| PY001 |
assert |
Improper Check Using assert Function |
| PY002 |
crypt — weak hash |
Reversible One Way Hash in crypt Module |
| PY003 |
ftplib — cleartext |
Cleartext Transmission of Sensitive Information in the ftplib Module |
| PY004 |
hashlib — weak hash |
Reversible One Way Hash in hashlib Module |
| PY005 |
hmac — timing attack |
Observable Timing Discrepancy in hmac Module |
| PY006 |
hmac — weak hash |
Reversible One Way Hash in hmac Module |
| PY007 |
http — secret in url |
Use of HTTP Request Method With Sensitive Query Strings |
| PY008 |
imaplib — cleartext |
Cleartext Transmission of Sensitive Information in the imaplib Module |
| PY009 |
json — load |
Deserialization of Untrusted Data in the json Module |
| PY010 |
logging — insecure listen config |
Code Injection in Logging Config |
| PY011 |
marshal — load |
Deserialization of Untrusted Data in the marshal Module |
| PY012 |
nntplib — cleartext |
Cleartext Transmission of Sensitive Information in the nntplib Module |
| PY013 |
pickle — load |
Deserialization of Untrusted Data in pickle Module |
| PY014 |
poplib — cleartext |
Cleartext Transmission of Sensitive Information in the poplib Module |
| PY015 |
shelve — open |
Deserialization of Untrusted Data in the shelve Module |
| PY016 |
smtplib — cleartext |
Cleartext Transmission of Sensitive Information in the smtplib Module |
| PY017 |
ssl — unverified context |
Inadequate Encryption Strength Using Weak Keys in SSLContext |
| PY018 |
ssl — insecure tls version |
Improper Certificate Validation Using ssl._create_unverified_context |
| PY019 |
ssl — weak key |
Inadequate Encryption Strength Using Weak SSL Protocols |
| PY020 |
telnetlib — cleartext |
Cleartext Transmission of Sensitive Information in the telnetlib Module |
| PY021 |
tempfile — mktemp race condition |
Insecure Temporary File in the tempfile Module |
| PY022 |
ftplib — unverified context |
Improper Certificate Validation Using ftplib |
| PY023 |
imaplib — unverified context |
Improper Certificate Validation Using imaplib |
| PY024 |
nntplib — unverified context |
Improper Certificate Validation Using nntplib |
| PY025 |
poplib — unverified context |
Improper Certificate Validation Using poplib |
| PY026 |
smtplib — unverified context |
Improper Certificate Validation Using smtplib |
| PY027 |
argparse — sensitive info |
Invocation of Process Using Visible Sensitive Information in argparse |
| PY028 |
secrets — weak token |
Insufficient Token Length |
| PY029 |
socket — unrestricted bind |
Binding to an Unrestricted IP Address in socket Module |
| PY030 |
socketserver — unrestricted bind |
Binding to an Unrestricted IP Address in socketserver Module |
| PY031 |
http — unrestricted bind |
Binding to an Unrestricted IP Address in http.server Module |
| PY032 |
xmlrpc — unrestricted bind |
Binding to an Unrestricted IP Address in xmlrpc.server Module |
| PY033 |
re — denial of service |
Inefficient Regular Expression Complexity in re Module |
| PY034 |
hmac — weak key |
Insufficient hmac Key Size |
| PY035 |
hashlib — improper prng |
Improper Randomness for Cryptographic hashlib Functions |
| PY036 |
os — incorrect permission |
Incorrect Permission Assignment for Critical Resource using os Module |
| PY037 |
pathlib — incorrect permission |
Incorrect Permission Assignment for Critical Resource using pathlib Module |