Amazon CodeGuruDetector Library Sign in to CodeGuru

CodeGuru

Detector Library

Python detectors (107/107)

Improper privilege management Resource leak Inefficient string concatenation inside loop Tensorflow redundant softmax Spawning a process without main module Improper certificate validation URL redirection to untrusted site Integer overflow Mutually exclusive call Time zone aware datetimes Catch and swallow exception Insecure hashing Notebook best practice violation Stack trace exposure Using AutoAddPolicy or WarningPolicy Pytorch control sources of randomness Use of a deprecated method Log injection Weak obfuscation of web request Deadlocks caused by improper multiprocessing API usage OS command injection Unauthenticated LDAP requests Low maintainability with low class cohesion Untrusted AMI images Notebook invalid execution order Confusion between equality and identity in conditional expression Pytorch sigmoid before bceloss Path traversal AWS credentials logged Loose file permissions Pytorch data loader with multiple workers Socket close platform compatibility Pytorch avoid softmax with nllloss Zip bomb attack Pytorch miss call to zero grad Unsanitized input is run as code Sensitive data stored unencrypted due to partial encryption Synchronous publication of AWS Lambda metrics Error prone sequence modification Batch request with unchecked failures Bad exception handling Unrestricted upload of dangerous file type Pytorch redundant softmax Inefficient polling of AWS resource Hardcoded IP address File injection Insecure connection using unencrypted protocol Incorrect use of Process.terminate API Unauthenticated Amazon SNS unsubscribe requests might succeed Hardcoded credentials Insecure Socket Bind XML External Entity Insecure CORS policy Cross-site request forgery Notebook variable redefinition Pytorch use nondeterministic algoritm Server-side request forgery Set SNS Return Subscription ARN Module injection Do not pass generic exception rule Unnecessary iteration Tensorflow control sources of randomness Insecure cryptography Tensorflow enable ops determinism Outdated subprocess module API Garbage collection prevention in multiprocessing Catch and rethrow exception Improper input validation Improper authentication Cross-site scripting Missing none check on response metadata Missing pagination Semaphore overflow prevention Mutable objects as default arguments of functions Insecure cookie Violation of PEP8 programming recommendations Insecure temporary file or directory Incorrect binding of SNS publish operations Client-side KMS reencryption Socket connection timeout AWS client not reused in a Lambda function Pytorch assign in place mod Complex code hard to maintain PyTorch create tensors directly on device Inefficient new method from hashlib Leaky subprocess timeout Usage of an API that is not recommended Pytorch disable gradient calculation Dangerous global variables Enabling and overriding debug feature Risky use of dict get method Multiple values in return statement is prone to error LDAP injection XPath injection Clear text credentials Missing authorization Deserialization of untrusted object Use of an inefficient or incorrect API Multidimensional list initialization using replication is error prone Override of reserved variable names in a Lambda function SQL injection Docker arbitrary container run Missing S3 bucket owner condition Avoid using nondeterministic Tensorflow API Direct dict object modification Catastrophic backtracking regex Pytorch miss call to eval

Categories

Browse Security detectors

Browse all detectors in the security category.

Browse Code Quality detectors

Browse all detectors in the code quality category.