Code Security Report: 1 total findings

Open mend-for-github-com[bot] opened this issue 1 year ago • 0 comments

Code Security Report

Scan Metadata

Latest Scan: 2024-05-17 08:51am Total Findings: 1 | New Findings: 0 | Resolved Findings: 0 Tested Project Files: 25 Detected Programming Languages: 2 (Python, C/C++ (Beta))

[ ] Check this box to manually trigger a scan

Finding Details

Severity	Vulnerability Type	CWE	File	Data Flows	Date
Medium	Hardcoded Password/Credentials	CWE-798	keymanager_vault.py:94	1	2024-05-17 08:52am
Vulnerable Code https://github.com/Seagate/TCGstorageAPI/blob/2b6348c30ebf1be24ebade3c902e9c22cfccaddc/sed_cli/keymanager/keymanager_vault.py#L94 Secure Code Warrior Training Material ● Training ▪ Secure Code Warrior Hardcoded Password/Credentials Training ● Videos ▪ Secure Code Warrior Hardcoded Password/Credentials Video ● Further Reading ▪ OWASP Top Ten 2017 A3: Sensitive Data Exposure ▪ OWASP Top Ten Proactive Controls 2018 C8: Protect Data Everywhere ▪ OWASP Top Ten 2021 A02: Cryptographic Failures

May 17 '24 08:05 mend-for-github-com[bot]

TCGstorageAPI TCGstorageAPI copied to clipboard

Code Security Report: 1 total findings

Code Security Report

Scan Metadata

Finding Details

TCGstorageAPI
TCGstorageAPI copied to clipboard