CodeQL documentation

CWE coverage for Python

An overview of CWE coverage for Python in the latest release of CodeQL.

Overview

CWE Language Query id Query name
CWE-20 Python py/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data
CWE-20 Python py/untrusted-data-to-external-api Untrusted data passed to external API
CWE-20 Python py/incomplete-hostname-regexp Incomplete regular expression for hostnames
CWE-20 Python py/incomplete-url-substring-sanitization Incomplete URL substring sanitization
CWE-20 Python py/overly-large-range Overly permissive regular expression range
CWE-20 Python py/bad-tag-filter Bad HTML filtering regexp
CWE-22 Python py/path-injection Uncontrolled data used in path expression
CWE-22 Python py/tarslip Arbitrary file write during tarfile extraction
CWE-22 Python py/zipslip Arbitrary file access during archive extraction ("Zip Slip")
CWE-22 Python py/tarslip-extended Arbitrary file write during tarfile extraction
CWE-22 Python py/unsafe-unpacking Arbitrary file write during a tarball extraction from a user controlled source
CWE-23 Python py/path-injection Uncontrolled data used in path expression
CWE-36 Python py/path-injection Uncontrolled data used in path expression
CWE-73 Python py/path-injection Uncontrolled data used in path expression
CWE-73 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-74 Python py/path-injection Uncontrolled data used in path expression
CWE-74 Python py/command-line-injection Uncontrolled command line
CWE-74 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-74 Python py/jinja2/autoescape-false Jinja2 templating with autoescape=False
CWE-74 Python py/reflective-xss Reflected server-side cross-site scripting
CWE-74 Python py/sql-injection SQL query built from user-controlled sources
CWE-74 Python py/ldap-injection LDAP query built from user-controlled sources
CWE-74 Python py/code-injection Code injection
CWE-74 Python py/http-response-splitting HTTP Response Splitting
CWE-74 Python py/xpath-injection XPath query built from user-controlled sources
CWE-74 Python py/nosql-injection NoSQL Injection
CWE-74 Python py/template-injection Server Side Template Injection
CWE-74 Python py/paramiko-command-injection RCE with user provided command with paramiko ssh client
CWE-74 Python py/reflective-xss-email Reflected server-side cross-site scripting
CWE-74 Python py/xslt-injection XSLT query built from user-controlled sources
CWE-77 Python py/command-line-injection Uncontrolled command line
CWE-77 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-78 Python py/command-line-injection Uncontrolled command line
CWE-78 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-79 Python py/jinja2/autoescape-false Jinja2 templating with autoescape=False
CWE-79 Python py/reflective-xss Reflected server-side cross-site scripting
CWE-79 Python py/http-response-splitting HTTP Response Splitting
CWE-79 Python py/reflective-xss-email Reflected server-side cross-site scripting
CWE-88 Python py/command-line-injection Uncontrolled command line
CWE-88 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-89 Python py/sql-injection SQL query built from user-controlled sources
CWE-90 Python py/ldap-injection LDAP query built from user-controlled sources
CWE-91 Python py/xpath-injection XPath query built from user-controlled sources
CWE-91 Python py/xslt-injection XSLT query built from user-controlled sources
CWE-93 Python py/http-response-splitting HTTP Response Splitting
CWE-94 Python py/code-injection Code injection
CWE-95 Python py/code-injection Code injection
CWE-99 Python py/path-injection Uncontrolled data used in path expression
CWE-113 Python py/http-response-splitting HTTP Response Splitting
CWE-116 Python py/reflective-xss Reflected server-side cross-site scripting
CWE-116 Python py/code-injection Code injection
CWE-116 Python py/bad-tag-filter Bad HTML filtering regexp
CWE-116 Python py/log-injection Log Injection
CWE-116 Python py/reflective-xss-email Reflected server-side cross-site scripting
CWE-117 Python py/log-injection Log Injection
