Amazon CodeGuruDetector Library Sign in to CodeGuru Reviewer

CodeGuru

Detector Library

Python detectors (102/102)

Improper privilege management Resource leak Inefficient string concatenation inside loop Spawning a process without main module Improper sanitization of wildcards or matching symbols Public method parameter validation Improper error handling Improper certificate validation URL redirection to untrusted site Integer overflow Mutually exclusive call Time zone aware datetimes Catch and swallow exception Insecure hashing Stack trace exposure Using AutoAddPolicy or WarningPolicy Data loss in a batch request Use of a deprecated method Log injection Weak obfuscation of web request Use of `app.run` at top-level Deadlocks caused by improper multiprocessing API usage OS command injection Unauthenticated LDAP requests Low maintainability with high cyclomatic complexity Low maintainability with low class cohesion Untrusted AMI images Confusion between equality and identity in conditional expression Path traversal AWS credentials logged Loose file permissions Socket close platform compatibility Zip bomb attack Unsanitized input is run as code Sensitive data stored unencrypted due to partial encryption Synchronous publication of AWS Lambda metrics Error prone sequence modification Batch request with unchecked failures Avoid Using Blank Password Bad exception handling Unrestricted upload of dangerous file type Inefficient polling of AWS resource Hardcoded interface binding Hardcoded IP address File injection Low maintainability with high function coupling Mass Assignment Insecure connection using unencrypted protocol Incorrect use of Process.terminate API Unauthenticated Amazon SNS unsubscribe requests might succeed Hardcoded credentials Insecure Socket Bind XML External Entity Insecure CORS policy Cross-site request forgery Regular expressions catastrophic backtracking Server-side request forgery Set SNS Return Subscription ARN Module injection Do not pass generic exception rule Unnecessary iteration Insecure cryptography Outdated subprocess module API Garbage collection prevention in multiprocessing Catch and rethrow exception Improper input validation Improper authentication Cross-site scripting Missing none check on response metadata Missing pagination Semaphore overflow prevention Mutable objects as default arguments of functions Insecure cookie Violation of PEP8 programming recommendations Insecure temporary file or directory Incorrect binding of SNS publish operations Incorrect type conversion or cast Client-side KMS reencryption Socket connection timeout AWS client not reused in a Lambda function Complex code hard to maintain Inefficient new method from hashlib Leaky subprocess timeout Usage of an API that is not recommended Dangerous global variables Enabling and overriding debug feature Risky use of dict get method Multiple values in return statement is prone to error LDAP injection XPath injection Clear text credentials Missing authorization AWS Lambda with overly permissive policy Deserialization of untrusted object Use of an inefficient or incorrect API Multidimensional list initialization using replication is error prone Override of reserved variable names in a Lambda function SQL injection Docker arbitrary container run Missing S3 bucket owner condition Low maintainability with large functions Direct dict object modification

Categories

Browse Security detectors

Browse all detectors in the security category.

Browse Code Quality detectors

Browse all detectors in the code quality category.