Python Sicherheitsschwachstellen
Shoulder erkennt 97 Sicherheitsmuster, die spezifisch für Python-Anwendungen sind, die mit Python erstellt wurden.
Framework-Abdeckung
Schwachstellenkategorien
CWE-200
5 Regeln
Exposure of Sensitive Information to an Unauthorized Actor
1 critical
CWE-94
4 Regeln
Improper Control of Generation of Code ('Code Injection')
3 critical
CWE-942
4 Regeln
Permissive Cross-domain Policy with Untrusted Domains
CWE-502
3 Regeln
Deserialization of Untrusted Data
2 critical
CWE-798
3 Regeln
Use of Hard-coded Credentials
1 critical
CWE-915
3 Regeln
Improperly Controlled Modification of Dynamically-Determined Object Attributes
CWE-20
2 Regeln
Improper Input Validation
CWE-22
2 Regeln
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-89
2 Regeln
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
1 critical
CWE-209
2 Regeln
Generation of Error Message Containing Sensitive Information
CWE-269
2 Regeln
Improper Privilege Management
CWE-295
2 Regeln
Improper Certificate Validation
CWE-306
2 Regeln
Missing Authentication for Critical Function
CWE-326
2 Regeln
Inadequate Encryption Strength
CWE-338
2 Regeln
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CWE-347
2 Regeln
Improper Verification of Cryptographic Signature
1 critical
CWE-400
2 Regeln
Uncontrolled Resource Consumption
CWE-489
2 Regeln
Active Debug Code
1 critical
CWE-614
2 Regeln
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-639
2 Regeln
Authorization Bypass Through User-Controlled Key
Scannen Sie Ihr Python-Projekt
Führen Sie das Shoulder CLI aus, um Python-spezifische Schwachstellen zu finden.