python
Lack of data validation - Header x-amzn-RequestId - Python
Need Implementation of strict data validation for the x-amzn-RequestId Header Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications Description Non compliant code from django.http import ...
Lack of data validation - Python
Need Implementation of robust data validation mechanisms Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
SQL Injection - Headers - Python
Need Prevention of SQL injection in the idClient and application headers Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Time-based SQL Injection - Python
Need Prevention of time-based SQL injection attacks Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
Insecure or unset HTTP headers - Accept - Python
Need Enforce secure and specific Accept headers for HTTP requests Context Usage of Python 3.0 for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Insecure or unset HTTP headers - X-Frame Options - Python
Need Implementation of secure and properly configured HTTP headers Context Usage of Python 3 for general-purpose programming and scripting Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Inappropriate coding practices - Cyclomatic complexity - Python
Need Improvement of coding practices to reduce cyclomatic complexity Context Usage of Python 3 for developing applications and scripts Usage of request for making HTTP requests Description Non compliant code def complex_function(request, model_name, ...
Insecure exceptions - Empty or no catch - Python
Need Proper exception handling and error management Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications with Python Description Non compliant code from django.http import HttpResponse from ...
Insecure or unset HTTP headers - Cache Control - Python
Need Implementation of secure and appropriate Cache Control headers Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse def ...
Insecure or unset HTTP headers - X-XSS Protection - Python
Need Implementation of secure and properly configured HTTP headers Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications Description Non compliant code from django.http import ...
Insecure or unset HTTP headers - CORS - Python
Need Enforcement of secure and properly configured HTTP headers for Cross-Origin Resource Sharing (CORS) Context Usage of Python 3 for building and running Python applications Usage of Django for building web applications Description Non compliant ...
Insecure or unset HTTP headers - X-Content-Type-Options - Python
Need Enforce the usage of the X-Content-Type-Options HTTP header Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Insecure or unset HTTP headers - Strict Transport Security - Python
Need Implementation of Strict-Transport-Security (HSTS) header with an appropriate max-age value Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code ...
Insecurely generated cookies - Secure - Python
Need Ensure secure generation and transmission of cookies Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse from ...
Insecurely generated cookies - SameSite - Python
Need Secure generation of cookies with proper SameSite attribute Context Usage of Python 3.x for building applications and scripts Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Insecurely generated cookies - HttpOnly - Python
Need Enforce secure cookie generation by setting the HttpOnly attribute Context Usage of Python 3 for scripting and application development Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Lack of data validation - Type confusion - Python
Need Implementation of proper data validation and type checking Context Usage of Python 3 for scripting and software development Usage of Django for building web applications in Python Description Non compliant code from django.http import ...
Race condition - Python
Need Ensuring proper synchronization and order of inputs in the system Context Usage of Python 3 for scripting and application development Usage of Django for building web applications in Python Usage of myapp for building a custom application ...
Local file inclusion - Python
Need Prevention of unauthorized access to sensitive files on the server Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse ...
HTTP parameter pollution - Python
Need Prevention of HTTP parameter pollution Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications in Python Description Non compliant code from django.http import HttpResponse from ...
Improper type assignation - Python
Need Enforce proper type assignment in the source code Context Usage of Python 3.0 for building applications and scripts Usage of Django for building web applications in Python Description Non compliant code def process_data(request): data = ...
LDAP injection - Python
Need Prevention of LDAP injection attacks Context Usage of Python 3 for writing and executing Python code Usage of django-auth-ldap for integrating LDAP authentication with Django Description Non compliant code from django_auth_ldap.backend import ...
NoSQL injection - Python
Need Prevention of NoSQL injection attacks Context Usage of Python 3 for scripting and application development Usage of Django for building web applications in Python Usage of PyMongo for interacting with MongoDB in Python Description Non compliant ...
External control of file name or path - Python
Need Prevention of unauthorized access and manipulation of file paths and names Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.http ...
Insecure deserialization - Python
Need Secure deserialization process Context Usage of Python 3 for writing and executing Python code Usage of Pickle for object serialization and deserialization Description Non compliant code import pickle def deserialize_object(serialized_object): ...
Log injection - Python
Need Prevention of log injection attacks Context Usage of Python 3 for developing applications and scripts Usage of logging for recording and tracking application events Usage of Django for building web applications in Python Description Non ...
CSV injection - Python
Need Prevention of CSV injection attacks Context Usage of Python 3 for scripting and application development Usage of csv for parsing and manipulating CSV files Usage of Django for building web applications in Python Description Non compliant code ...
Lack of data validation - Trust boundary violation - Python
Need Enforce strict data validation and trust boundaries Context Usage of Python 3 for developing Python applications Usage of Django for building web applications Description Non compliant code from django.http import JsonResponse from django.views ...
XML injection (XXE) - Python
Need Prevention of XML injection attacks Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Usage of lxml for parsing and manipulating XML data Description Non compliant code from django.http ...
Insecure session management - Python
Need Secure session management Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code from django.contrib.sessions.models import Session from ...
Insecure or unset HTTP headers - Referrer-Policy - Python
Need Implementation of secure and properly configured HTTP headers, specifically the Referrer-Policy header. Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications Description Non compliant code ...
Insecure session expiration time - Python
Need Enforce secure session expiration time Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code # settings.py from django.conf import settings # ...
Lack of data validation - Path Traversal - Python
Need Implementation of proper input validation and sanitization to prevent path traversal attacks. Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code ...
Concurrent sessions - Python
Need Enforce session management and limit concurrent user sessions Context Usage of Python 3 for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth import ...
Insecure service configuration - Host verification - Python
Need Secure host verification and restrict incoming connections from unknown external hosts Context Usage of Python 3 for writing and executing Python code Usage of Django for building web applications in Python Description Non compliant code # In ...
Asymmetric denial of service - Content length - Python
Need Prevention of Asymmetric Denial of Service attacks targeting the Content-Length field Context Usage of Python 3.0+ for developing Python applications Usage of Django for building web applications in Python Description Non compliant code from ...
Cracked weak credentials - Python
Need Enhancement of password security Context Usage of Python 3 for scripting and software development Usage of Django for building web applications in Python Description Non compliant code from django.contrib.auth.models import User def ...
Insecure or unset HTTP headers - Content-Security-Policy - Python
Need Implementation of secure and properly configured Content-Security-Policy headers Context Usage of Python 3 for building and executing Python applications Usage of Django for building web applications in Python Description Non compliant code from ...
Insecurely generated cookies - Python
Need Secure generation and handling of cookies Context Usage of Python 3 for Python programming and development Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse from ...
Improper authorization control for web services - Python
Need Implementation of proper authorization controls for web services Context Usage of Python 3 for developing applications and scripts Usage of Django for building web applications Description Non compliant code from django.http import HttpResponse ...
Next page