Audit required: Use of eval
PYL-W0123
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
XML parsing may be vulnerable to XXE attacks
JS-D022
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Server hostname may not be verified
PTC-W6002
Security
Minor
25 days ago
—
2 years old
Seen in 1 file
1
Assert statement used outside of tests
BAN-B101
Security
Major
25 days ago
—
2 years old
Seen in 2 files
2
Audit the random number generation source (rand)
GSC-G404
Security
Minor
25 days ago
—
2 years old
Seen in 1 file
1
No certificate validation detected for HTTP request
BAN-B501
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Use of tempnam detected
BAN-B325
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Hardcoded temporary directory detected
BAN-B108
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Audit: Starting a process with a partial executable path
BAN-B607
Security
Minor
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Risk of possible SQL injection vector through string-based query construction
BAN-B608
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Use of both safe and unsafe HTTP methods for a view
PY-S6007
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Possible wildcard injection in call: subprocess.Popen
BAN-B609
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Server certificate may not be verified
PTC-W6001
Security
Minor
25 days ago
—
2 years old
Seen in 2 files
2
Audit required: External control of file name or path
PTC-W6004
Security
Minor
25 days ago
—
2 years old
Seen in 1 file
1
User should not be root when the Dockerfile completes
DOK-DL3002
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Audit: Consider using System.URI instead of strings
CS-A1000
Security
Major
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Insecurely generated random number
CS-A1008
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Filesystem related permissions specified are too broad
CS-S1000
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Sensitive cookie without HttpOnly attribute
PHP-A1003
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Use of an insecure hashing function
PHP-A1004
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Sensitive cookie without secure attribute
PHP-A1005
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Directory created with insecure permissions
PHP-A1006
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Audit required: Presence of debug function found
PHP-A1012
Security
Critical
25 days ago
—
2 years old
Seen in 14 files
63
Overly permissive CORS policies are a security risk
JAVA-S1000
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1
Cookies must not be insecure
JAVA-S1003
Security
Critical
25 days ago
—
2 years old
Seen in 1 file
1