CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
      • Airflow
      • Attr
      • Aws-lambda
      • Bokeh
      • Boto3
      • Cassandra
      • Click
      • Correctness
      • Couchbase
      • Cryptography
      • Distributed
      • Django
      • Docker
      • Elasticsearch
      • Fastapi
      • Flask
      • Jinja2
      • Jwt
      • Lang
        • Best practice
        • Code
        • Compatibility
        • Correctness
        • Correctness
        • Deserialization
        • File
        • Hardcoded
        • Maintainability
        • Os
        • Security
        • Security
          • Audit
          • Audit
            • Insecure-transport
            • Logging
            • Network
            • Paramiko
            • Sqli
          • Deserialization
      • Ldap3
      • Mariadb
      • Mysql
      • Mysqlclient
      • Neo4j
      • Openai
      • Peewee
      • Pg8000
      • Psycopg2
      • Pycryptodome
      • Pyjwt
      • Pymongo
      • Pymssql
      • Pymysql
      • Pyramid
      • Redis
      • Requests
      • Sh
      • Sqlalchemy
      • Tormysql
      • Urllib3
      • Webrepl
      • Wtforms
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Audit

Network

disabled-cert-validation

certificate verification explicitly disabled, insecure connections possible
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- CWE-295: Improper Certificate Validation
OWASP:
- A03:2017 - Sensitive Data Exposure
- A07:2021 - Identification and Authentication Failures

avoid-bind-to-all-interfaces

Running socket.bind to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file.
Likelihood: HIGH
Confidence: HIGH
CWE:
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
OWASP:
- A01:2021 - Broken Access Control

http-not-https-connection

Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-319: Cleartext Transmission of Sensitive Information
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
LoggingParamiko
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.