Amazon CodeGuru
Detector Library
Sign in to CodeGuru
AWS
Documentation
Amazon CodeGuru
Detector Library
Python
Notebook invalid execution order
Feedback
CodeGuru
Detector Library
Python detectors
(123/123)
Improper privilege management
Resource leak
Tensorflow redundant softmax
AWS insecure transmission CDK
Spawning a process without main module
Public method parameter validation
Improper error handling
Integer overflow
Time zone aware datetimes
Catch and swallow exception
Pytorch control sources of randomness
Deadlocks caused by improper multiprocessing API usage
Unauthenticated LDAP requests
Low maintainability with low class cohesion
Untrusted AMI images
Notebook invalid execution order
Confusion between equality and identity in conditional expression
Pytorch sigmoid before bceloss
Path traversal
Loose file permissions
Pytorch data loader with multiple workers
Pytorch avoid softmax with nllloss
Pytorch miss call to zero grad
Error prone sequence modification
Bad exception handling
Use of Default Credentials CDK
Exposure of Sensitive Information CDK
File injection
Incorrect use of Process.terminate API
XML External Entity
Notebook variable redefinition
Pytorch use nondeterministic algoritm
Set SNS Return Subscription ARN
Do not pass generic exception rule
Usage of an API that is not recommended - High Severity
Insecure cryptography
Tensorflow enable ops determinism
Outdated subprocess module API
S3 partial encrypt CDK
Improper input validation
Improper authentication
Cross-site scripting
Missing pagination
Semaphore overflow prevention
Mutable objects as default arguments of functions
Insecure cookie
Violation of PEP8 programming recommendations
Insecure temporary file or directory
Usage of an API that is not recommended - Low Severity
Socket connection timeout
AWS client not reused in a Lambda function
Pytorch assign in place mod
Complex code hard to maintain
Leaky subprocess timeout
Usage of an API that is not recommended
Pytorch disable gradient calculation
Enabling and overriding debug feature
Risky use of dict get method
XPath injection
Missing authorization
Deserialization of untrusted object
Use of an inefficient or incorrect API
Multidimensional list initialization using replication is error prone
SQL injection
Avoid using nondeterministic Tensorflow API
Pytorch miss call to eval
Inefficient string concatenation inside loop
Improper sanitization of wildcards or matching symbols
Improper certificate validation
URL redirection to untrusted site
Mutually exclusive call
Insecure hashing
Notebook best practice violation
Stack trace exposure
Using AutoAddPolicy or WarningPolicy
Use of a deprecated method
Log injection
Weak obfuscation of web request
AWS api logging disabled cdk
OS command injection
AWS credentials logged
Socket close platform compatibility
Zip bomb attack
Unsanitized input is run as code
Sensitive data stored unencrypted due to partial encryption
Synchronous publication of AWS Lambda metrics
Batch request with unchecked failures
Unrestricted upload of dangerous file type
Pytorch redundant softmax
Inefficient polling of AWS resource
Hardcoded interface binding
Hardcoded IP address
Insecure connection using unencrypted protocol
Unauthenticated Amazon SNS unsubscribe requests might succeed
Hardcoded credentials
Insecure Socket Bind
Insecure CORS policy
Cross-site request forgery
Server-side request forgery
Module injection
Unnecessary iteration
Tensorflow control sources of randomness
Garbage collection prevention in multiprocessing
Catch and rethrow exception
Weak algorithm used for Password Hashing
Missing Authentication for Critical Function CDK
Usage of an API that is not recommended - Medium Severity
Missing none check on response metadata
Sensitive information leak
Incorrect binding of SNS publish operations
Client-side KMS reencryption
PyTorch create tensors directly on device
Inefficient new method from hashlib
Dangerous global variables
Multiple values in return statement is prone to error
LDAP injection
Clear text credentials
Override of reserved variable names in a Lambda function
Docker arbitrary container run
Missing S3 bucket owner condition
Direct dict object modification
Catastrophic backtracking regex
AWS missing encryption CDK
Notebook invalid execution order
Medium
Variable used prior to definition when the notebook is run in order of it's execution
Detector ID
python/notebook-invalid-execution-order@v1.0
Category
Code Quality
Common Weakness Enumeration (CWE)
-
Tags
#
machine-learning
#
correctness