Python: random is not so random (CWE-330)
The random module does not produce too random values and should be often replaced by the secrets module.
The random module does not produce too random values and should be often replaced by the secrets module.
Migrating from an Intel architecture to Graviton in AWS brings some cost benefits. We explained how we migrated all our infrastructure.
SQL Injections is one of the most common vulnerability. Prevent SQL injections with code analysis in your IDE.
Not using autoescape in jinja2 makes your vulnerable to XSS attacks. Always use autoescape=True in your Jinja2 environment
Unsafe deserialization can cause an attack and compromise your system. You need to check your Python code to make sure you avoid them.
The Python SSL module gives a false sense of security and must be used carefully.
The subprocess Python module may introduce OS injection vulnerabilities, which is a serious security concern. Do not use shell=True or mitidate the issue by checking the function input.
Using eval() in Python introduces security issues in your Python code. We present how to avoid and fix unsafe and insecure uses of eval()
Are you interested in Datadog Static Analysis?
We use cookies to improve your site experience, including analytics cookies to understand how you use our product and design better experiences. Please read our Cookie Policy.