-
-
Notifications
You must be signed in to change notification settings - Fork 786
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
Feature request: Adding Canary Credentials to detect supply chain compromise
enhancementNew feature or requestNew feature or requestStatus: Open.#1432 In PyCQA/bandit;bandit -ii -ll -ii -llraises anIndexErrorbugSomething isn't workingSomething isn't workingStatus: Open.#1423 In PyCQA/bandit;B704 false negative for local Markup subclasses (CVE-2025-54384)
bugSomething isn't workingSomething isn't workingStatus: Open.#1405 In PyCQA/bandit;B701: Extend Jinja2 checks to cover dynamic template source execution
enhancementNew feature or requestNew feature or requestStatus: Open.#1404 In PyCQA/bandit;Proposal: Detecting Flask file-serving API misuse
enhancementNew feature or requestNew feature or requestStatus: Open.#1403 In PyCQA/bandit;Feature request (with my own implementation): add a plugin which detects common SSRF cases where user-controlled URLs flow into outbound HTTP requests
enhancementNew feature or requestNew feature or requestStatus: Open.#1401 In PyCQA/bandit;Methods to Bypass Bandit Detection
bugSomething isn't workingSomething isn't workingStatus: Open.#1399 In PyCQA/bandit;False negative: narrow argument-shape checks in B508/B509
bugSomething isn't workingSomething isn't workingStatus: Open.#1397 In PyCQA/bandit;False negative: B104 misses
bind(("", port))wildcard hostbugSomething isn't workingSomething isn't workingStatus: Open.#1395 In PyCQA/bandit;False negative: B501 misses
verify=Falseonrequests.Session/httpx.Clientinstance methodsbugSomething isn't workingSomething isn't workingStatus: Open.#1394 In PyCQA/bandit;False negative: B202 unsafe
tarfile.extract()not detectedbugSomething isn't workingSomething isn't workingStatus: Open.#1392 In PyCQA/bandit;False negative: B103 fails to detect dangerous permissions set via stat module constants
bugSomething isn't workingSomething isn't workingStatus: Open.#1390 In PyCQA/bandit;