Security - CodeAnt AI

insecure-hashes

Detected cryptographically insecure hashing function
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 2
- 8
- :
-

- U
- s
- e
-

- o
- f
-

- W
- e
- a
- k
-

- H
- a
- s
- h

unsafe-usage

Detected ‘unsafe’ usage, please audit for secure usage
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 4
- 2
- :
-

- U
- s
- e
-

- o
- f
-

- I
- n
- h
- e
- r
- e
- n
- t
- l
- y
-

- D
- a
- n
- g
- e
- r
- o
- u
- s
-

- F
- u
- n
- c
- t
- i
- o
- n

current-exe

current_exe should not be used for security operations. From the docs: “The output of this function should not be trusted for anything that might have security implications. Basically, if users can run the executable, they can change the output arbitrarily.”
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 0
- 7
- :
-

- R
- e
- l
- i
- a
- n
- c
- e
-

- o
- n
-

- U
- n
- t
- r
- u
- s
- t
- e
- d
-

- I
- n
- p
- u
- t
- s
-

- i
- n
-

- a
-

- S
- e
- c
- u
- r
- i
- t
- y
-

- D
- e
- c
- i
- s
- i
- o
- n

reqwest-accept-invalid

Dangerously accepting invalid TLS information
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 9
- 5
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- C
- e
- r
- t
- i
- f
- i
- c
- a
- t
- e
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n

ssl-verify-none

SSL verification disabled, this allows for MitM attacks
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 9
- 5
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- C
- e
- r
- t
- i
- f
- i
- c
- a
- t
- e
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n

temp-dir

temp_dir should not be used for security operations. From the docs: ‘The temporary directory may be shared among users, or between processes with different privileges; thus, the creation of any files or directories in the temporary directory must use a secure method to create a uniquely named file. Creating a file or directory with a fixed or predictable name may result in “insecure temporary file” security vulnerabilities.‘
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 0
- 7
- :
-

- R
- e
- l
- i
- a
- n
- c
- e
-

- o
- n
-

- U
- n
- t
- r
- u
- s
- t
- e
- d
-

- I
- n
- p
- u
- t
- s
-

- i
- n
-

- a
-

- S
- e
- c
- u
- r
- i
- t
- y
-

- D
- e
- c
- i
- s
- i
- o
- n

args

args should not be used for security operations. From the docs: “The first element is traditionally the path of the executable, but it can be set to arbitrary text, and might not even exist. This means this property should not be relied upon for security purposes.”
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 0
- 7
- :
-

- R
- e
- l
- i
- a
- n
- c
- e
-

- o
- n
-

- U
- n
- t
- r
- u
- s
- t
- e
- d
-

- I
- n
- p
- u
- t
- s
-

- i
- n
-

- a
-

- S
- e
- c
- u
- r
- i
- t
- y
-

- D
- e
- c
- i
- s
- i
- o
- n

reqwest-set-sensitive

Set sensitive flag on security headers with ‘set_sensitive’ to treat data with special care
Likelihood: LOW
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 9
- 2
- 1
- :
-

- S
- t
- o
- r
- a
- g
- e
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- D
- a
- t
- a
-

- i
- n
-

- a
-

- M
- e
- c
- h
- a
- n
- i
- s
- m
-

- w
- i
- t
- h
- o
- u
- t
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

args-os

args_os should not be used for security operations. From the docs: “The first element is traditionally the path of the executable, but it can be set to arbitrary text, and might not even exist. This means this property should not be relied upon for security purposes.”
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 0
- 7
- :
-

- R
- e
- l
- i
- a
- n
- c
- e
-

- o
- n
-

- U
- n
- t
- r
- u
- s
- t
- e
- d
-

- I
- n
- p
- u
- t
- s
-

- i
- n
-

- a
-

- S
- e
- c
- u
- r
- i
- t
- y
-

- D
- e
- c
- i
- s
- i
- o
- n

rustls-dangerous

Dangerous client config used, ensure SSL verification
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 9
- 5
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- C
- e
- r
- t
- i
- f
- i
- c
- a
- t
- e
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n

Get Started