72 Rules
| ID | Name | Severity |
|---|---|---|
| 7776 | Avoid Artifacts with High Fan-In |
medium
|
| 7778 | Avoid Artifacts with High Fan-Out |
medium
|
| 7792 | Avoid Classes with a High Number Of Children |
medium
|
| 1021000 | Avoid Artifacts with High Cyclomatic Complexity (Python) |
medium
|
| 1021002 | Avoid using a web service with Python httplib HTTPConnection inside a loop |
critical
|
| 1021004 | Avoid using a web service with Python requests inside a loop |
critical
|
| 1021006 | Avoid using a web service with Python aiohttp ClientSession inside a loop |
critical
|
| 1021008 | Avoid using a web service with Python urllib.request inside a loop |
critical
|
| 1021010 | Avoid using a web service with Python urllib2 inside a loop |
critical
|
| 1021012 | Avoid using a web service with Python httplib2 Http inside a loop |
critical
|
| 1021014 | Avoid using yield and return with value inside a function |
medium
|
| 1021016 | Avoid weak encryption algorithm (Python) |
critical
|
| 1021018 | Avoid catch-all except blocks with empty handlers |
high
|
| 1021020 | Avoid using wildcard (*) imports |
medium
|
| 1021022 | 'Initialize ancestors when overriding __init__' |
medium
|
| 1021024 | Avoid return statement in finally block |
medium
|
| 1021026 | Avoid leaving open file resources (Python) |
high
|
| 1021028 | Avoid empty finally block (Python) |
high
|
| 1021030 | Avoid hard-coded network resource names (Python) |
medium
|
| 1021032 | Avoid disabling certificate check when requesting secured urls |
high
|
| 1021034 | Avoid inconsistent initialization when deriving a new exception |
medium
|
| 1021036 | Avoid using eval (Python) |
high
|
| 1021038 | Avoid using exec (Python) |
high
|
| 1021040 | Avoid instance attributes only differing by capitalization |
medium
|
| 1021042 | Avoid hard-coded passwords (Python) |
critical
|
| 1021044 | Avoid string interpolations to prevent SQL injections (Python) |
critical
|
| 1021046 | Avoid Not ... Is |
medium
|
| 1021048 | Always protect sensitive data in config files from disclosure |
critical
|
| 1021050 | Avoid using unsecured cookie (Python) |
high
|
| 1021052 | Avoid too long lines |
medium
|
| 1021054 | Avoid long docstring lines |
medium
|
| 1021056 | Missing whitespace after comma |
medium
|
| 1021058 | Avoid superfluous parenthesis |
medium
|
| 1021060 | Avoid trailing whitespace |
medium
|
| 1021062 | Respect variable naming conventions |
medium
|
| 1021064 | Respect function naming conventions |
medium
|
| 1021066 | Respect class naming conventions |
medium
|
| 1021068 | Avoid using global statement |
medium
|
| 1021070 | Avoid Superclass knowing Subclass (Python) |
medium
|
| 1021072 | Avoid shadowing class variables |
medium
|
| 1021074 | Avoid manipulating a list while iterating over it |
medium
|
| 1021076 | Avoid mutable default parameter values |
medium
|
| 1021078 | Avoid unsafe deserialization (Python) |
high
|
| 1021080 | Avoid resource injection (Python) |
high
|
| 1021082 | Avoid LDAP injection (Python) |
high
|
| 1021084 | Avoid XPath injection (Python) |
high
|
| 1021088 | Avoid uncontrolled sleep calls (Python) |
high
|
| 1021090 | Avoid using insufficient random generator (Python) |
medium
|
| 1021092 | Avoid reflected cross-site scripting (Python) |
high
|
| 1021094 | Avoid cross-site scripting (persistent) (Python) |
high
|
| 1021096 | Avoid second order LDAP injection (Python) |
critical
|
| 1021098 | Avoid HTTP header injection (Python) |
critical
|
| 1021100 | Avoid URL redirection to untrusted site (Python) |
high
|
| 1021102 | Avoid parsing XML data without restriction of XML External Entity Reference (XXE) (Python) |
high
|
| 1021104 | Avoid file path manipulation (Python) |
high
|
| 1021106 | Avoid server-side request forgery (Python) |
high
|
| 1021108 | Avoid unsafe access to object attributes |
high
|
| 1021110 | Avoid using regular expression vulnerable to ReDoS (Python) |
high
|
| 1021112 | Avoid OS command injection (Python) |
high
|
| 1021114 | Ensure the HTTP Strict-Transport-Security header (HSTS) is set up for FastAPI (Python) |
high
|
| 1021116 | Avoid logging sensitive data (Python) |
high
|
| 1021118 | Avoid disabling CSRF Protection in fastapi_jwt_auth |
critical
|
| 1021120 | Avoid mixing trusted and untrusted data in HTTP requests (Python) |
high
|
| 1021122 | Avoid cookie poisoning |
high
|
| 1021124 | Avoid uncontrolled format string (Python) |
high
|
| 1021126 | Ensure the HTTP Strict-Transport-Security header (HSTS) is set up for Flask (Python) |
high
|
| 1021128 | Always protect against CSRF in Flask application |
critical
|
| 1021130 | Avoid overly permissive Cross-Origin Resource Sharing (CORS) policy (Python) |
high
|
| 1021132 | Avoid observable authentication response discrepancy (Python) |
high
|
| 1021134 | Avoid Unchecked Input for Loop Condition (Python) |
high
|
| 1021136 | Always protect against CSRF in FastAPI application |
critical
|
| 1101036 | Use ANSI standard operators in SQL WHERE clauses |
medium
|