CWE-172 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-176 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-179 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-180 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-185 Python py/bad-tag-filter Bad HTML filtering regexp
CWE-186 Python py/bad-tag-filter Bad HTML filtering regexp
CWE-200 Python py/bind-socket-all-network-interfaces Binding a socket to all network interfaces
CWE-200 Python py/stack-trace-exposure Information exposure through an exception
CWE-200 Python py/flask-debug Flask app is run in debug mode
CWE-200 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-200 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-200 Python py/possible-timing-attack-against-hash Timing attack against Hash
CWE-200 Python py/timing-attack-against-hash Timing attack against Hash
CWE-200 Python py/timing-attack-against-header-value Timing attack against header value
CWE-200 Python py/possible-timing-attack-sensitive-info Timing attack against secret
CWE-200 Python py/timing-attack-sensitive-info Timing attack against secret
CWE-203 Python py/possible-timing-attack-against-hash Timing attack against Hash
CWE-203 Python py/timing-attack-against-hash Timing attack against Hash
CWE-203 Python py/timing-attack-against-header-value Timing attack against header value
CWE-203 Python py/possible-timing-attack-sensitive-info Timing attack against secret
CWE-203 Python py/timing-attack-sensitive-info Timing attack against secret
CWE-208 Python py/possible-timing-attack-against-hash Timing attack against Hash
CWE-208 Python py/timing-attack-against-hash Timing attack against Hash
CWE-208 Python py/timing-attack-against-header-value Timing attack against header value
CWE-208 Python py/possible-timing-attack-sensitive-info Timing attack against secret
CWE-208 Python py/timing-attack-sensitive-info Timing attack against secret
CWE-209 Python py/stack-trace-exposure Information exposure through an exception
CWE-215 Python py/flask-debug Flask app is run in debug mode
CWE-221 Python py/catch-base-exception Except block handles 'BaseException'
CWE-227 Python py/equals-hash-mismatch Inconsistent equality and hashing
CWE-227 Python py/call/wrong-named-class-argument Wrong name for an argument in a class instantiation
CWE-227 Python py/call/wrong-number-class-arguments Wrong number of arguments in a class instantiation
CWE-227 Python py/super-not-enclosing-class First argument to super() is not enclosing class
CWE-227 Python py/call/wrong-named-argument Wrong name for an argument in a call
CWE-227 Python py/percent-format/wrong-arguments Wrong number of arguments for format
CWE-227 Python py/call/wrong-arguments Wrong number of arguments in a call
CWE-252 Python py/ignored-return-value Ignored return value
CWE-259 Python py/hardcoded-credentials Hard-coded credentials
CWE-284 Python py/pam-auth-bypass PAM authorization bypass due to incorrect usage
CWE-284 Python py/overly-permissive-file Overly permissive file permissions
CWE-284 Python py/hardcoded-credentials Hard-coded credentials
CWE-284 Python py/flask-constant-secret-key Initializing SECRET_KEY of Flask application with Constant value
CWE-284 Python py/improper-ldap-auth Improper LDAP Authentication
CWE-284 Python py/insecure-ldap-auth Python Insecure LDAP Authentication
CWE-285 Python py/pam-auth-bypass PAM authorization bypass due to incorrect usage
CWE-285 Python py/overly-permissive-file Overly permissive file permissions
CWE-287 Python py/hardcoded-credentials Hard-coded credentials
CWE-287 Python py/flask-constant-secret-key Initializing SECRET_KEY of Flask application with Constant value
CWE-287 Python py/improper-ldap-auth Improper LDAP Authentication
CWE-287 Python py/insecure-ldap-auth Python Insecure LDAP Authentication
CWE-295 Python py/paramiko-missing-host-key-validation Accepting unknown SSH host keys when using Paramiko
CWE-295 Python py/request-without-cert-validation Request without certificate validation
CWE-311 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-311 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-311 Python py/cookie-injection Construction of a cookie using user-supplied input.
