Bandit
Auditor Job Name: Bandit Scan
Auditor image: registry.gitlab.com/whitespots-public/security-images/bandit:1.7.5
AppSec Portal Importer Name: Bandit Scan, GitLab Bandit
Bandit scaner and Bandit scaner (GitLab) has a wide range of plugins to detect various types of security vulnerabilities, including SQL injection, cross-site scripting, and hardcoded passwords. It can also detect insecure use of cryptography, such as weak encryption algorithms or incorrect usage of hash functions.
Curl example
plaintextcurl -X POST localhost/api/v1/scan/import/ -H "Authorization: Token a75bb26171cf391671e67b128bfc8ae1c779ff7b" -H "Content-Type: multipart/form-data" -F "file=@./bandit.json" -F "product_name=Product1" -F "product_type=Application" -F "scanner_name=Bandit Scan" -F "branch=dev" -F "repository=git@gitlab.com:whitespots-public/appsec-portal.git"
plaintextcurl -X POST localhost/api/v1/scan/import/ -H "Authorization: Token a75bb26171cf391671e67b128bfc8ae1c779ff7b" -H "Content-Type: multipart/form-data" -F "file=@./bandit.json" -F "product_name=Product1" -F "product_type=Application" -F "scanner_name=GitLab Bandit" -F "branch=dev" -F "repository=git@gitlab.com:whitespots-public/appsec-portal.git"
In this command, the following parameters are used:
-X POST: specifies the HTTP method to be used (in this case, POST)-H "Authorization: Token <authorization_token>": specifies the authorization token obtained from AppSec Portal.-H "Content-Type: multipart/form-data": specifies the content type of the request.-F "file=@<report_file_path>": specifies the path to the report file generated by the scanner.-F "product_name=<product_name>": specifies the name of the product being scanned.-F "product_type=<product_type>": specifies the type of the product being scanned.-F "scanner_name=<scanner_name>": specifies the name of the scanner used to generate the report (Bandit Scan or GitLab Bandit)-F "branch=<branch_name>": (optional) specifies the name of the branch in the source code repository (if applicable) This parameter is particularly useful when you want to associate the scan results with a specific branch in your repository. If not provided, the scan will be associated with the default branch
Asset information, if an auditor is used
-F "repository=<repository SSH URL>": If your product is code in a repository enter the address of your repository in a specific format, for example: git@gitlab.com:whitespots-public/appsec-portal.git-
-F "docker_image=<registry address>": If your product is image enter the address of the registry where your product is located, for example: registry.gitlab.com/whitespots-public/appsec-portal/back/auto_validator:latest -F "domain=<domain>": If your product is web enter the domain name of your product, for example: whitespots.io-F "host=<host>": If your product is web enter the IP address of your product, for example: 0.0.0.0
Report example:
plaintext{ "errors": [], "generated_at": "2023-12-26T14:29:38Z", "metrics": { "./bad/api_list.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 14, "nosec": 0, "skipped_tests": 0 }, "./bad/api_post.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 2, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./bad/brute.py": { "CONFIDENCE.HIGH": 2, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 2, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./bad/db.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 18, "nosec": 0, "skipped_tests": 0 }, "./bad/db_init.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 32, "nosec": 0, "skipped_tests": 0 }, "./bad/libapi.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 3, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 22, "nosec": 0, "skipped_tests": 0 }, "./bad/libmfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 55, "nosec": 0, "skipped_tests": 0 }, "./bad/libposts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 18, "nosec": 0, "skipped_tests": 0 }, "./bad/libsession.py": { "CONFIDENCE.HIGH": 1, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 20, "nosec": 0, "skipped_tests": 0 }, "./bad/libuser.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 3, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 38, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_api.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 50, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_csp.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_hello.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_mfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 42, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_posts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_user.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 51, "nosec": 0, "skipped_tests": 0 }, "./bad/vulpy-ssl.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 4, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./bad/vulpy.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 41, "nosec": 0, "skipped_tests": 0 }, "./good/cutpasswd.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 13, "nosec": 0, "skipped_tests": 0 }, "./good/db_init.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 33, "nosec": 0, "skipped_tests": 0 }, "./good/httpbrute.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./good/libapi.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 37, "nosec": 0, "skipped_tests": 0 }, "./good/libmfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 55, "nosec": 0, "skipped_tests": 0 }, "./good/libposts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 18, "nosec": 0, "skipped_tests": 0 }, "./good/libsession.py": { "CONFIDENCE.HIGH": 1, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 39, "nosec": 0, "skipped_tests": 0 }, "./good/libuser.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 90, "nosec": 0, "skipped_tests": 0 }, "./good/mod_api.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 47, "nosec": 0, "skipped_tests": 0 }, "./good/mod_csp.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./good/mod_hello.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./good/mod_mfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 47, "nosec": 0, "skipped_tests": 0 }, "./good/mod_posts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./good/mod_user.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 58, "nosec": 0, "skipped_tests": 0 }, "./good/mod_welcome1.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./good/vulpy-ssl.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 4, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./good/vulpy.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 40, "nosec": 0, "skipped_tests": 0 }, "./test_code.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 2, "nosec": 0, "skipped_tests": 0 }, "./utils/aes-decrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 20, "nosec": 0, "skipped_tests": 0 }, "./utils/aes-encrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 21, "nosec": 0, "skipped_tests": 0 }, "./utils/ca-create.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 3, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 43, "nosec": 0, "skipped_tests": 0 }, "./utils/ca-csr-create.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 26, "nosec": 0, "skipped_tests": 0 }, "./utils/ca-csr-load.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 4, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 4, "SEVERITY.UNDEFINED": 0, "loc": 27, "nosec": 0, "skipped_tests": 0 }, "./utils/crack-cvv.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 15, "nosec": 0, "skipped_tests": 0 }, "./utils/crack-hash.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 15, "nosec": 0, "skipped_tests": 0 }, "./utils/fernet-generate-key.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 3, "nosec": 0, "skipped_tests": 0 }, "./utils/generate_bad_passwords.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 29, "nosec": 0, "skipped_tests": 0 }, "./utils/hashfile.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 14, "nosec": 0, "skipped_tests": 0 }, "./utils/hmac_generate.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 13, "nosec": 0, "skipped_tests": 0 }, "./utils/httpbrute.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 24, "nosec": 0, "skipped_tests": 0 }, "./utils/luncheck.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 13, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-decrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 21, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-encrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 20, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-keygen.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-sign.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 27, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-verify.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 31, "nosec": 0, "skipped_tests": 0 }, "./utils/scrypt-crack.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 36, "nosec": 0, "skipped_tests": 0 }, "./utils/scrypt-generate.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./utils/scrypt-verify.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 28, "nosec": 0, "skipped_tests": 0 }, "./utils/skey.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 22, "nosec": 0, "skipped_tests": 0 }, "_totals": { "CONFIDENCE.HIGH": 4, "CONFIDENCE.LOW": 6, "CONFIDENCE.MEDIUM": 39, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 4, "SEVERITY.LOW": 9, "SEVERITY.MEDIUM": 36, "SEVERITY.UNDEFINED": 0, "loc": 1558, "nosec": 0, "skipped_tests": 0 } }, "results": [ { "code": "5 \n6 api_key_file = Path('/tmp/supersecret.txt')\n7 \n", "col_offset": 20, "end_col_offset": 42, "filename": "./bad/api_post.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 6, "line_range": [ 6 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "18 for u,p in users:\n19 c.execute(\"INSERT INTO users (user, password, failures) VALUES ('%s', '%s', '%d')\" %(u, p, 0))\n20 \n", "col_offset": 18, "end_col_offset": 90, "filename": "./bad/db.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 19, "line_range": [ 19 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "19 for u,p in users:\n20 c.execute(\"INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')\" %(u, p, 0, 0, ''))\n21 \n", "col_offset": 18, "end_col_offset": 131, "filename": "./bad/db_init.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 20, "line_range": [ 20 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "15 \n16 for f in Path('/tmp/').glob('vulpy.apikey.' + username + '.*'):\n17 print('removing', f)\n", "col_offset": 18, "end_col_offset": 25, "filename": "./bad/libapi.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 16, "line_range": [ 16 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "19 \n20 keyfile = '/tmp/vulpy.apikey.{}.{}'.format(username, key)\n21 \n", "col_offset": 14, "end_col_offset": 39, "filename": "./bad/libapi.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 20, "line_range": [ 20 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "32 \n33 for f in Path('/tmp/').glob('vulpy.apikey.*.' + key):\n34 return f.name.split('.')[2]\n", "col_offset": 18, "end_col_offset": 25, "filename": "./bad/libapi.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 33, "line_range": [ 33 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "11 \n12 user = c.execute(\"SELECT * FROM users WHERE username = '{}' and password = '{}'\".format(username, password)).fetchone()\n13 \n", "col_offset": 21, "end_col_offset": 84, "filename": "./bad/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 12, "line_range": [ 12 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "24 \n25 c.execute(\"INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')\" %(username, password, 0, 0, ''))\n26 \n", "col_offset": 14, "end_col_offset": 127, "filename": "./bad/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 25, "line_range": [ 25 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "52 \n53 c.execute(\"UPDATE users SET password = '{}' WHERE username = '{}'\".format(password, username))\n54 conn.commit()\n", "col_offset": 14, "end_col_offset": 70, "filename": "./bad/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 53, "line_range": [ 53 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 0, "end_col_offset": 86, "filename": "./bad/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 51, "end_col_offset": 67, "filename": "./bad/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 69, "end_col_offset": 84, "filename": "./bad/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "54 \n55 app.run(debug=True, host='127.0.1.1', port=5000, extra_files='csp.txt')\n", "col_offset": 0, "end_col_offset": 71, "filename": "./bad/vulpy.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 55, "line_range": [ 55 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "2 \n3 with open('/tmp/darkweb2017-top10000.txt') as f:\n4 for password in f.readlines():\n", "col_offset": 10, "end_col_offset": 41, "filename": "./good/cutpasswd.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 3, "line_range": [ 3 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "60 c = conn.cursor()\n61 c.execute(\"INSERT INTO users (username, password, salt, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%s', '%d', '%d', '%s')\" %(username, '', '', 0, 0, ''))\n62 conn.commit()\n", "col_offset": 14, "end_col_offset": 139, "filename": "./good/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 61, "line_range": [ 61 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 0, "end_col_offset": 86, "filename": "./good/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 51, "end_col_offset": 67, "filename": "./good/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 69, "end_col_offset": 84, "filename": "./good/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "52 \n53 app.run(debug=True, host='127.0.1.1', port=5001, extra_files='csp.txt')\n54 \n", "col_offset": 0, "end_col_offset": 71, "filename": "./good/vulpy.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 53, "line_range": [ 53 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "30 \n31 with open('/tmp/ca.key', 'wb') as out:\n32 out.write(pem_private)\n", "col_offset": 10, "end_col_offset": 23, "filename": "./utils/ca-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 31, "line_range": [ 31 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "33 \n34 with open('/tmp/ca.pub', 'wb') as out:\n35 out.write(pem_public)\n", "col_offset": 10, "end_col_offset": 23, "filename": "./utils/ca-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 34, "line_range": [ 34 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "57 # Write our certificate out to disk.\n58 with open('/tmp/ca.cert', 'wb') as out:\n59 out.write(cert.public_bytes(serialization.Encoding.PEM))\n", "col_offset": 10, "end_col_offset": 24, "filename": "./utils/ca-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 58, "line_range": [ 58 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "11 \n12 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n13 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/ca-csr-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 12, "line_range": [ 12 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "34 # Write our CSR out to disk.\n35 with open(\"/tmp/acme.csr\", \"wb\") as out:\n36 out.write(csr.public_bytes(serialization.Encoding.PEM))\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/ca-csr-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 35, "line_range": [ 35 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "12 \n13 with open(\"/tmp/ca.cert\", \"rb\") as ca_cert_file:\n14 ca_cert = x509.load_pem_x509_certificate(ca_cert_file.read(), default_backend())\n", "col_offset": 10, "end_col_offset": 24, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 13, "line_range": [ 13 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "15 \n16 with open(\"/tmp/acme.csr\", \"rb\") as csr_file:\n17 csr = x509.load_pem_x509_csr(csr_file.read(), default_backend())\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 16, "line_range": [ 16 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "18 \n19 with open(\"/tmp/ca.key\", \"rb\") as key_file:\n20 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 23, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 19, "line_range": [ 19 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "34 # Write our certificate out to disk.\n35 with open('/tmp/acme.cert', 'wb') as out:\n36 out.write(cert.public_bytes(serialization.Encoding.PEM))\n", "col_offset": 10, "end_col_offset": 26, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 35, "line_range": [ 35 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "13 \n14 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n15 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-decrypt.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 14, "line_range": [ 14 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "13 \n14 with open(\"/tmp/acme.pub\", \"rb\") as key_file:\n15 public_key = serialization.load_pem_public_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-encrypt.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 14, "line_range": [ 14 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "25 \n26 with open('/tmp/acme.key', 'wb') as out:\n27 out.write(pem_private)\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-keygen.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 26, "line_range": [ 26 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "28 \n29 with open('/tmp/acme.pub', 'wb') as out:\n30 out.write(pem_public)\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-keygen.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "14 \n15 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n16 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-sign.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 15, "line_range": [ 15 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "15 \n16 with open(\"/tmp/acme.pub\", \"rb\") as key_file:\n17 public_key = serialization.load_pem_public_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-verify.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 16, "line_range": [ 16 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" } ] }