Code Security Report: 1 total findings [master] #1025

mend-for-garden.eu.org · 2025-02-25T08:48:18Z

Code Security Report

Scan Metadata

Latest Scan: 2025-02-25 08:47am
Total Findings: 1 | New Findings: 0 | Resolved Findings: 0
Tested Project Files: 30
Detected Programming Languages: 2 (Ruby, Python*)

Check this box to manually trigger a scan

Finding Details

Severity

Vulnerability Type

CWE

File

Data Flows

Detected

Medium

Insecure TLS Configuration

CWE-295

deployment.py:363

1

2025-02-25 08:48am

Vulnerable Code

pyvespa/vespa/deployment.py

Lines 358 to 363 in 2604da3

    
               debug=debug, 
        
               docker_timeout=docker_timeout, 
        
           ) 
        
           self.wait_for_config_server_start(max_wait=max_wait_configserver) 
        
           r = requests.post(

1 Data Flow/s detected

pyvespa/vespa/deployment.py

Line 363 in 2604da3

r = requests.post(

Secure Code Warrior Training Material

● Training

▪ Secure Code Warrior Insecure TLS Configuration Training

● Videos

▪ Secure Code Warrior Insecure TLS Configuration Video

ean · 2025-02-26T10:53:48Z

False positive, as this is localhost communication.

Our Mend setup is work in progress, and the plan is to suppress this specific item.

mend-for-garden.eu.org bot added the Mend: code security findings Code security findings detected by Mend label Feb 25, 2025

oyving assigned ean Feb 26, 2025

oyving added this to the soon milestone Feb 26, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Code Security Report: 1 total findings [master] #1025

Code Security Report: 1 total findings [master] #1025

mend-for-garden.eu.org bot commented Feb 25, 2025

ean commented Feb 26, 2025

Code Security Report: 1 total findings [master] #1025

Code Security Report: 1 total findings [master] #1025

Comments

mend-for-garden.eu.org bot commented Feb 25, 2025

Code Security Report

Scan Metadata

Finding Details

ean commented Feb 26, 2025