CWE-311 Python py/insecure-cookie Failure to use secure cookies
CWE-312 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-312 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-315 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-321 Python py/hardcoded-credentials Hard-coded credentials
CWE-326 Python py/weak-crypto-key Use of weak cryptographic key
CWE-326 Python py/weak-sensitive-data-hashing Use of a broken or weak cryptographic hashing algorithm on sensitive data
CWE-326 Python py/unknown-asymmetric-key-gen-size Unknown key generation key size
CWE-326 Python py/weak-asymmetric-key-gen-size Weak key generation key size (< 2048 bits)
CWE-327 Python py/weak-cryptographic-algorithm Use of a broken or weak cryptographic algorithm
CWE-327 Python py/insecure-default-protocol Default version of SSL/TLS may be insecure
CWE-327 Python py/insecure-protocol Use of insecure SSL/TLS version
CWE-327 Python py/weak-sensitive-data-hashing Use of a broken or weak cryptographic hashing algorithm on sensitive data
CWE-327 Python py/azure-storage/unsafe-client-side-encryption-in-use Unsafe usage of v1 version of Azure Storage client-side encryption.
CWE-327 Python py/weak-block-mode Weak block mode
CWE-327 Python py/weak-elliptic-curve Weak elliptic curve
CWE-327 Python py/weak-hashes Weak hashes
CWE-327 Python py/weak-symmetric-encryption Weak symmetric encryption algorithm
CWE-328 Python py/weak-sensitive-data-hashing Use of a broken or weak cryptographic hashing algorithm on sensitive data
CWE-330 Python py/hardcoded-credentials Hard-coded credentials
CWE-330 Python py/insecure-randomness Insecure randomness
CWE-330 Python py/predictable-token Predictable token
CWE-338 Python py/insecure-randomness Insecure randomness
CWE-340 Python py/predictable-token Predictable token
CWE-344 Python py/hardcoded-credentials Hard-coded credentials
CWE-345 Python py/csrf-protection-disabled CSRF protection weakened or disabled
CWE-345 Python py/jwt-missing-verification JWT missing secret or public key verification
CWE-345 Python py/ip-address-spoofing IP address spoofing
CWE-347 Python py/jwt-missing-verification JWT missing secret or public key verification
CWE-348 Python py/ip-address-spoofing IP address spoofing
CWE-352 Python py/csrf-protection-disabled CSRF protection weakened or disabled
CWE-359 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-359 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-377 Python py/insecure-temporary-file Insecure temporary file
CWE-390 Python py/empty-except Empty except
CWE-396 Python py/catch-base-exception Except block handles 'BaseException'
CWE-398 Python py/unreachable-except Unreachable 'except' block
CWE-398 Python py/comparison-of-constants Comparison of constants
CWE-398 Python py/comparison-of-identical-expressions Comparison of identical values
CWE-398 Python py/comparison-missing-self Maybe missing 'self' in comparison
CWE-398 Python py/redundant-comparison Redundant comparison
CWE-398 Python py/duplicate-key-dict-literal Duplicate key in dict literal
CWE-398 Python py/import-deprecated-module Import of deprecated module
CWE-398 Python py/constant-conditional-expression Constant in conditional expression or statement
CWE-398 Python py/redundant-assignment Redundant assignment
CWE-398 Python py/ineffectual-statement Statement has no effect
CWE-398 Python py/unreachable-statement Unreachable code
CWE-398 Python py/multiple-definition Variable defined multiple times
CWE-398 Python py/unused-local-variable Unused local variable
CWE-398 Python py/unused-global-variable Unused global variable
CWE-400 Python py/file-not-closed File is not always closed
CWE-400 Python py/polynomial-redos Polynomial regular expression used on uncontrolled data
CWE-400 Python py/redos Inefficient regular expression
CWE-400 Python py/regex-injection Regular expression injection
CWE-400 Python py/xml-bomb XML internal entity expansion
CWE-400 Python py/unicode-dos Denial of Service using Unicode Characters
CWE-404 Python py/file-not-closed File is not always closed
CWE-405 Python py/xml-bomb XML internal entity expansion
