Amazon CodeGuru
Detector Library
Sign in to CodeGuru Reviewer
AWS
Documentation
Amazon CodeGuru
Detector Library
Python
Synchronous publication of AWS Lambda metrics
Feedback
CodeGuru
Detector Library
Python detectors
(86/86)
Improper privilege management
Resource leak
Inefficient string concatenation inside loop
Spawning a process without main module
Improper sanitization of wildcards or matching symbols
Improper certificate validation
URL redirection to untrusted site
Integer overflow
Mutually exclusive call
Time zone aware datetimes
Catch and swallow exception
Insecure hashing
Stack trace exposure
Using AutoAddPolicy or WarningPolicy
Use of a deprecated method
Log injection
Weak obfuscation of web request
Deadlocks caused by improper multiprocessing API usage
OS command injection
Unauthenticated LDAP requests
Low maintainability with low class cohesion
Untrusted AMI images
Confusion between equality and identity in conditional expression
Path traversal
AWS credentials logged
Loose file permissions
Socket close platform compatibility
Zip bomb attack
Unsanitized input is run as code
Sensitive data stored unencrypted due to partial encryption
Synchronous publication of AWS Lambda metrics
Error prone sequence modification
Batch request with unchecked failures
Bad exception handling
Unrestricted upload of dangerous file type
Inefficient polling of AWS resource
Hardcoded IP address
Insecure connection using unencrypted protocol
Incorrect use of Process.terminate API
Unauthenticated Amazon SNS unsubscribe requests might succeed
Hardcoded credentials
Insecure Socket Bind
XML External Entity
Insecure CORS policy
Cross-site request forgery
Set SNS Return Subscription ARN
Do not pass generic exception rule
Unnecessary iteration
Insecure cryptography
Outdated subprocess module API
Garbage collection prevention in multiprocessing
Catch and rethrow exception
Improper input validation
Improper authentication
Cross-site scripting
Missing none check on response metadata
Missing pagination
Semaphore overflow prevention
Mutable objects as default arguments of functions
Insecure cookie
Violation of PEP8 programming recommendations
Insecure temporary file or directory
Incorrect binding of SNS publish operations
Client-side KMS reencryption
Socket connection timeout
AWS client not reused in a Lambda function
Complex code hard to maintain
Inefficient new method from hashlib
Leaky subprocess timeout
Usage of an API that is not recommended
Dangerous global variables
Enabling and overriding debug feature
Risky use of dict get method
Multiple values in return statement is prone to error
LDAP injection
XPath injection
Clear text credentials
Deserialization of untrusted object
Use of an inefficient or incorrect API
Multidimensional list initialization using replication is error prone
Override of reserved variable names in a Lambda function
SQL injection
Docker arbitrary container run
Missing S3 bucket owner condition
Direct dict object modification
Catastrophic backtracking regex
Synchronous publication of AWS Lambda metrics
High
AWS Lambda metrics are published synchronously. To improve efficiency, write the results to a log.
Detector ID
python/sync-metric-publish@v1.0
Category
Code Quality
Common Weakness Enumeration (CWE)
CWE-1210
Tags
#
aws-python-sdk
#
aws-lambda
#
efficiency