Documentation Index
Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
Use this file to discover all available pages before exploring further.
python-pg8000-empty-password
python-pg8000-empty-password
The application creates a database connection with an empty password. This can lead to unauthorized access by either an internal or external malicious actor. To prevent this vulnerability, enforce authentication when connecting to a database by using environment variables to securely provide credentials or retrieving them from a secure vault or HSM (Hardware Security Module).
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-287: Improper Authentication
OWASP:
- A07:2021 - Identification and Authentication Failures
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-287: Improper Authentication
OWASP:
- A07:2021 - Identification and Authentication Failures