CWE-405 Python py/decompression-bomb Decompression Bomb
CWE-405 Python py/simple-xml-rpc-server-dos SimpleXMLRPCServer denial of service
CWE-409 Python py/xml-bomb XML internal entity expansion
CWE-409 Python py/decompression-bomb Decompression Bomb
CWE-409 Python py/simple-xml-rpc-server-dos SimpleXMLRPCServer denial of service
CWE-441 Python py/full-ssrf Full server-side request forgery
CWE-441 Python py/partial-ssrf Partial server-side request forgery
CWE-477 Python py/import-deprecated-module Import of deprecated module
CWE-485 Python py/flask-debug Flask app is run in debug mode
CWE-489 Python py/flask-debug Flask app is run in debug mode
CWE-497 Python py/stack-trace-exposure Information exposure through an exception
CWE-502 Python py/unsafe-deserialization Deserialization of user-controlled data
CWE-522 Python py/insecure-ldap-auth Python Insecure LDAP Authentication
CWE-523 Python py/insecure-ldap-auth Python Insecure LDAP Authentication
CWE-532 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-538 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-552 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-561 Python py/unreachable-except Unreachable 'except' block
CWE-561 Python py/comparison-of-constants Comparison of constants
CWE-561 Python py/comparison-of-identical-expressions Comparison of identical values
CWE-561 Python py/comparison-missing-self Maybe missing 'self' in comparison
CWE-561 Python py/redundant-comparison Redundant comparison
CWE-561 Python py/duplicate-key-dict-literal Duplicate key in dict literal
CWE-561 Python py/constant-conditional-expression Constant in conditional expression or statement
CWE-561 Python py/ineffectual-statement Statement has no effect
CWE-561 Python py/unreachable-statement Unreachable code
CWE-563 Python py/redundant-assignment Redundant assignment
CWE-563 Python py/multiple-definition Variable defined multiple times
CWE-563 Python py/unused-local-variable Unused local variable
CWE-563 Python py/unused-global-variable Unused global variable
CWE-570 Python py/comparison-of-constants Comparison of constants
CWE-570 Python py/comparison-of-identical-expressions Comparison of identical values
CWE-570 Python py/comparison-missing-self Maybe missing 'self' in comparison
CWE-570 Python py/redundant-comparison Redundant comparison
CWE-570 Python py/constant-conditional-expression Constant in conditional expression or statement
CWE-571 Python py/comparison-of-constants Comparison of constants
CWE-571 Python py/comparison-of-identical-expressions Comparison of identical values
CWE-571 Python py/comparison-missing-self Maybe missing 'self' in comparison
CWE-571 Python py/redundant-comparison Redundant comparison
CWE-571 Python py/constant-conditional-expression Constant in conditional expression or statement
CWE-573 Python py/equals-hash-mismatch Inconsistent equality and hashing
CWE-573 Python py/call/wrong-named-class-argument Wrong name for an argument in a class instantiation
CWE-573 Python py/call/wrong-number-class-arguments Wrong number of arguments in a class instantiation
CWE-573 Python py/super-not-enclosing-class First argument to super() is not enclosing class
CWE-573 Python py/call/wrong-named-argument Wrong name for an argument in a call
CWE-573 Python py/percent-format/wrong-arguments Wrong number of arguments for format
CWE-573 Python py/call/wrong-arguments Wrong number of arguments in a call
CWE-581 Python py/equals-hash-mismatch Inconsistent equality and hashing
CWE-584 Python py/exit-from-finally 'break' or 'return' statement in finally
CWE-601 Python py/url-redirection URL redirection from remote source
CWE-610 Python py/path-injection Uncontrolled data used in path expression
CWE-610 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-610 Python py/url-redirection URL redirection from remote source
CWE-610 Python py/xxe XML external entity expansion
CWE-610 Python py/full-ssrf Full server-side request forgery
CWE-610 Python py/partial-ssrf Partial server-side request forgery
CWE-611 Python py/xxe XML external entity expansion
CWE-614 Python py/cookie-injection Construction of a cookie using user-supplied input.
