# Bandit **Auditor Job Name**: Bandit Scan\ **Auditor image:** registry.gitlab.com/whitespots-public/security-images/bandit:1.7.5\ **AppSec Portal Importer Name**: Bandit Scan, GitLab Bandit [Bandit scaner](https://github.com/PyCQA/bandit) and [Bandit scaner (GitLab)](https://gitlab.com/gitlab-org/security-products/analyzers/bandit) has a *wide range of plugins* to detect various types of security vulnerabilities, including **SQL injection**, **cross-site scripting**, and **hardcoded passwords**. It can also detect insecure use of cryptography, such as **weak encryption algorithms** or **incorrect usage of hash functions**. #### Curl example {% code overflow="wrap" %} ``` curl -X POST localhost/api/v1/scan/import/ -H "Authorization: Token a75bb26171cf391671e67b128bfc8ae1c779ff7b" -H "Content-Type: multipart/form-data" -F "file=@./bandit.json" -F "product_name=Product1" -F "product_type=Application" -F "scanner_name=Bandit Scan" -F "branch=dev" -F "repository=git@gitlab.com:whitespots-public/appsec-portal.git" ``` {% endcode %} {% code overflow="wrap" %} ``` curl -X POST localhost/api/v1/scan/import/ -H "Authorization: Token a75bb26171cf391671e67b128bfc8ae1c779ff7b" -H "Content-Type: multipart/form-data" -F "file=@./bandit.json" -F "product_name=Product1" -F "product_type=Application" -F "scanner_name=GitLab Bandit" -F "branch=dev" -F "repository=git@gitlab.com:whitespots-public/appsec-portal.git" ``` {% endcode %} In this command, the following parameters are used: 1. `-X POST`: specifies the HTTP method to be used (in this case, POST) 2. `-H "Authorization: Token "`: specifies the [**authorization token**](https://docs.whitespots.io/appsec-portal/features/importing-reports-from-scanners-to-appsec-portal#authorization-token) obtained from AppSec Portal. 3. `-H "Content-Type: multipart/form-data"`: specifies the content type of the request. 4. `-F "file=@"`: specifies the **path to the report file** generated by the scanner. 5. `-F "product_name="`: specifies the **name of the product** being scanned. 6. `-F "product_type="`: specifies the **type of the product** being scanned. 7. `-F "scanner_name="`: specifies the **name of the scanner** used to generate the report (Bandit Scan or GitLab Bandit) 8. `-F "branch="`: (*optional*) specifies the name of the branch in the source code repository (if applicable) This parameter is particularly useful when you want to associate the scan results with a specific branch in your repository. If not provided, the scan will be associated with the default branch Asset information, if an [auditor ](https://docs.whitespots.io/auditor)is used 9. `-F "repository="`: If your product is **code** in a repository enter the address of your **repository** in a specific format, for example: :whitespots-public/appsec-portal.git 10. `-F "docker_image="`: If your product is **image** enter the address of the **registry** where your product is located, for example: registry.gitlab.com/whitespots-public/appsec-portal/back/auto\_validator:latest 11. `-F "domain="`: If your product is **web** enter the **domain name** of your product, for example: whitespots.io 12. `-F "host="`: If your product is **web** enter the **IP address** of your product, for example: 0.0.0.0 **Report example:** ``` { "errors": [], "generated_at": "2023-12-26T14:29:38Z", "metrics": { "./bad/api_list.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 14, "nosec": 0, "skipped_tests": 0 }, "./bad/api_post.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 2, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./bad/brute.py": { "CONFIDENCE.HIGH": 2, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 2, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./bad/db.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 18, "nosec": 0, "skipped_tests": 0 }, "./bad/db_init.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 32, "nosec": 0, "skipped_tests": 0 }, "./bad/libapi.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 3, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 22, "nosec": 0, "skipped_tests": 0 }, "./bad/libmfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 55, "nosec": 0, "skipped_tests": 0 }, "./bad/libposts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 18, "nosec": 0, "skipped_tests": 0 }, "./bad/libsession.py": { "CONFIDENCE.HIGH": 1, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 20, "nosec": 0, "skipped_tests": 0 }, "./bad/libuser.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 3, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 38, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_api.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 50, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_csp.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_hello.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_mfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 42, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_posts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./bad/mod_user.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 51, "nosec": 0, "skipped_tests": 0 }, "./bad/vulpy-ssl.