Amazon CodeGuru
Detector Library
Sign in to CodeGuru
AWS
Documentation
Amazon CodeGuru
Detector Library
Python
Synchronous publication of AWS Lambda metrics
Feedback
CodeGuru
Detector Library
Python detectors
(107/107)
Improper privilege management
Resource leak
Inefficient string concatenation inside loop
Tensorflow redundant softmax
Spawning a process without main module
Improper certificate validation
URL redirection to untrusted site
Integer overflow
Mutually exclusive call
Time zone aware datetimes
Catch and swallow exception
Insecure hashing
Notebook best practice violation
Stack trace exposure
Using AutoAddPolicy or WarningPolicy
Pytorch control sources of randomness
Use of a deprecated method
Log injection
Weak obfuscation of web request
Deadlocks caused by improper multiprocessing API usage
OS command injection
Unauthenticated LDAP requests
Low maintainability with low class cohesion
Untrusted AMI images
Notebook invalid execution order
Confusion between equality and identity in conditional expression
Pytorch sigmoid before bceloss
Path traversal
AWS credentials logged
Loose file permissions
Pytorch data loader with multiple workers
Socket close platform compatibility
Pytorch avoid softmax with nllloss
Zip bomb attack
Pytorch miss call to zero grad
Unsanitized input is run as code
Sensitive data stored unencrypted due to partial encryption
Synchronous publication of AWS Lambda metrics
Error prone sequence modification
Batch request with unchecked failures
Bad exception handling
Unrestricted upload of dangerous file type
Pytorch redundant softmax
Inefficient polling of AWS resource
Hardcoded IP address
File injection
Insecure connection using unencrypted protocol
Incorrect use of Process.terminate API
Unauthenticated Amazon SNS unsubscribe requests might succeed
Hardcoded credentials
Insecure Socket Bind
XML External Entity
Insecure CORS policy
Cross-site request forgery
Notebook variable redefinition
Pytorch use nondeterministic algoritm
Server-side request forgery
Set SNS Return Subscription ARN
Module injection
Do not pass generic exception rule
Unnecessary iteration
Tensorflow control sources of randomness
Insecure cryptography
Tensorflow enable ops determinism
Outdated subprocess module API
Garbage collection prevention in multiprocessing
Catch and rethrow exception
Improper input validation
Improper authentication
Cross-site scripting
Missing none check on response metadata
Missing pagination
Semaphore overflow prevention
Mutable objects as default arguments of functions
Insecure cookie
Violation of PEP8 programming recommendations
Insecure temporary file or directory
Incorrect binding of SNS publish operations
Client-side KMS reencryption
Socket connection timeout
AWS client not reused in a Lambda function
Pytorch assign in place mod
Complex code hard to maintain
PyTorch create tensors directly on device
Inefficient new method from hashlib
Leaky subprocess timeout
Usage of an API that is not recommended
Pytorch disable gradient calculation
Dangerous global variables
Enabling and overriding debug feature
Risky use of dict get method
Multiple values in return statement is prone to error
LDAP injection
XPath injection
Clear text credentials
Missing authorization
Deserialization of untrusted object
Use of an inefficient or incorrect API
Multidimensional list initialization using replication is error prone
Override of reserved variable names in a Lambda function
SQL injection
Docker arbitrary container run
Missing S3 bucket owner condition
Avoid using nondeterministic Tensorflow API
Direct dict object modification
Catastrophic backtracking regex
Pytorch miss call to eval
Synchronous publication of AWS Lambda metrics
High
AWS Lambda metrics are published synchronously. To improve efficiency, write the results to a log.
Detector ID
python/sync-metric-publish@v1.0
Category
Code Quality
Common Weakness Enumeration (CWE)
CWE-1210
Tags
#
aws-python-sdk
#
aws-lambda
#
efficiency