gitlab.bandit.B413

385
Download Count*
MIT
License

Consider possible security implications associated with pycrypto module.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: bandit.B413
    pattern-either:
      - pattern: import pycryto
      - pattern: import Crypto.Cipher
      - pattern: import Crypto.Hash
      - pattern: import Crypto.IO
      - pattern: import Crypto.Protocol
      - pattern: import Crypto.PublicKey
      - pattern: import Crypto.Random
      - pattern: import Crypto.Signature
      - pattern: import Crypto.Util
    message: |
      Consider possible security implications associated with pycrypto module.
    metadata:
      cwe: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
      owasp: "A3: Sensitive Data Exposure"
      primary_identifier: bandit.B413
      secondary_identifiers:
        - name: Bandit Test ID B413
          type: bandit_test_id
          value: B413
      license: MIT
    severity: ERROR
    languages:
      - python