Rules

Go Standard Library

ID	Name	Description
GO001	crypto — weak cipher	Use of a Broken or Risky Cryptographic Algorithm in `crypto` Package
GO002	crypto — weak hash	Reversible One Way Hash in `crypto` Package
GO003	crypto — weak key	Inadequate Encryption Strength Using Weak Keys in `crypto` Package

Java Standard Library

ID	Name	Description
JAV001	javax.crypto — weak cipher	Use of a Broken or Risky Cryptographic Algorithm in `javax.crypto` Package
JAV002	java.security — weak hash	Reversible One Way Hash in `java.security` Package
JAV003	java.security — weak key	Inadequate Encryption Strength Using Weak Keys in `java.security` Package
JAV004	java.security — weak random	Use of Cryptographically Weak Pseudo-Random Number Generator `SHA1PRNG`
JAV005	javax.servlet.http — insecure cookie	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
JAV006	java.net — insecure cookie	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Python Standard Library

ID	Name	Description
PY001	assert	Improper Check Using `assert` Function
PY002	crypt — weak hash	Reversible One Way Hash in `crypt` Module
PY003	ftplib — cleartext	Cleartext Transmission of Sensitive Information in the `ftplib` Module
PY004	hashlib — weak hash	Reversible One Way Hash in `hashlib` Module
PY005	hmac — timing attack	Observable Timing Discrepancy in `hmac` Module
PY006	hmac — weak hash	Reversible One Way Hash in `hmac` Module
PY007	http — secret in url	Use of HTTP Request Method With Sensitive Query Strings
PY008	imaplib — cleartext	Cleartext Transmission of Sensitive Information in the `imaplib` Module
PY009	json — load	Deserialization of Untrusted Data in the `json` Module
PY010	logging — insecure listen config	Code Injection in Logging Config
PY011	marshal — load	Deserialization of Untrusted Data in the `marshal` Module
PY012	nntplib — cleartext	Cleartext Transmission of Sensitive Information in the `nntplib` Module
PY013	pickle — load	Deserialization of Untrusted Data in `pickle` Module
PY014	poplib — cleartext	Cleartext Transmission of Sensitive Information in the `poplib` Module
PY015	shelve — open	Deserialization of Untrusted Data in the `shelve` Module
PY016	smtplib — cleartext	Cleartext Transmission of Sensitive Information in the `smtplib` Module
PY017	ssl — unverified context	Inadequate Encryption Strength Using Weak Keys in `SSLContext`
PY018	ssl — insecure tls version	Improper Certificate Validation Using `ssl._create_unverified_context`
PY019	ssl — weak key	Inadequate Encryption Strength Using Weak SSL Protocols
PY020	telnetlib — cleartext	Cleartext Transmission of Sensitive Information in the `telnetlib` Module
PY021	tempfile — mktemp race condition	Insecure Temporary File in the `tempfile` Module
PY022	ftplib — unverified context	Improper Certificate Validation Using `ftplib`
PY023	imaplib — unverified context	Improper Certificate Validation Using `imaplib`
PY024	nntplib — unverified context	Improper Certificate Validation Using `nntplib`
PY025	poplib — unverified context	Improper Certificate Validation Using `poplib`
PY026	smtplib — unverified context	Improper Certificate Validation Using `smtplib`
PY027	argparse — sensitive info	Invocation of Process Using Visible Sensitive Information in `argparse`
PY028	secrets — weak token	Insufficient Token Length
PY029	socket — unrestricted bind	Binding to an Unrestricted IP Address in `socket` Module
PY030	socketserver — unrestricted bind	Binding to an Unrestricted IP Address in `socketserver` Module
PY031	http — unrestricted bind	Binding to an Unrestricted IP Address in `http.server` Module
PY032	xmlrpc — unrestricted bind	Binding to an Unrestricted IP Address in `xmlrpc.server` Module
PY033	re — denial of service	Inefficient Regular Expression Complexity in `re` Module
PY034	hmac — weak key	Insufficient `hmac` Key Size
PY035	hashlib — improper prng	Improper Randomness for Cryptographic `hashlib` Functions