Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Unresolved
Priority: Unknown
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

We occasionally get reports of security problems from naive security scanners about using weak hash functions (md5) or pseudo random number generators (anything in the stdlib random module), even though the code in question has nothing to do with security or cryptography. Investigate using secure random (SystemRandom) and functions in the secrets module to avoid false positives for non-crypto related code.

related to

PYTHON-2995 CWE-327 and CWE-331 - Veracode flaws found on latest pymongo package

Closed

PYTHON-2996 [CWE-327][CWE-331] - Issues found while running Veracode scan on latest pymongo package

Closed

PYTHON-2997 [CWE-327] - Issue found while running Veracode scan on latest pymongo package

Closed

Assignee:: Unassigned
Reporter:: Shane Harvey
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: Nov 04 2021 08:50:24 PM UTC
Updated:: Mar 31 2022 03:14:31 AM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates