Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Unresolved
Priority: Unknown
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

We occasionally get reports of security problems from naive security scanners about using weak hash functions (md5) or pseudo random number generators (anything in the stdlib random module), even though the code in question has nothing to do with security or cryptography. Investigate using secure random (SystemRandom) and functions in the secrets module to avoid false positives for non-crypto related code.

related to

PYTHON-2995 CWE-327 and CWE-331 - Veracode flaws found on latest pymongo package

Closed

PYTHON-2996 [CWE-327][CWE-331] - Issues found while running Veracode scan on latest pymongo package

Closed

PYTHON-2997 [CWE-327] - Issue found while running Veracode scan on latest pymongo package

Closed

Assignee:: Unassigned

Reporter:: Shane Harvey

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: Nov 04 2021 08:50:24 PM UTC

Updated:: Mar 31 2022 03:14:31 AM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates