Bandit

Auditor Job Name: Bandit Scan
Auditor image: registry.gitlab.com/whitespots-public/security-images/bandit:1.7.5
AppSec Portal Importer Name: Bandit Scan, GitLab Bandit

Bandit scaner and Bandit scaner (GitLab) has a wide range of plugins to detect various types of security vulnerabilities, including SQL injection, cross-site scripting, and hardcoded passwords. It can also detect insecure use of cryptography, such as weak encryption algorithms or incorrect usage of hash functions.

Curl example

plaintext
curl -X POST localhost/api/v1/scan/import/ -H "Authorization: Token a75bb26171cf391671e67b128bfc8ae1c779ff7b" -H "Content-Type: multipart/form-data" -F "file=@./bandit.json" -F "product_name=Product1" -F "product_type=Application" -F "scanner_name=Bandit Scan" -F "branch=dev" -F "repository=git@gitlab.com:whitespots-public/appsec-portal.git"
plaintext
curl -X POST localhost/api/v1/scan/import/ -H "Authorization: Token a75bb26171cf391671e67b128bfc8ae1c779ff7b" -H "Content-Type: multipart/form-data" -F "file=@./bandit.json" -F "product_name=Product1" -F "product_type=Application" -F "scanner_name=GitLab Bandit" -F "branch=dev" -F "repository=git@gitlab.com:whitespots-public/appsec-portal.git"

In this command, the following parameters are used:

  1. -X POST: specifies the HTTP method to be used (in this case, POST)
  2. -H "Authorization: Token <authorization_token>": specifies the authorization token obtained from AppSec Portal.
  3. -H "Content-Type: multipart/form-data": specifies the content type of the request.
  4. -F "file=@<report_file_path>": specifies the path to the report file generated by the scanner.
  5. -F "product_name=<product_name>": specifies the name of the product being scanned.
  6. -F "product_type=<product_type>": specifies the type of the product being scanned.
  7. -F "scanner_name=<scanner_name>": specifies the name of the scanner used to generate the report (Bandit Scan or GitLab Bandit)
  8. -F "branch=<branch_name>": (optional) specifies the name of the branch in the source code repository (if applicable) This parameter is particularly useful when you want to associate the scan results with a specific branch in your repository. If not provided, the scan will be associated with the default branch

Asset information, if an auditor is used

  1. -F "repository=<repository SSH URL>": If your product is code in a repository enter the address of your repository in a specific format, for example: git@gitlab.com:whitespots-public/appsec-portal.git
  2. -F "docker_image=<registry address>": If your product is image enter the address of the registry where your product is located, for example: registry.gitlab.com/whitespots-public/appsec-portal/back/auto_validator:latest
  3. -F "domain=<domain>": If your product is web enter the domain name of your product, for example: whitespots.io
  4. -F "host=<host>": If your product is web enter the IP address of your product, for example: 0.0.0.0

Report example:

plaintext
{


  "errors": [],


  "generated_at": "2023-12-26T14:29:38Z",


  "metrics": {


    "./bad/api_list.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 1,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 14,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/api_post.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 2,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 3,


      "SEVERITY.UNDEFINED": 0,


      "loc": 23,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/brute.py": {


      "CONFIDENCE.HIGH": 2,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 2,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 19,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/db.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 18,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/db_init.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 32,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/libapi.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 3,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 3,


      "SEVERITY.UNDEFINED": 0,


      "loc": 22,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/libmfa.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 55,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/libposts.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 18,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/libsession.py": {


      "CONFIDENCE.HIGH": 1,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 1,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 20,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/libuser.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 3,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 3,


      "SEVERITY.UNDEFINED": 0,


      "loc": 38,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/mod_api.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 50,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/mod_csp.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 5,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/mod_hello.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 5,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/mod_mfa.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 42,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/mod_posts.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 23,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/mod_user.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 51,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/vulpy-ssl.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 4,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 1,


      "SEVERITY.LOW": 1,


      "SEVERITY.MEDIUM": 2,


      "SEVERITY.UNDEFINED": 0,


      "loc": 19,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./bad/vulpy.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 2,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 1,


      "SEVERITY.LOW": 1,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 41,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/cutpasswd.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 13,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/db_init.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 33,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/httpbrute.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 1,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 19,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/libapi.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 1,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 37,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/libmfa.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 55,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/libposts.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 18,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/libsession.py": {


      "CONFIDENCE.HIGH": 1,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 1,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 39,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/libuser.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 90,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/mod_api.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 47,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/mod_csp.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 5,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/mod_hello.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 5,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/mod_mfa.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 47,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/mod_posts.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 23,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/mod_user.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 58,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/mod_welcome1.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 19,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/vulpy-ssl.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 4,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 1,


      "SEVERITY.LOW": 1,


      "SEVERITY.MEDIUM": 2,


      "SEVERITY.UNDEFINED": 0,


      "loc": 19,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./good/vulpy.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 2,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 1,


      "SEVERITY.LOW": 1,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 40,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./test_code.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 2,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/aes-decrypt.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 20,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/aes-encrypt.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 21,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/ca-create.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 3,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 3,


      "SEVERITY.UNDEFINED": 0,


      "loc": 43,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/ca-csr-create.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 2,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 2,


      "SEVERITY.UNDEFINED": 0,


      "loc": 26,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/ca-csr-load.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 4,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 4,


      "SEVERITY.UNDEFINED": 0,


      "loc": 27,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/crack-cvv.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 15,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/crack-hash.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 15,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/fernet-generate-key.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 3,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/generate_bad_passwords.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 1,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 29,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/hashfile.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 14,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/hmac_generate.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 13,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/httpbrute.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 1,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 24,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/luncheck.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 13,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/rsa-decrypt.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 21,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/rsa-encrypt.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 20,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/rsa-keygen.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 2,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 2,


      "SEVERITY.UNDEFINED": 0,


      "loc": 23,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/rsa-sign.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 27,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/rsa-verify.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 1,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 1,


      "SEVERITY.UNDEFINED": 0,


      "loc": 31,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/scrypt-crack.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 36,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/scrypt-generate.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 23,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/scrypt-verify.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 28,


      "nosec": 0,


      "skipped_tests": 0


    },


    "./utils/skey.py": {


      "CONFIDENCE.HIGH": 0,


      "CONFIDENCE.LOW": 0,


      "CONFIDENCE.MEDIUM": 0,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 0,


      "SEVERITY.LOW": 0,


      "SEVERITY.MEDIUM": 0,


      "SEVERITY.UNDEFINED": 0,


      "loc": 22,


      "nosec": 0,


      "skipped_tests": 0


    },


    "_totals": {


      "CONFIDENCE.HIGH": 4,


      "CONFIDENCE.LOW": 6,


      "CONFIDENCE.MEDIUM": 39,


      "CONFIDENCE.UNDEFINED": 0,


      "SEVERITY.HIGH": 4,


      "SEVERITY.LOW": 9,


      "SEVERITY.MEDIUM": 36,


      "SEVERITY.UNDEFINED": 0,


      "loc": 1558,


      "nosec": 0,


      "skipped_tests": 0


    }


  },


  "results": [


    {


      "code": "5 \n6 api_key_file = Path('/tmp/supersecret.txt')\n7 \n",


      "col_offset": 20,


      "end_col_offset": 42,


      "filename": "./bad/api_post.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 6,


      "line_range": [


        6


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "18     for u,p in users:\n19         c.execute(\"INSERT INTO users (user, password, failures) VALUES ('%s', '%s', '%d')\" %(u, p, 0))\n20 \n",


      "col_offset": 18,


      "end_col_offset": 90,


      "filename": "./bad/db.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 89,


        "link": "https://cwe.mitre.org/data/definitions/89.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Possible SQL injection vector through string-based query construction.",


      "line_number": 19,


      "line_range": [


        19


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html",


      "test_id": "B608",


      "test_name": "hardcoded_sql_expressions"


    },


    {


      "code": "19     for u,p in users:\n20         c.execute(\"INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')\" %(u, p, 0, 0, ''))\n21 \n",


      "col_offset": 18,


      "end_col_offset": 131,


      "filename": "./bad/db_init.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 89,


        "link": "https://cwe.mitre.org/data/definitions/89.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Possible SQL injection vector through string-based query construction.",


      "line_number": 20,


      "line_range": [


        20


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html",


      "test_id": "B608",


      "test_name": "hardcoded_sql_expressions"


    },


    {


      "code": "15 \n16     for f in Path('/tmp/').glob('vulpy.apikey.' + username + '.*'):\n17         print('removing', f)\n",


      "col_offset": 18,


      "end_col_offset": 25,


      "filename": "./bad/libapi.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 16,


      "line_range": [


        16


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "19 \n20     keyfile = '/tmp/vulpy.apikey.{}.{}'.format(username, key)\n21 \n",


      "col_offset": 14,


      "end_col_offset": 39,


      "filename": "./bad/libapi.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 20,


      "line_range": [


        20


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "32 \n33     for f in Path('/tmp/').glob('vulpy.apikey.*.' + key):\n34         return f.name.split('.')[2]\n",


