Security Scan Report

Service: eizen-central-server | Branch: vunerabilities-fix | Build: #10 | Date: 2026-02-05 19:27:44
0
Critical
0
High
5
Medium
9
Low
MEDIUM Bandit Possible binding to all interfaces.
/home/eizen-7/jenkins/workspace/new-scan/./src/config/env_constants.py:87
86 # Server Defaults 87 DEFAULT_SERVER_HOST = "0.0.0.0" 88 DEFAULT_SERVER_PORT = 8096
MEDIUM Bandit Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
/home/eizen-7/jenkins/workspace/new-scan/./src/eizen_license_validator/validator.py:157
156 ) 157 with urllib.request.urlopen(req, timeout=30) as response: 158 content = response.read().decode('utf-8')
MEDIUM Bandit Possible binding to all interfaces.
/home/eizen-7/jenkins/workspace/new-scan/./src/main.py:135
134 135 def run(self, host: str = "0.0.0.0", port: int = 8096) -> None: 136 """Run the streaming server."""
MEDIUM Bandit Possible binding to all interfaces.
/home/eizen-7/jenkins/workspace/new-scan/./src/main.py:331
330 'server': { 331 'host': os.getenv('SERVER_HOST', '0.0.0.0'), 332 'port': int(os.getenv('SERVER_PORT', '8096')),
MEDIUM Bandit Possible binding to all interfaces.
/home/eizen-7/jenkins/workspace/new-scan/./src/mlflow_server/start_mlflow_server.py:62
61 # Get configuration from environment with fallback defaults for development 62 DEFAULT_HOST = os.environ.get(ENV_MLFLOW_HOST, "0.0.0.0") 63 DEFAULT_PORT = int(os.environ.get(ENV_MLFLOW_PORT, "5000"))
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3096
requires login
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3349
requires login
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3358
requires login
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/converters.py:54
requires login
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/converters.py:58
requires login
LOW Semgrep Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/cachecontrol/_cmd.py:33
requires login
LOW Semgrep Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as i
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/nltk/parse/corenlp.py:31
requires login
LOW Semgrep Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead.
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/pip/_vendor/cachecontrol/_cmd.py:33
requires login
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/pydantic/v1/generics.py:400
requires login