gitlab.bandit.B321

385

Download Count*

License

FTP does not encrypt communications by default. This can lead to sensitive data being exposed. Ensure use of FTP here does not expose sensitive data.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: bandit.B321
    pattern: ftplib.$ANYTHING(...)
    message: |
      FTP does not encrypt communications by default. This can lead to sensitive
      data being exposed. Ensure use of FTP here does not expose sensitive data.
    metadata:
      cwe: "CWE-319: Cleartext Transmission of Sensitive Information"
      owasp: "A3: Sensitive Data Exposure"
      primary_identifier: bandit.B321
      secondary_identifiers:
        - name: Bandit Test ID B321
          type: bandit_test_id
          value: B321
      license: MIT
    severity: WARNING
    languages:
      - python

Short Link: https://sg.run/Awwp