Passwords

password-empty-string

‘

VAR' is the empty string and is being used to set the password on '

MODEL’. If you meant to set an unusable password, set the password to None or call ‘set_unusable_password()’.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-521: Weak Password Requirements
OWASP:
- A07:2021 - Identification and Authentication Failures

use-none-for-password-default

‘

VAR' is using the empty string as its default and is being used to set the password on '

MODEL’. If you meant to set an unusable password, set the default value to ‘None’ or call ‘set_unusable_password()’.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-521: Weak Password Requirements
OWASP:
- A07:2021 - Identification and Authentication Failures

Ssrf Audit

⌘I

Start Here

Setup

Pull Request Review

Scan center

Integrations

IDE

Rule Reference

Resources