gitlab.bandit.B601

385

Download Count*

License

Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context()' instead.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: bandit.B601
    patterns:
      - pattern-inside: |
          import paramiko
          ...
      - pattern: $CLIENT.exec_command(...)
    message: >
      Unverified SSL context detected. This will permit insecure connections
      without verifying

      SSL certificates. Use 'ssl.create_default_context()' instead.
    metadata:
      cwe: "CWE-78: Improper Neutralization of Special Elements used in an OS Command
        ('OS Command Injection')"
      owasp: "A1: Injection"
      primary_identifier: bandit.B601
      secondary_identifiers:
        - name: Bandit Test ID B601
          type: bandit_test_id
          value: B601
      license: MIT
    severity: WARNING
    languages:
      - python

Short Link: https://sg.run/9qdy