and avoidance of using the eval function Context Usage of Python 3 for scripting and software development Usage of Django for building web applications Description Non compliant code from django.http import ...
Sensitive information in source code - API Key - Python
Need Secure storage and retrieval of sensitive information such as API keys Context Usage of Python 3 for writing and executing Python code Usage of Django for web application development Description Non compliant code # settings.py in Django ...
Inappropriate coding practices - Python
Need Enforce proper encapsulation in coding practices Context Usage of Python 3 for writing and executing Python code Description Non compliant code class User: def __init__(self, username, password): self.username = username self.password = password ...
Directory listing - Python
Need Prevention of unauthorized access to directory listings Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications in Python Description Non compliant code from django.views.static import ...
Improper dependency pinning - Python
Need Proper management of dependencies and version control Context Usage of Python 3.1 for developing Python applications Usage of Django for building web applications in Python Usage of requests for making HTTP requests in Node.js Description Non ...
Metadata with sensitive information - Python
Need Protection of sensitive information in metadata Context Usage of Python 3.1 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import JsonResponse def ...
Regulation infringement - Python
Need Compliance with regulatory requirements Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications Description Non compliant code # vulnerable_code.py from django.http import HttpResponse from ...
XS-Leaks - Python
Need Protection of sensitive user information from being leaked through browser side-channels Context Usage of Python 3 for writing and executing Python code Usage of Django for web development with Python Description Non compliant code from ...
Improper control of interaction frequency - Python
Need Enforce rate limiting to control the frequency of user interactions Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Email uniqueness not properly verified - Python
Need Enforce email uniqueness during registration process Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from django.db import models class ...
Server-side request forgery (SSRF) - Python
Need Prevention of unauthorized server-side requests to arbitrary domains Context Usage of Python 3 for general-purpose programming and scripting Usage of Django for building web applications in Python Usage of requests for making HTTP requests in ...
Next page