Medium

Showing all detectors for the Python language with medium severity.

Resource leak

Allocated resources are not released properly.

Spawning a process without main module

Using the spawn or forkserver start method without importing the main module might lead to unexpected behavior (for example, it might cause a RuntimeError).

Integer overflow

An integer overflow might might cause security issues when it is used for resource management or execution control.

Insecure hashing

Obsolete, broken, or weak hashing algorithms can lead to security vulnerabilities.

Deadlocks caused by improper multiprocessing API usage

Improper multiprocessing API usage with wrong parameters might lead to deadlocks.

Untrusted AMI images

Improper filtering of Amazon Machine Images (AMIs) can result in loading an untrusted image, a potential security vulnerability.

Sensitive data stored unencrypted due to partial encryption

Encryption that is dependent on conditional logic, such as an if...then clause, might cause unencrypted sensitive data to be stored.

Error prone sequence modification

Sequence modification while iterating over it might cause unexpected bugs.

Hardcoded IP address

Hardcoding an IP address can cause security problems.

Insecure CORS policy

Cross-Origin Resource Sharing policies that are too permissive may lead to security vulnerabilities.

Garbage collection prevention in multiprocessing

Passing a parent process object in a child process can prevent its garbage collection.

Improper input validation

Improper input validation can enable attacks and lead to unwanted behavior.

Missing none check on response metadata

Response metadata was not checked to verify that it is not None.

Missing pagination

Missing pagination on a paginated call can lead to inaccurate results.

Semaphore overflow prevention

When you process and remove an item from the JoinableQueue without calling JoinableQueue.task_done(), a semaphore overflow exception might be thrown.

Insecure temporary file or directory

Insecure ways of creating temporary files and directories can lead to race conditions, privilege escalation, and other security vulnerabilities.

Socket connection timeout

Not setting the connection timeout parameter can cause a blocking socket connection.

Leaky subprocess timeout

Failure to end a child process that doesn't terminate before its timeout expires can result in leaked resources.

Enabling and overriding debug feature

The Debug feature should not be enabled or overridden.

Docker arbitrary container run

Passing an unsanitized user argument to a function call makes your code insecure.

Catastrophic backtracking regex

Inefficient regular expression patterns can lead to catastrophic backtracking.