      "col_offset": 18,


      "end_col_offset": 25,


      "filename": "./bad/libapi.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 33,


      "line_range": [


        33


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "11 \n12     user = c.execute(\"SELECT * FROM users WHERE username = '{}' and password = '{}'\".format(username, password)).fetchone()\n13 \n",


      "col_offset": 21,


      "end_col_offset": 84,


      "filename": "./bad/libuser.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 89,


        "link": "https://cwe.mitre.org/data/definitions/89.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Possible SQL injection vector through string-based query construction.",


      "line_number": 12,


      "line_range": [


        12


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html",


      "test_id": "B608",


      "test_name": "hardcoded_sql_expressions"


    },


    {


      "code": "24 \n25     c.execute(\"INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')\" %(username, password, 0, 0, ''))\n26 \n",


      "col_offset": 14,


      "end_col_offset": 127,


      "filename": "./bad/libuser.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 89,


        "link": "https://cwe.mitre.org/data/definitions/89.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Possible SQL injection vector through string-based query construction.",


      "line_number": 25,


      "line_range": [


        25


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html",


      "test_id": "B608",


      "test_name": "hardcoded_sql_expressions"


    },


    {


      "code": "52 \n53     c.execute(\"UPDATE users SET password = '{}' WHERE username = '{}'\".format(password, username))\n54     conn.commit()\n",


      "col_offset": 14,


      "end_col_offset": 70,


      "filename": "./bad/libuser.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 89,


        "link": "https://cwe.mitre.org/data/definitions/89.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Possible SQL injection vector through string-based query construction.",


      "line_number": 53,


      "line_range": [


        53


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html",


      "test_id": "B608",


      "test_name": "hardcoded_sql_expressions"


    },


    {


      "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n",


      "col_offset": 0,


      "end_col_offset": 86,


      "filename": "./bad/vulpy-ssl.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 94,


        "link": "https://cwe.mitre.org/data/definitions/94.html"


      },


      "issue_severity": "HIGH",


      "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.",


      "line_number": 29,


      "line_range": [


        29


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html",


      "test_id": "B201",


      "test_name": "flask_debug_true"


    },


    {


      "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n",


      "col_offset": 51,


      "end_col_offset": 67,


      "filename": "./bad/vulpy-ssl.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 29,


      "line_range": [


        29


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n",


      "col_offset": 69,


      "end_col_offset": 84,


      "filename": "./bad/vulpy-ssl.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 29,


      "line_range": [


        29


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "54 \n55 app.run(debug=True, host='127.0.1.1', port=5000, extra_files='csp.txt')\n",


      "col_offset": 0,


      "end_col_offset": 71,


      "filename": "./bad/vulpy.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 94,


        "link": "https://cwe.mitre.org/data/definitions/94.html"


      },


      "issue_severity": "HIGH",


      "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.",


      "line_number": 55,


      "line_range": [


        55


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html",


      "test_id": "B201",


      "test_name": "flask_debug_true"


    },


    {


      "code": "2 \n3 with open('/tmp/darkweb2017-top10000.txt') as f:\n4     for password in f.readlines():\n",


      "col_offset": 10,


      "end_col_offset": 41,


      "filename": "./good/cutpasswd.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 3,


      "line_range": [


        3


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "60     c = conn.cursor()\n61     c.execute(\"INSERT INTO users (username, password, salt, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%s', '%d', '%d', '%s')\" %(username, '', '', 0, 0, ''))\n62     conn.commit()\n",


      "col_offset": 14,


      "end_col_offset": 139,


      "filename": "./good/libuser.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 89,


        "link": "https://cwe.mitre.org/data/definitions/89.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Possible SQL injection vector through string-based query construction.",


      "line_number": 61,


      "line_range": [


        61


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html",


      "test_id": "B608",


      "test_name": "hardcoded_sql_expressions"


    },


    {


      "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n",


      "col_offset": 0,


      "end_col_offset": 86,


      "filename": "./good/vulpy-ssl.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 94,


        "link": "https://cwe.mitre.org/data/definitions/94.html"


      },


      "issue_severity": "HIGH",


      "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.",


      "line_number": 29,


      "line_range": [


        29


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html",


      "test_id": "B201",


      "test_name": "flask_debug_true"


    },


    {


      "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n",


      "col_offset": 51,


      "end_col_offset": 67,


      "filename": "./good/vulpy-ssl.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 29,


      "line_range": [


        29


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n",


      "col_offset": 69,


      "end_col_offset": 84,


      "filename": "./good/vulpy-ssl.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 29,


