Spaces:
Sleeping
Sleeping
| { | |
| "findings": [ | |
| {"scanner": "gradio-secrets", "rule": "GR-PWD-VALUE", "severity": "high", | |
| "file": "app.py", "message": "gr.Textbox(type=\"password\", value=...) renders a live secret into client HTML", | |
| "snippet": "token = gr.Textbox(type=\"password\", value=\"hf_xxxxREDACTEDxxxx\")"}, | |
| {"scanner": "semgrep", "rule": "python.lang.security.deserialization.pickle-load", "severity": "critical", | |
| "file": "ingest/upload_handler.py", "message": "pickle.load on attacker-controlled upload -> unauthenticated RCE", | |
| "snippet": "data = pickle.load(open(request.files['f'].name,'rb'))"}, | |
| {"scanner": "semgrep", "rule": "python.requests.ssrf", "severity": "high", | |
| "file": "proxy/fetch.py", "message": "User-supplied URL passed to requests.get with no allow-list (SSRF)", | |
| "snippet": "requests.get(request.args['url'])"}, | |
| {"scanner": "trivy", "rule": "CVE-2024-3094", "severity": "critical", | |
| "file": "requirements.txt", "message": "Backdoored xz/liblzma transitive dependency present in lockfile"}, | |
| {"scanner": "trivy", "rule": "CVE-2023-50782", "severity": "high", | |
| "file": "requirements.txt", "message": "cryptography < 42 vulnerable to Bleichenbacher timing oracle"}, | |
| {"scanner": "modelscan", "rule": "MS-PICKLE-EXEC", "severity": "critical", | |
| "file": "weights/model.bin", "message": "Serialized model contains a reduce-based code execution payload"}, | |
| {"scanner": "garak", "rule": "promptinject.HijackHateHumans", "severity": "medium", | |
| "file": "chat/system.py", "message": "System prompt susceptible to instruction-override jailbreak in 41% of probes"}, | |
| {"scanner": "bandit", "rule": "B105", "severity": "medium", | |
| "file": "config/settings.py", "message": "Possible hardcoded password assigned to DB_PASS", | |
| "snippet": "DB_PASS = \"changeme123\""}, | |
| {"scanner": "semgrep", "rule": "javascript.express.cors-misconfig", "severity": "medium", | |
| "file": "server/cors.js", "message": "CORS reflects arbitrary Origin with credentials:true", | |
| "snippet": "res.header('Access-Control-Allow-Origin', req.headers.origin)"}, | |
| {"scanner": "gitleaks", "rule": "aws-access-token", "severity": "high", | |
| "file": "scripts/deploy.sh", "message": "AWS access key id committed to repository history"}, | |
| {"scanner": "trivy", "rule": "CVE-2022-40897", "severity": "low", | |
| "file": "requirements.txt", "message": "setuptools ReDoS in package_index (low real-world impact)"}, | |
| {"scanner": "semgrep", "rule": "python.flask.debug-enabled", "severity": "medium", | |
| "file": "wsgi.py", "message": "Flask app run with debug=True (Werkzeug console RCE if exposed)", | |
| "snippet": "app.run(debug=True, host='0.0.0.0')"}, | |
| {"scanner": "bandit", "rule": "B608", "severity": "high", | |
| "file": "db/query.py", "message": "Possible SQL injection via f-string query construction", | |
| "snippet": "cur.execute(f\"SELECT * FROM u WHERE id={uid}\")"}, | |
| {"scanner": "garak", "rule": "leakreplay.LiteratureComplete", "severity": "low", | |
| "file": "chat/system.py", "message": "Minor training-data echo on canary prompts; low confidence"} | |
| ] | |
| } | |