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 4, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./bad/vulpy.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 41, "nosec": 0, "skipped_tests": 0 }, "./good/cutpasswd.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 13, "nosec": 0, "skipped_tests": 0 }, "./good/db_init.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 33, "nosec": 0, "skipped_tests": 0 }, "./good/httpbrute.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./good/libapi.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 37, "nosec": 0, "skipped_tests": 0 }, "./good/libmfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 55, "nosec": 0, "skipped_tests": 0 }, "./good/libposts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 18, "nosec": 0, "skipped_tests": 0 }, "./good/libsession.py": { "CONFIDENCE.HIGH": 1, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 39, "nosec": 0, "skipped_tests": 0 }, "./good/libuser.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 90, "nosec": 0, "skipped_tests": 0 }, "./good/mod_api.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 47, "nosec": 0, "skipped_tests": 0 }, "./good/mod_csp.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./good/mod_hello.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 5, "nosec": 0, "skipped_tests": 0 }, "./good/mod_mfa.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 47, "nosec": 0, "skipped_tests": 0 }, "./good/mod_posts.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./good/mod_user.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 58, "nosec": 0, "skipped_tests": 0 }, "./good/mod_welcome1.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./good/vulpy-ssl.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 4, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 19, "nosec": 0, "skipped_tests": 0 }, "./good/vulpy.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 1, "SEVERITY.LOW": 1, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 40, "nosec": 0, "skipped_tests": 0 }, "./test_code.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 2, "nosec": 0, "skipped_tests": 0 }, "./utils/aes-decrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 20, "nosec": 0, "skipped_tests": 0 }, "./utils/aes-encrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 21, "nosec": 0, "skipped_tests": 0 }, "./utils/ca-create.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 3, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 3, "SEVERITY.UNDEFINED": 0, "loc": 43, "nosec": 0, "skipped_tests": 0 }, "./utils/ca-csr-create.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 26, "nosec": 0, "skipped_tests": 0 }, "./utils/ca-csr-load.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 4, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 4, "SEVERITY.UNDEFINED": 0, "loc": 27, "nosec": 0, "skipped_tests": 0 }, "./utils/crack-cvv.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 15, "nosec": 0, "skipped_tests": 0 }, "./utils/crack-hash.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 15, "nosec": 0, "skipped_tests": 0 }, "./utils/fernet-generate-key.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 3, "nosec": 0, "skipped_tests": 0 }, "./utils/generate_bad_passwords.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 29, "nosec": 0, "skipped_tests": 0 }, "./utils/hashfile.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 14, "nosec": 0, "skipped_tests": 0 }, "./utils/hmac_generate.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 13, "nosec": 0, "skipped_tests": 0 }, "./utils/httpbrute.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 1, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 24, "nosec": 0, "skipped_tests": 0 }, "./utils/luncheck.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 13, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-decrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 21, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-encrypt.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 20, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-keygen.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 2, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 2, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-sign.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 27, "nosec": 0, "skipped_tests": 0 }, "./utils/rsa-verify.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 1, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 1, "SEVERITY.UNDEFINED": 0, "loc": 31, "nosec": 0, "skipped_tests": 0 }, "./utils/scrypt-crack.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 36, "nosec": 0, "skipped_tests": 0 }, "./utils/scrypt-generate.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 23, "nosec": 0, "skipped_tests": 0 }, "./utils/scrypt-verify.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 28, "nosec": 0, "skipped_tests": 0 }, "./utils/skey.py": { "CONFIDENCE.HIGH": 0, "CONFIDENCE.LOW": 0, "CONFIDENCE.MEDIUM": 0, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 0, "SEVERITY.LOW": 0, "SEVERITY.MEDIUM": 0, "SEVERITY.UNDEFINED": 0, "loc": 22, "nosec": 0, "skipped_tests": 0 }, "_totals": { "CONFIDENCE.HIGH": 4, "CONFIDENCE.LOW": 6, "CONFIDENCE.MEDIUM": 39, "CONFIDENCE.UNDEFINED": 0, "SEVERITY.HIGH": 4, "SEVERITY.LOW": 9, "SEVERITY.MEDIUM": 36, "SEVERITY.UNDEFINED": 0, "loc": 1558, "nosec": 0, "skipped_tests": 0 } }, "results": [ { "code": "5 \n6 api_key_file = Path('/tmp/supersecret.txt')\n7 \n", "col_offset": 20, "end_col_offset": 42, "filename": "./bad/api_post.