Pattern: Possible binding to all interfaces
Issue: -
Binding to all network interfaces can potentially open up a service to traffic
on unintended interfaces, that may not be properly documented or secured. This
rule looks for a string pattern 0.0.0.0 that may indicate a hardcoded
binding to all network interfaces.
Example of insecure code:
s.bind(('0.0.0.0', 8080))Example of secure code:
s.bind(('192.168.0.1', 8080))