Dashboard
Resources
Pricing
Discover
Directory
Log in
QuackatronHQ
/
Gigarepo
Active
Overview
Issues
Metrics
History
All
Severity
Sort
All issues
105
All issues
105
Recommended
85
Secrets
0
Bug Risk
0
Anti-pattern
0
Security
105
Performance
0
Typecheck
0
Coverage
0
Style
0
Documentation
0
XML parsing may be vulnerable to XXE attacks
JS-D022
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Server hostname may not be verified
PTC-W6002
Security
Minor
a month ago
—
2 years old
Seen in 1 file
1
Assert statement used outside of tests
BAN-B101
Security
Major
a month ago
—
2 years old
Seen in 2 files
2
Audit required: Use of
eval
PYL-W0123
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Audit the random number generation source (rand)
GSC-G404
Security
Minor
a month ago
—
2 years old
Seen in 1 file
1
No certificate validation detected for HTTP request
BAN-B501
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Use of
tempnam
detected
BAN-B325
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Hardcoded temporary directory detected
BAN-B108
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Audit: Starting a process with a partial executable path
BAN-B607
Security
Minor
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Risk of possible SQL injection vector through string-based query construction
BAN-B608
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Use of both safe and unsafe HTTP methods for a view
PY-S6007
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Possible wildcard injection in call:
subprocess.Popen
BAN-B609
Security
Major
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Server certificate may not be verified
PTC-W6001
Security
Minor
a month ago
—
2 years old
Seen in 2 files
2
Audit required: External control of file name or path
PTC-W6004
Security
Minor
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Insecurely generated random number
CS-A1008
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Filesystem related permissions specified are too broad
CS-S1000
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Sensitive cookie without
HttpOnly
attribute
PHP-A1003
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Use of an insecure hashing function
PHP-A1004
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Sensitive cookie without
secure
attribute
PHP-A1005
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Directory created with insecure permissions
PHP-A1006
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Audit required: Presence of debug function found
PHP-A1012
Security
Critical
a month ago
—
2 years old
Seen in 14 files
63
Overly permissive CORS policies are a security risk
JAVA-S1000
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Cookies must not be insecure
JAVA-S1003
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
CBC and ECB modes are insecure
JAVA-S1004
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
Cipher does not support integrity verification
JAVA-S1005
Security
Critical
a month ago
—
2 years old
Seen in 1 file
1
1
2