gitlab.bandit.B402

385

Download Count*

MIT

License

functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: bandit.B402
    patterns:
      - pattern-either:
          - pattern: import ftplib
          - pattern: from ftplib import FTP
          - pattern: ftplib.FTP(...)
    message: >
      functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP
      or some other encrypted protocol
    metadata:
      cwe: "CWE-319: Cleartext Transmission of Sensitive Information"
      owasp: "A3: Sensitive Data Exposure"
      primary_identifier: bandit.B402
      secondary_identifiers:
        - name: Bandit Test ID B402
          type: bandit_test_id
          value: B402
      license: MIT
    severity: ERROR
    languages:
      - python

Short Link: https://sg.run/KW0n