PIP_INCOMPLETE_DEPENDENCIES_LIST | 302. Declare dependencies explicitly |
PYTHON_ACCEPTS_ANY_MIME | 062. Define standard configurations 266. Disable insecure functionalities 349. Include HTTP security headers |
PYTHON_DESERIALIZATION_INJECTION | 173. Discard unsafe inputs 321. Avoid deserializing untrusted data |
PYTHON_EXPOSED_AUTH_TOKEN | 145. Protect system cryptographic keys 156. Source code without sensitive information 266. Disable insecure functionalities |
PYTHON_HTTP_ONLY_COOKIE | 029. Cookies with security attributes |
PYTHON_INSECURE_AUTHENTICATION | 030. Avoid object reutilization 228. Authenticate using standard protocols 319. Make authentication options equally secure |
PYTHON_INSECURE_CIPHER_MODE | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
PYTHON_INSECURE_JWT_KEY | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
PYTHON_INSEC_HASH_LIBRARY | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
PYTHON_IO_PATH_TRAVERSAL | 173. Discard unsafe inputs 320. Avoid client-side control enforcement 342. Validate request parameters |
PYTHON_LDAP_CONN_AUTH | 266. Disable insecure functionalities |
PYTHON_LDAP_INJECTION | 173. Discard unsafe inputs |
PYTHON_REGEX_DOS | 072. Set maximum response time 327. Set a rate limit |
PYTHON_REGEX_INJECTION | 072. Set maximum response time 327. Set a rate limit |
PYTHON_REMOTE_COMMAND_EXECUTION | 173. Discard unsafe inputs 265. Restrict access to critical processes 266. Disable insecure functionalities |
PYTHON_SECURE_COOKIE | 029. Cookies with security attributes |
PYTHON_SESSION_FIXATION | 030. Avoid object reutilization |
PYTHON_UNSAFE_CERTIFICATE_VALIDATION | 266. Disable insecure functionalities |
PYTHON_UNSAFE_CIPHER | 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 150. Set minimum size for hash functions 181. Transmit data using secure protocols 336. Disable insecure TLS versions |
PYTHON_UNSAFE_SSL_HOSTNAME | 266. Disable insecure functionalities |
PYTHON_UNSAFE_TEMP_FILE | 095. Define users with privileges 096. Set user's required privileges 186. Use the principle of least privilege |
PYTHON_XML_PARSER | 173. Discard unsafe inputs |