Closed
Description
-
S101:assert_used -
S102:exec_used -
S103:set_bad_file_permissions -
S104:hardcoded_bind_all_interfaces -
S105:hardcoded_password_string -
S106:hardcoded_password_funcarg -
S107:hardcoded_password_default -
S108:hardcoded_tmp_directory -
S109:password_config_option_not_marked_secret -
S110:try_except_pass -
S111:execute_with_run_as_root_equals_true -
S112:try_except_continue -
S113:request_without_timeout -
S201:flask_debug_true -
S202:tarfile_unsafe_members -
S301:pickle -
S302:marshal -
S303:md5 -
S304:ciphers -
S305:cipher_modes -
S306:mktemp_q -
S307:eval -
S308:mark_safe -
S311:random -
S312:telnetlib -
S313:xml_bad_cElementTree -
S314:xml_bad_ElementTree -
S315:xml_bad_expatreader -
S316:xml_bad_expatbuilder -
S317:xml_bad_sax -
S318:xml_bad_minidom -
S319:xml_bad_pulldom -
S320:xml_bad_etree -
S321:ftplib -
S323:unverified_context -
S324:hashlib -
S310:urllib_urlopen -
S401:import_telnetlib -
S402:import_ftplib -
S403:import_pickle -
S404:import_subprocess -
S405:import_xml_etree -
S406:import_xml_sax -
S407:import_xml_expat -
S408:import_xml_minidom -
S409:import_xml_pulldom -
S410:import_lxml -
S411:import_xmlrpclib -
S412:import_httpoxy -
S413:import_pycrypto -
S415:import_pyghmi -
S501:request_with_no_cert_validation -
S502:ssl_with_bad_version -
S503:ssl_with_bad_defaults -
S504:ssl_with_no_version -
S505:weak_cryptographic_key -
S506:yaml_load -
S507:ssh_no_host_key_verification -
S508:snmp_insecure_version -
S509:snmp_weak_cryptography -
S601:paramiko_calls -
S602:subprocess_popen_with_shell_equals_true -
S603:subprocess_without_shell_equals_true -
S604:any_other_function_with_shell_equals_true -
S605:start_process_with_a_shell -
S606:start_process_with_no_shell -
S607:start_process_with_partial_path -
S608:hardcoded_sql_expressions -
S609:linux_commands_wildcard_injection -
S610:django_extra_used -
S611:django_rawsql_used -
S612:logging_config_insecure_listen -
S701:jinja2_autoescape_false -
S702:use_of_mako_templates -
S703:django_mark_safe