CWE-614 Python py/insecure-cookie Failure to use secure cookies
CWE-628 Python py/call/wrong-named-class-argument Wrong name for an argument in a class instantiation
CWE-628 Python py/call/wrong-number-class-arguments Wrong number of arguments in a class instantiation
CWE-628 Python py/super-not-enclosing-class First argument to super() is not enclosing class
CWE-628 Python py/call/wrong-named-argument Wrong name for an argument in a call
CWE-628 Python py/percent-format/wrong-arguments Wrong number of arguments for format
CWE-628 Python py/call/wrong-arguments Wrong number of arguments in a call
CWE-642 Python py/path-injection Uncontrolled data used in path expression
CWE-642 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-643 Python py/xpath-injection XPath query built from user-controlled sources
CWE-643 Python py/xslt-injection XSLT query built from user-controlled sources
CWE-657 Python py/hardcoded-credentials Hard-coded credentials
CWE-664 Python py/catch-base-exception Except block handles 'BaseException'
CWE-664 Python py/implicit-string-concatenation-in-list Implicit string concatenation in a list
CWE-664 Python py/file-not-closed File is not always closed
CWE-664 Python py/bind-socket-all-network-interfaces Binding a socket to all network interfaces
CWE-664 Python py/path-injection Uncontrolled data used in path expression
CWE-664 Python py/tarslip Arbitrary file write during tarfile extraction
CWE-664 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-664 Python py/code-injection Code injection
CWE-664 Python py/stack-trace-exposure Information exposure through an exception
CWE-664 Python py/flask-debug Flask app is run in debug mode
CWE-664 Python py/pam-auth-bypass PAM authorization bypass due to incorrect usage
CWE-664 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-664 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-664 Python py/insecure-temporary-file Insecure temporary file
CWE-664 Python py/unsafe-deserialization Deserialization of user-controlled data
CWE-664 Python py/url-redirection URL redirection from remote source
CWE-664 Python py/xxe XML external entity expansion
CWE-664 Python py/polynomial-redos Polynomial regular expression used on uncontrolled data
CWE-664 Python py/redos Inefficient regular expression
CWE-664 Python py/regex-injection Regular expression injection
CWE-664 Python py/overly-permissive-file Overly permissive file permissions
CWE-664 Python py/xml-bomb XML internal entity expansion
CWE-664 Python py/hardcoded-credentials Hard-coded credentials
CWE-664 Python py/full-ssrf Full server-side request forgery
CWE-664 Python py/partial-ssrf Partial server-side request forgery
CWE-664 Python py/zipslip Arbitrary file access during archive extraction ("Zip Slip")
CWE-664 Python py/tarslip-extended Arbitrary file write during tarfile extraction
CWE-664 Python py/unsafe-unpacking Arbitrary file write during a tarball extraction from a user controlled source
CWE-664 Python py/possible-timing-attack-against-hash Timing attack against Hash
CWE-664 Python py/timing-attack-against-hash Timing attack against Hash
CWE-664 Python py/timing-attack-against-header-value Timing attack against header value
CWE-664 Python py/possible-timing-attack-sensitive-info Timing attack against secret
CWE-664 Python py/timing-attack-sensitive-info Timing attack against secret
CWE-664 Python py/flask-constant-secret-key Initializing SECRET_KEY of Flask application with Constant value
CWE-664 Python py/improper-ldap-auth Improper LDAP Authentication
CWE-664 Python py/decompression-bomb Decompression Bomb
CWE-664 Python py/insecure-ldap-auth Python Insecure LDAP Authentication
CWE-664 Python py/simple-xml-rpc-server-dos SimpleXMLRPCServer denial of service
CWE-664 Python py/unicode-dos Denial of Service using Unicode Characters
CWE-665 Python py/implicit-string-concatenation-in-list Implicit string concatenation in a list
CWE-665 Python py/unicode-dos Denial of Service using Unicode Characters
CWE-668 Python py/bind-socket-all-network-interfaces Binding a socket to all network interfaces
CWE-668 Python py/path-injection Uncontrolled data used in path expression
CWE-668 Python py/tarslip Arbitrary file write during tarfile extraction