      "line_range": [


        29


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "52 \n53 app.run(debug=True, host='127.0.1.1', port=5001, extra_files='csp.txt')\n54 \n",


      "col_offset": 0,


      "end_col_offset": 71,


      "filename": "./good/vulpy.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 94,


        "link": "https://cwe.mitre.org/data/definitions/94.html"


      },


      "issue_severity": "HIGH",


      "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.",


      "line_number": 53,


      "line_range": [


        53


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html",


      "test_id": "B201",


      "test_name": "flask_debug_true"


    },


    {


      "code": "30 \n31 with open('/tmp/ca.key', 'wb') as out:\n32     out.write(pem_private)\n",


      "col_offset": 10,


      "end_col_offset": 23,


      "filename": "./utils/ca-create.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 31,


      "line_range": [


        31


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "33 \n34 with open('/tmp/ca.pub', 'wb') as out:\n35     out.write(pem_public)\n",


      "col_offset": 10,


      "end_col_offset": 23,


      "filename": "./utils/ca-create.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 34,


      "line_range": [


        34


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "57 # Write our certificate out to disk.\n58 with open('/tmp/ca.cert', 'wb') as out:\n59     out.write(cert.public_bytes(serialization.Encoding.PEM))\n",


      "col_offset": 10,


      "end_col_offset": 24,


      "filename": "./utils/ca-create.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 58,


      "line_range": [


        58


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "11 \n12 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n13     private_key = serialization.load_pem_private_key(\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/ca-csr-create.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 12,


      "line_range": [


        12


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "34 # Write our CSR out to disk.\n35 with open(\"/tmp/acme.csr\", \"wb\") as out:\n36     out.write(csr.public_bytes(serialization.Encoding.PEM))\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/ca-csr-create.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 35,


      "line_range": [


        35


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "12 \n13 with open(\"/tmp/ca.cert\", \"rb\") as ca_cert_file:\n14     ca_cert = x509.load_pem_x509_certificate(ca_cert_file.read(), default_backend())\n",


      "col_offset": 10,


      "end_col_offset": 24,


      "filename": "./utils/ca-csr-load.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 13,


      "line_range": [


        13


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "15 \n16 with open(\"/tmp/acme.csr\", \"rb\") as csr_file:\n17     csr = x509.load_pem_x509_csr(csr_file.read(), default_backend())\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/ca-csr-load.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 16,


      "line_range": [


        16


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "18 \n19 with open(\"/tmp/ca.key\", \"rb\") as key_file:\n20     private_key = serialization.load_pem_private_key(\n",


      "col_offset": 10,


      "end_col_offset": 23,


      "filename": "./utils/ca-csr-load.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 19,


      "line_range": [


        19


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "34 # Write our certificate out to disk.\n35 with open('/tmp/acme.cert', 'wb') as out:\n36     out.write(cert.public_bytes(serialization.Encoding.PEM))\n",


      "col_offset": 10,


      "end_col_offset": 26,


      "filename": "./utils/ca-csr-load.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 35,


      "line_range": [


        35


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "13 \n14 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n15     private_key = serialization.load_pem_private_key(\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/rsa-decrypt.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 14,


      "line_range": [


        14


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "13 \n14 with open(\"/tmp/acme.pub\", \"rb\") as key_file:\n15     public_key = serialization.load_pem_public_key(\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/rsa-encrypt.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 14,


      "line_range": [


        14


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "25 \n26 with open('/tmp/acme.key', 'wb') as out:\n27     out.write(pem_private)\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/rsa-keygen.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 26,


      "line_range": [


        26


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "28 \n29 with open('/tmp/acme.pub', 'wb') as out:\n30     out.write(pem_public)\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/rsa-keygen.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 29,


      "line_range": [


        29


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "14 \n15 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n16     private_key = serialization.load_pem_private_key(\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/rsa-sign.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 15,


      "line_range": [


        15


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    },


    {


      "code": "15 \n16 with open(\"/tmp/acme.pub\", \"rb\") as key_file:\n17     public_key = serialization.load_pem_public_key(\n",


      "col_offset": 10,


      "end_col_offset": 25,


      "filename": "./utils/rsa-verify.py",


      "issue_confidence": "MEDIUM",


      "issue_cwe": {


        "id": 377,


        "link": "https://cwe.mitre.org/data/definitions/377.html"


      },


      "issue_severity": "MEDIUM",


      "issue_text": "Probable insecure usage of temp file/directory.",


      "line_number": 16,


      "line_range": [


        16


      ],


      "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html",


      "test_id": "B108",


      "test_name": "hardcoded_tmp_directory"


    }


  ]


}
Previous
Code Scanners
Next
Brakeman