minusworld.python-insecure-transport-starter

python.requests.security.disabled-cert-validation.disabled-cert-validation

returntocorp

Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation.

python.requests.security.no-auth-over-http.no-auth-over-http

returntocorp

Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use 'https://' instead.

python.lang.security.audit.weak-ssl-version.weak-ssl-version

returntocorp

An insecure SSL version was detected. TLS versions 1.0, 1.1, and all SSL versions are considered weak encryption and are deprecated. Use 'ssl.PROTOCOL_TLSv1_2' or higher.

python.lang.security.unverified-ssl-context.unverified-ssl-context

returntocorp

Unverified SSL context detected. This will permit insecure connections without verifying SSL certificates. Use 'ssl.create_default_context' instead.

python.lang.security.audit.network.http-not-https-connection.http-not-https-connection

returntocorp

Detected HTTPConnectionPool. This will transmit data in cleartext. It is recommended to use HTTPSConnectionPool instead for to encrypt communications.

python.lang.security.audit.httpsconnection-detected.httpsconnection-detected

returntocorp

The HTTPSConnection API has changed frequently with minor releases of Python. Ensure you are using the API for your version of Python securely. For example, Python 3 versions prior to 3.4.3 will not verify SSL certificates by default. See https://docs.python.org/3/library/http.client.html#http.client.HTTPSConnection for more information.

python.lang.security.audit.paramiko-implicit-trust-host-key.paramiko-implicit-trust-host-key

returntocorp

Detected a paramiko host key policy that implicitly trusts a server's host key. Host keys should be verified to ensure the connection is not to a malicious server. Use RejectPolicy or a custom subclass instead.

python.lang.security.audit.ssl-wrap-socket-is-deprecated.ssl-wrap-socket-is-deprecated

returntocorp

'ssl.wrap_socket()' is deprecated. This function creates an insecure socket without server name indication or hostname matching. Instead, create an SSL context using 'ssl.SSLContext()' and use that to wrap a socket.

python.lang.security.audit.telnetlib.telnetlib

returntocorp

Telnet does not encrypt communications. Use SSH instead.

returntocorp

The 'FTP' class sends information unencrypted. Consider using the 'FTP_TLS' class instead.

returntocorp

Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.

returntocorp

Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.

returntocorp

Detected a request using 'http://'. This request will be unencrypted, and attackers could listen into traffic on the network and be able to obtain sensitive information. Use 'https://' instead.

returntocorp

The 'ssl' module disables insecure cipher suites by default. Therefore, use of 'set_ciphers()' should only be used when you have very specialized requirements. Otherwise, you risk lowering the security of the SSL channel.

returntocorp

Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'ftp://'. Information sent over this connection will be unencrypted. Consider using SFTP instead. urllib does not support SFTP, so consider a library which supports SFTP.

returntocorp

Detected an unsecured transmission channel. 'OpenerDirector.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.

returntocorp

Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'ftp://'. This connection will not be encrypted. Consider using SFTP instead. urllib does not support SFTP natively, so consider using a library which supports SFTP.

returntocorp

Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.

returntocorp

Detected 'urllib.urlopen()' using 'ftp://'. This request will not be encrypted. Consider using SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.

returntocorp

Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.

returntocorp

Detected an insecure transmission channel. 'URLopener.open(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.

returntocorp

Detected an unsecured transmission channel. 'URLopener.open(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.

returntocorp

Detected an insecure transmission channel. 'URLopener.retrieve(...)' is being used with 'ftp://'. Use SFTP instead. urllib does not support SFTP, so consider using a library which supports SFTP.

returntocorp

Detected an unsecured transmission channel. 'URLopener.retrieve(...)' is being used with 'http://'. Use 'https://' instead to secure the channel.

returntocorp

Detected 'urllib.urlretrieve()' using 'ftp://'. This request will not be encrypted. Use SFTP instead. urllib does not support SFTP, so consider switching to a library which supports SFTP.

returntocorp

Detected 'urllib.urlretrieve()' using 'http://'. This request will not be encrypted. Use 'https://' instead.

returntocorp

The Python third-party 'requests' module used with SSL verification disabled

returntocorp

Weak or insecure 'ssl' module usage

returntocorp

The Python 'urllib3' module used with SSL verfication disabled

returntocorp

Warnings disabled on insecure network requests with Python 'urllib3' module