CWE-668 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-668 Python py/stack-trace-exposure Information exposure through an exception
CWE-668 Python py/flask-debug Flask app is run in debug mode
CWE-668 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-668 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-668 Python py/insecure-temporary-file Insecure temporary file
CWE-668 Python py/overly-permissive-file Overly permissive file permissions
CWE-668 Python py/zipslip Arbitrary file access during archive extraction ("Zip Slip")
CWE-668 Python py/tarslip-extended Arbitrary file write during tarfile extraction
CWE-668 Python py/unsafe-unpacking Arbitrary file write during a tarball extraction from a user controlled source
CWE-668 Python py/possible-timing-attack-against-hash Timing attack against Hash
CWE-668 Python py/timing-attack-against-hash Timing attack against Hash
CWE-668 Python py/timing-attack-against-header-value Timing attack against header value
CWE-668 Python py/possible-timing-attack-sensitive-info Timing attack against secret
CWE-668 Python py/timing-attack-sensitive-info Timing attack against secret
CWE-668 Python py/insecure-ldap-auth Python Insecure LDAP Authentication
CWE-669 Python py/xxe XML external entity expansion
CWE-670 Python py/asserts-tuple Asserting a tuple
CWE-671 Python py/hardcoded-credentials Hard-coded credentials
CWE-674 Python py/xml-bomb XML internal entity expansion
CWE-674 Python py/simple-xml-rpc-server-dos SimpleXMLRPCServer denial of service
CWE-685 Python py/call/wrong-number-class-arguments Wrong number of arguments in a class instantiation
CWE-685 Python py/percent-format/wrong-arguments Wrong number of arguments for format
CWE-685 Python py/call/wrong-arguments Wrong number of arguments in a call
CWE-687 Python py/super-not-enclosing-class First argument to super() is not enclosing class
CWE-691 Python py/catch-base-exception Except block handles 'BaseException'
CWE-691 Python py/code-injection Code injection
CWE-691 Python py/xml-bomb XML internal entity expansion
CWE-691 Python py/asserts-tuple Asserting a tuple
CWE-691 Python py/exit-from-finally 'break' or 'return' statement in finally
CWE-691 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-691 Python py/simple-xml-rpc-server-dos SimpleXMLRPCServer denial of service
CWE-693 Python py/count-untrusted-data-external-api Frequency counts for external APIs that are used with untrusted data
CWE-693 Python py/untrusted-data-to-external-api Untrusted data passed to external API
CWE-693 Python py/incomplete-hostname-regexp Incomplete regular expression for hostnames
CWE-693 Python py/incomplete-url-substring-sanitization Incomplete URL substring sanitization
CWE-693 Python py/overly-large-range Overly permissive regular expression range
CWE-693 Python py/bad-tag-filter Bad HTML filtering regexp
CWE-693 Python py/pam-auth-bypass PAM authorization bypass due to incorrect usage
CWE-693 Python py/paramiko-missing-host-key-validation Accepting unknown SSH host keys when using Paramiko
CWE-693 Python py/request-without-cert-validation Request without certificate validation
CWE-693 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-693 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-693 Python py/weak-crypto-key Use of weak cryptographic key
CWE-693 Python py/weak-cryptographic-algorithm Use of a broken or weak cryptographic algorithm
CWE-693 Python py/insecure-default-protocol Default version of SSL/TLS may be insecure
CWE-693 Python py/insecure-protocol Use of insecure SSL/TLS version
CWE-693 Python py/weak-sensitive-data-hashing Use of a broken or weak cryptographic hashing algorithm on sensitive data
CWE-693 Python py/csrf-protection-disabled CSRF protection weakened or disabled
CWE-693 Python py/overly-permissive-file Overly permissive file permissions
CWE-693 Python py/hardcoded-credentials Hard-coded credentials
CWE-693 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-693 Python py/flask-constant-secret-key Initializing SECRET_KEY of Flask application with Constant value
CWE-693 Python py/improper-ldap-auth Improper LDAP Authentication
CWE-693 Python py/azure-storage/unsafe-client-side-encryption-in-use Unsafe usage of v1 version of Azure Storage client-side encryption.
