Audit - CodeAnt AI

Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting ‘debug’ using system environment variables.
Likelihood: HIGH
Confidence: HIGH
CWE:
- CWE-489: Active Debug Code
OWASP:
- A
- 0
- 6
- :
- 2
- 0
- 1
- 7
-

- -
-

- S
- e
- c
- u
- r
- i
- t
- y
-

- M
- i
- s
- c
- o
- n
- f
- i
- g
- u
- r
- a
- t
- i
- o
- n

Found a Flask cookie with insecurely configured properties. By default the secure, httponly and samesite ar configured insecurely. cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(…). If these parameters are not properly set, your cookies are not properly protected and are at risk of being stolen by an attacker. Include the secure=True, httponly=True, samesite='Lax' arguments or set these to be true in the Flask configuration.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-614: Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
OWASP:
- A05:2021 - Security Misconfiguration

Detected Flask route directly returning a formatted string. This is subject to cross-site scripting if user input can reach the string. Consider using the template engine instead and rendering pages with ‘render_template()’.
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
OWASP:
- A07:2017 - Cross-Site Scripting (XSS)
- A03:2021 - Injection

Hardcoded variable TESTING detected. Use environment variables or config files instead
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-489: Active Debug Code
OWASP:
- A05:2021 - Security Misconfiguration

Hardcoded variable SECRET_KEY detected. Use environment variables or config files instead
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-489: Active Debug Code
OWASP:
- A05:2021 - Security Misconfiguration

Hardcoded variable ENV detected. Set this by using FLASK_ENV environment variable
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-489: Active Debug Code
OWASP:
- A05:2021 - Security Misconfiguration

Hardcoded variable DEBUG detected. Set this by using FLASK_DEBUG environment variable
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-489: Active Debug Code
OWASP:
- A05:2021 - Security Misconfiguration

Running flask app with host 0.0.0.0 could expose the server publicly.
Likelihood: HIGH
Confidence: HIGH
CWE:
- CWE-668: Exposure of Resource to Wrong Sphere
OWASP:
- A01:2021 - Broken Access Control

Setting ‘WTF_CSRF_ENABLED’ to ‘False’ explicitly disables CSRF protection.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-352: Cross-Site Request Forgery (CSRF)
OWASP:
- A01:2021 - Broken Access Control

Found a template created with string formatting. This is susceptible to server-side template injection and cross-site scripting attacks.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-96: Improper Neutralization of Directives in Statically Saved Code (‘Static Code Injection’)
OWASP:
- A03:2021 - Injection

top-level app.run(…) is ignored by flask. Consider putting app.run(…) behind a guard, like inside a function
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-668: Exposure of Resource to Wrong Sphere
OWASP:
- A01:2021 - Broken Access Control

The flask.request.host is used to construct an HTTP request. This can lead to host header injection issues. Vulnerabilities that generally occur due to this issue are authentication bypasses, password reset issues, Server-Side-Request-Forgery (SSRF), and many more. It is recommended to validate the URL before passing it to a request library, or using application logic such as authentication or password resets.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-20: Improper Input Validation

Get Started