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 6, "line_range": [ 6 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "18 for u,p in users:\n19 c.execute(\"INSERT INTO users (user, password, failures) VALUES ('%s', '%s', '%d')\" %(u, p, 0))\n20 \n", "col_offset": 18, "end_col_offset": 90, "filename": "./bad/db.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 19, "line_range": [ 19 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "19 for u,p in users:\n20 c.execute(\"INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')\" %(u, p, 0, 0, ''))\n21 \n", "col_offset": 18, "end_col_offset": 131, "filename": "./bad/db_init.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 20, "line_range": [ 20 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "15 \n16 for f in Path('/tmp/').glob('vulpy.apikey.' + username + '.*'):\n17 print('removing', f)\n", "col_offset": 18, "end_col_offset": 25, "filename": "./bad/libapi.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 16, "line_range": [ 16 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "19 \n20 keyfile = '/tmp/vulpy.apikey.{}.{}'.format(username, key)\n21 \n", "col_offset": 14, "end_col_offset": 39, "filename": "./bad/libapi.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 20, "line_range": [ 20 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "32 \n33 for f in Path('/tmp/').glob('vulpy.apikey.*.' + key):\n34 return f.name.split('.')[2]\n", "col_offset": 18, "end_col_offset": 25, "filename": "./bad/libapi.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 33, "line_range": [ 33 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "11 \n12 user = c.execute(\"SELECT * FROM users WHERE username = '{}' and password = '{}'\".format(username, password)).fetchone()\n13 \n", "col_offset": 21, "end_col_offset": 84, "filename": "./bad/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 12, "line_range": [ 12 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "24 \n25 c.execute(\"INSERT INTO users (username, password, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%d', '%d', '%s')\" %(username, password, 0, 0, ''))\n26 \n", "col_offset": 14, "end_col_offset": 127, "filename": "./bad/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 25, "line_range": [ 25 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "52 \n53 c.execute(\"UPDATE users SET password = '{}' WHERE username = '{}'\".format(password, username))\n54 conn.commit()\n", "col_offset": 14, "end_col_offset": 70, "filename": "./bad/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 53, "line_range": [ 53 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 0, "end_col_offset": 86, "filename": "./bad/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 51, "end_col_offset": 67, "filename": "./bad/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 69, "end_col_offset": 84, "filename": "./bad/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "54 \n55 app.run(debug=True, host='127.0.1.1', port=5000, extra_files='csp.txt')\n", "col_offset": 0, "end_col_offset": 71, "filename": "./bad/vulpy.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 55, "line_range": [ 55 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "2 \n3 with open('/tmp/darkweb2017-top10000.txt') as f:\n4 for password in f.readlines():\n", "col_offset": 10, "end_col_offset": 41, "filename": "./good/cutpasswd.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 3, "line_range": [ 3 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "60 c = conn.cursor()\n61 c.execute(\"INSERT INTO users (username, password, salt, failures, mfa_enabled, mfa_secret) VALUES ('%s', '%s', '%s', '%d', '%d', '%s')\" %(username, '', '', 0, 0, ''))\n62 conn.commit()\n", "col_offset": 14, "end_col_offset": 139, "filename": "./good/libuser.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 89, "link": "https://cwe.mitre.org/data/definitions/89.html" }, "issue_severity": "MEDIUM", "issue_text": "Possible SQL injection vector through string-based query construction.", "line_number": 61, "line_range": [ 61 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b608_hardcoded_sql_expressions.html", "test_id": "B608", "test_name": "hardcoded_sql_expressions" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 0, "end_col_offset": 86, "filename": "./good/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 51, "end_col_offset": 67, "filename": "./good/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "28 \n29 app.run(debug=True, host='127.0.1.1', ssl_context=('/tmp/acme.cert', '/tmp/acme.key'))\n", "col_offset": 69, "end_col_offset": 84, "filename": "./good/vulpy-ssl.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "52 \n53 app.run(debug=True, host='127.0.1.1', port=5001, extra_files='csp.txt')\n54 \n", "col_offset": 0, "end_col_offset": 71, "filename": "./good/vulpy.