CWE-693 Python py/jwt-missing-verification JWT missing secret or public key verification
CWE-693 Python py/ip-address-spoofing IP address spoofing
CWE-693 Python py/insecure-ldap-auth Python Insecure LDAP Authentication
CWE-693 Python py/cookie-injection Construction of a cookie using user-supplied input.
CWE-693 Python py/insecure-cookie Failure to use secure cookies
CWE-693 Python py/unknown-asymmetric-key-gen-size Unknown key generation key size
CWE-693 Python py/weak-asymmetric-key-gen-size Weak key generation key size (< 2048 bits)
CWE-693 Python py/weak-block-mode Weak block mode
CWE-693 Python py/weak-elliptic-curve Weak elliptic curve
CWE-693 Python py/weak-hashes Weak hashes
CWE-693 Python py/weak-symmetric-encryption Weak symmetric encryption algorithm
CWE-696 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-697 Python py/bad-tag-filter Bad HTML filtering regexp
CWE-703 Python py/catch-base-exception Except block handles 'BaseException'
CWE-703 Python py/empty-except Empty except
CWE-703 Python py/ignored-return-value Ignored return value
CWE-703 Python py/stack-trace-exposure Information exposure through an exception
CWE-705 Python py/catch-base-exception Except block handles 'BaseException'
CWE-705 Python py/exit-from-finally 'break' or 'return' statement in finally
CWE-706 Python py/path-injection Uncontrolled data used in path expression
CWE-706 Python py/tarslip Arbitrary file write during tarfile extraction
CWE-706 Python py/xxe XML external entity expansion
CWE-706 Python py/zipslip Arbitrary file access during archive extraction ("Zip Slip")
CWE-706 Python py/tarslip-extended Arbitrary file write during tarfile extraction
CWE-706 Python py/unsafe-unpacking Arbitrary file write during a tarball extraction from a user controlled source
CWE-707 Python py/path-injection Uncontrolled data used in path expression
CWE-707 Python py/command-line-injection Uncontrolled command line
CWE-707 Python py/shell-command-constructed-from-input Unsafe shell command constructed from library input
CWE-707 Python py/jinja2/autoescape-false Jinja2 templating with autoescape=False
CWE-707 Python py/reflective-xss Reflected server-side cross-site scripting
CWE-707 Python py/sql-injection SQL query built from user-controlled sources
CWE-707 Python py/ldap-injection LDAP query built from user-controlled sources
CWE-707 Python py/code-injection Code injection
CWE-707 Python py/http-response-splitting HTTP Response Splitting
CWE-707 Python py/bad-tag-filter Bad HTML filtering regexp
CWE-707 Python py/log-injection Log Injection
CWE-707 Python py/xpath-injection XPath query built from user-controlled sources
CWE-707 Python py/nosql-injection NoSQL Injection
CWE-707 Python py/template-injection Server Side Template Injection
CWE-707 Python py/paramiko-command-injection RCE with user provided command with paramiko ssh client
CWE-707 Python py/reflective-xss-email Reflected server-side cross-site scripting
CWE-707 Python py/xslt-injection XSLT query built from user-controlled sources
CWE-707 Python py/unicode-bypass-validation Bypass Logical Validation Using Unicode Characters
CWE-710 Python py/equals-hash-mismatch Inconsistent equality and hashing
CWE-710 Python py/call/wrong-named-class-argument Wrong name for an argument in a class instantiation
CWE-710 Python py/call/wrong-number-class-arguments Wrong number of arguments in a class instantiation
