python
Data uniqueness not properly verified - Python
Need Enforce proper data uniqueness verification Context Usage of Python 3 for general-purpose programming and scripting Usage of Django for building web applications in Python Description Non compliant code from django.db import models class ...
Insecure encryption algorithm - Cipher Block Chaining - Python
Need Secure encryption algorithm implementation Context Usage of Python 3 for building and running Python applications Usage of Crypto for cryptographic operations Description Non compliant code from Crypto.Cipher import AES import os def ...
Hidden fields manipulation - Python
Need Prevention of unauthorized manipulation of hidden fields Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications Description Non compliant code from django import forms class ...
Insecure encryption algorithm - Anonymous cipher suites - Python
Need Secure encryption algorithm and cipher suite selection Context Usage of Python 3 for scripting and software development Usage of Django for building web applications Usage of OpenSSL for secure communication and encryption Description Non ...
Insecurely deleted files - Python
Need Secure file deletion mechanism Context Usage of Python 3 for writing and executing Python code Usage of os for accessing operating system-related information and functionalities Description Non compliant code import os def ...
Business information leak - Customers or providers - Python
Need Protection of sensitive business information from unauthorized access or leakage Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant code from ...
Non-upgradable dependencies - Python
Need Explicitly declare and manage dependencies in the source code Context Usage of Python 3 for scripting and software development Usage of Django for building web applications in Python Usage of psycopg2 for connecting to and interacting with ...
Insecurely generated token - Python
Need Secure token generation mechanism Context Usage of Python 3 for writing and executing Python code Usage of hashlib for cryptographic hashing operations Description Non compliant code import hashlib def generate_token(username, password): token = ...
Improper resource allocation - Python
Need Efficient resource allocation and management Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
Traceability loss - Server's clock - Python
Need Ensure accurate time synchronization for the server's internal clock Context Usage of Python 3 for developing applications and scripts Usage of datetime for working with date and time in Node.js applications Description Non compliant code import ...
Remote File Inclusion - Python
Need Prevention of remote file inclusion attacks Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Usage of urllib for making HTTP requests Description Non compliant code from ...
Sensitive information stored in logs - Python
Need Secure handling of sensitive information in log files Context Usage of Python 3 for developing applications and scripts Usage of logging for capturing and storing application logs Description Non compliant code import logging def ...
Lack of protection against brute force attacks - Python
Need Implementation of strong and effective protection against brute force attacks Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications Description Non compliant code from django.contrib.auth ...
Insecure encryption algorithm - Python
Need Implementation of secure encryption algorithms Context Usage of Python 3 for building and running Python applications Usage of Crypto for cryptographic operations Usage of base64 for encoding and decoding data in base64 format Description Non ...
Guessed weak credentials - Python
Need Enhancement of credential security Context Usage of Python 3 for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth.models import User def ...
Automatic information enumeration - Python
Need Prevention of automatic information enumeration Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
Enabled default credentials - Python
Need Implementation of strong, unique credentials for system resources Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.db import models ...
Insecure generation of random numbers - Python
Need Secure generation of random numbers Context Usage of Python 3 for building and executing Python applications Usage of random for generating random numbers or values Description Non compliant code import random def generate_random_number(): ...
Sensitive information sent via URL parameters - Python
Need Protection of sensitive information during transmission Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse ...
Insecure temporary files - Python
Need Secure handling of temporary files Context Usage of Python 3 for developing applications and scripts Usage of os for accessing operating system-related information Usage of tempfile for creating temporary files and directories Description Non ...
User enumeration - Python
Need Prevention of user enumeration Context Usage of Python 3 for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth import authenticate def login(request): ...
Uncontrolled external site redirect - Host Header Injection - Python
Need Prevention of unauthorized external site redirects Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Use of an insecure channel - Python
Need Secure transmission of data Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse def send_data(request): ...
Non-encrypted confidential information - Python
Need Secure storage of confidential information Context Usage of Python 3 for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.db import models class User(models.Model): ...
Sensitive information sent insecurely - Python
Need Secure transmission of sensitive information Context Usage of Python 3 for scripting and software development Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
Insecure encryption algorithm - SSL/TLS - Python
Need Implementation of secure encryption algorithms and disabling insecure TLS protocol versions Context Usage of Python 3 for general-purpose programming and scripting Usage of Django for building web applications Usage of OpenSSL for secure ...
Insecure functionality - Python
Need Secure functionality implementation Context Usage of Python 3 for scripting and application development Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from .models ...
Symmetric denial of service - Python
Need Prevention of service outages caused by repeated resource-intensive requests Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.http ...
Asymmetric denial of service - Python
Need The solution to the vulnerability of asymmetric denial of service is the need for implementing robust security measures to prevent service outages caused by resource exhaustion. Context Usage of Python 3.6+ for developing Python applications ...
Security controls bypass or absence - Fingerprint - Python
Need Enhancement of security controls for fingerprint identification Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth ...
Inappropriate coding practices - invalid file - Python
Need Enforce proper file validation and verification in the repository Context Usage of Python 3 for scripting and development Usage of Django for building web applications Description Non compliant code from django.core.files import File def ...
Server side cross-site scripting - Python
Need Mitigation of server-side cross-site scripting attacks Context Usage of Python 3 for scripting and development Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
Server side template injection - Python
Need Prevention of server-side template injection attacks Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.template import Context, ...
OS Command Injection - Python
Need Prevention of OS Command Injection attacks Context Usage of Python 3 for writing and executing Python code Usage of OS for accessing and interacting with operating system functionalities Usage of Django for building web applications in Python ...
Insecure authentication method - NTLM - Python
Need Implementation of a secure authentication method Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth import ...
Insecurely generated token - OTP - Python
Need Secure generation and transmission of OTP tokens Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications Description Non compliant code from django.http import JsonResponse from ...
Insecure object reference - User deletion - Python
Need Secure user deletion and session management Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth.models import User from ...
Authentication mechanism absence or evasion - Response tampering - Python
Need Implementation of a secure and robust authentication mechanism Context Usage of Python 3.6 for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Weak credential policy - Temporary passwords - Python
Need Implementation of a strong credential policy for temporary passwords Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from ...
Weak credential policy - Password strength - Python
Need Implementation of a strong password policy Context Usage of Python 3 for writing and running Python code Usage of Django for building web applications Description Non compliant code from django.contrib.auth.models import User def ...
Next page