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 94, "link": "https://cwe.mitre.org/data/definitions/94.html" }, "issue_severity": "HIGH", "issue_text": "A Flask app appears to be run with debug=True, which exposes the Werkzeug debugger and allows the execution of arbitrary code.", "line_number": 53, "line_range": [ 53 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b201_flask_debug_true.html", "test_id": "B201", "test_name": "flask_debug_true" }, { "code": "30 \n31 with open('/tmp/ca.key', 'wb') as out:\n32 out.write(pem_private)\n", "col_offset": 10, "end_col_offset": 23, "filename": "./utils/ca-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 31, "line_range": [ 31 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "33 \n34 with open('/tmp/ca.pub', 'wb') as out:\n35 out.write(pem_public)\n", "col_offset": 10, "end_col_offset": 23, "filename": "./utils/ca-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 34, "line_range": [ 34 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "57 # Write our certificate out to disk.\n58 with open('/tmp/ca.cert', 'wb') as out:\n59 out.write(cert.public_bytes(serialization.Encoding.PEM))\n", "col_offset": 10, "end_col_offset": 24, "filename": "./utils/ca-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 58, "line_range": [ 58 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "11 \n12 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n13 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/ca-csr-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 12, "line_range": [ 12 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "34 # Write our CSR out to disk.\n35 with open(\"/tmp/acme.csr\", \"wb\") as out:\n36 out.write(csr.public_bytes(serialization.Encoding.PEM))\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/ca-csr-create.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 35, "line_range": [ 35 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "12 \n13 with open(\"/tmp/ca.cert\", \"rb\") as ca_cert_file:\n14 ca_cert = x509.load_pem_x509_certificate(ca_cert_file.read(), default_backend())\n", "col_offset": 10, "end_col_offset": 24, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 13, "line_range": [ 13 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "15 \n16 with open(\"/tmp/acme.csr\", \"rb\") as csr_file:\n17 csr = x509.load_pem_x509_csr(csr_file.read(), default_backend())\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 16, "line_range": [ 16 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "18 \n19 with open(\"/tmp/ca.key\", \"rb\") as key_file:\n20 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 23, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 19, "line_range": [ 19 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "34 # Write our certificate out to disk.\n35 with open('/tmp/acme.cert', 'wb') as out:\n36 out.write(cert.public_bytes(serialization.Encoding.PEM))\n", "col_offset": 10, "end_col_offset": 26, "filename": "./utils/ca-csr-load.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 35, "line_range": [ 35 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "13 \n14 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n15 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-decrypt.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 14, "line_range": [ 14 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "13 \n14 with open(\"/tmp/acme.pub\", \"rb\") as key_file:\n15 public_key = serialization.load_pem_public_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-encrypt.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 14, "line_range": [ 14 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "25 \n26 with open('/tmp/acme.key', 'wb') as out:\n27 out.write(pem_private)\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-keygen.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 26, "line_range": [ 26 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "28 \n29 with open('/tmp/acme.pub', 'wb') as out:\n30 out.write(pem_public)\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-keygen.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 29, "line_range": [ 29 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "14 \n15 with open(\"/tmp/acme.key\", \"rb\") as key_file:\n16 private_key = serialization.load_pem_private_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-sign.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 15, "line_range": [ 15 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" }, { "code": "15 \n16 with open(\"/tmp/acme.pub\", \"rb\") as key_file:\n17 public_key = serialization.load_pem_public_key(\n", "col_offset": 10, "end_col_offset": 25, "filename": "./utils/rsa-verify.py", "issue_confidence": "MEDIUM", "issue_cwe": { "id": 377, "link": "https://cwe.mitre.org/data/definitions/377.html" }, "issue_severity": "MEDIUM", "issue_text": "Probable insecure usage of temp file/directory.", "line_number": 16, "line_range": [ 16 ], "more_info": "https://bandit.readthedocs.io/en/1.7.5/plugins/b108_hardcoded_tmp_directory.html", "test_id": "B108", "test_name": "hardcoded_tmp_directory" } ] } ```