python-security/pyt

View on GitHub
pyt/vulnerability_definitions/all_trigger_words.pyt

Summary

Maintainability
Test Coverage
{
    "sources": [
        "request.args.get(",
        "request.get_json(",
        "Markup(",
        "POST.get(",
        "GET.get(",
        "META.get(",
        "POST[",
        "GET[",
        "META[",
        "FILES[",
        ".data",
        "form[",
        "form(",
        "mark_safe(",
        "cookies[",
        "files[",
        "SQLAlchemy"
    ],
    "sinks": {
        "replace(": {
            "sanitisers": [
                "escape"
            ]
        },
        "send_file(": {
            "sanitisers": [
                "'..'",
                "'..' in"
            ]
        },
        "commands.getoutput(": {},
        "commands.getstatusoutput(": {},
    "eval(": {},
    "exec(": {},
        "execute(": {},
        "filter(": {},
        "flash(": {},
        "jsonify(": {},
        "os.execl(": {},
        "os.execle(": {},
        "os.execlp(": {},
        "os.execlpe(": {},
        "os.execv(": {},
        "os.execve(": {},
        "os.execvp(": {},
        "os.execvpe(": {},
        "os.popen(": {},
        "os.popen2(": {},
        "os.popen3(": {},
        "os.popen4(": {},
        "os.spawnl(": {},
        "os.spawnle(": {},
        "os.spawnlp(": {},
        "os.spawnlpe(": {},
        "os.spawnv(": {},
        "os.spawnve(": {},
        "os.spawnvp(": {},
        "os.spawnvpe(": {},
        "os.startfile(": {},
        "os.system(": {},
        "popen2.Popen3(": {},
        "popen2.Popen4(": {},
        "popen2.popen2(": {},
        "popen2.popen3(": {},
        "popen2.popen4(": {},
        "redirect(": {},
        "render(": {},
        "render_template(": {},
        "render_to_response(": {},
        "set_cookie(": {},
        "subprocess.Popen(": {},
        "subprocess.call(": {},
        "subprocess.check_call(": {},
        "subprocess.check_output(": {},
        "subprocess.run(": {},
        "url_for(": {}
    }
}