CWE-710 Python py/unreachable-except Unreachable 'except' block
CWE-710 Python py/super-not-enclosing-class First argument to super() is not enclosing class
CWE-710 Python py/comparison-of-constants Comparison of constants
CWE-710 Python py/comparison-of-identical-expressions Comparison of identical values
CWE-710 Python py/comparison-missing-self Maybe missing 'self' in comparison
CWE-710 Python py/redundant-comparison Redundant comparison
CWE-710 Python py/duplicate-key-dict-literal Duplicate key in dict literal
CWE-710 Python py/call/wrong-named-argument Wrong name for an argument in a call
CWE-710 Python py/percent-format/wrong-arguments Wrong number of arguments for format
CWE-710 Python py/call/wrong-arguments Wrong number of arguments in a call
CWE-710 Python py/import-deprecated-module Import of deprecated module
CWE-710 Python py/hardcoded-credentials Hard-coded credentials
CWE-710 Python py/constant-conditional-expression Constant in conditional expression or statement
CWE-710 Python py/redundant-assignment Redundant assignment
CWE-710 Python py/ineffectual-statement Statement has no effect
CWE-710 Python py/unreachable-statement Unreachable code
CWE-710 Python py/multiple-definition Variable defined multiple times
CWE-710 Python py/unused-local-variable Unused local variable
CWE-710 Python py/unused-global-variable Unused global variable
CWE-732 Python py/overly-permissive-file Overly permissive file permissions
CWE-754 Python py/ignored-return-value Ignored return value
CWE-755 Python py/catch-base-exception Except block handles 'BaseException'
CWE-755 Python py/empty-except Empty except
CWE-755 Python py/stack-trace-exposure Information exposure through an exception
CWE-770 Python py/unicode-dos Denial of Service using Unicode Characters
CWE-772 Python py/file-not-closed File is not always closed
CWE-776 Python py/xml-bomb XML internal entity expansion
CWE-776 Python py/simple-xml-rpc-server-dos SimpleXMLRPCServer denial of service
CWE-798 Python py/hardcoded-credentials Hard-coded credentials
CWE-827 Python py/xxe XML external entity expansion
CWE-829 Python py/xxe XML external entity expansion
CWE-834 Python py/xml-bomb XML internal entity expansion
CWE-834 Python py/simple-xml-rpc-server-dos SimpleXMLRPCServer denial of service
CWE-913 Python py/code-injection Code injection
CWE-913 Python py/unsafe-deserialization Deserialization of user-controlled data
CWE-916 Python py/weak-sensitive-data-hashing Use of a broken or weak cryptographic hashing algorithm on sensitive data
CWE-918 Python py/full-ssrf Full server-side request forgery
CWE-918 Python py/partial-ssrf Partial server-side request forgery
CWE-922 Python py/clear-text-logging-sensitive-data Clear-text logging of sensitive information
CWE-922 Python py/clear-text-storage-sensitive-data Clear-text storage of sensitive information
CWE-943 Python py/sql-injection SQL query built from user-controlled sources
CWE-943 Python py/ldap-injection LDAP query built from user-controlled sources
CWE-943 Python py/xpath-injection XPath query built from user-controlled sources
CWE-943 Python py/nosql-injection NoSQL Injection
CWE-943 Python py/xslt-injection XSLT query built from user-controlled sources
CWE-1236 Python py/csv-injection Csv Injection
CWE-1333 Python py/polynomial-redos Polynomial regular expression used on uncontrolled data
CWE-1333 Python py/redos Inefficient regular expression
  • © GitHub, Inc.
  • Terms
  • Privacy