Security Scan Report

Service: eizen-face-auth | Branch: v1.0 | Build: #20 | Date: 2026-02-09 14:42:28
10
Critical
33
High
32
Medium
54
Low

LLM Verification Summary

Model: qwen3:14b | Verified: 30/129
TRUE Positives: 1 FALSE Positives: 10 Needs Review: 19
CRITICAL OWASP-DC CVE-2025-53644: OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an NOT VERIFIED
pkg:pypi/opencv-python-headless@4.11.0.86:0 CVE-2025-53644 | CVSS: 9.8 | CWE-457
OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG imag
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2025-53644: OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an NOT VERIFIED
pkg:pypi/opencv-python@4.11.0.86:0 CVE-2025-53644 | CVSS: 9.8 | CWE-457
OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG imag
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2007-4559: Directory traversal vulnerability in the (1) extract and (2) extractall functions in NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2007-4559 | CVSS: 9.8 | CWE-22
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot)
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2016-5636: Integer overflow in the get_data function in zipimport.c in CPython (aka Python) befo NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2016-5636 | CVSS: 9.8 | CWE-190
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negati
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2017-1000158: CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PySt NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2017-1000158 | CVSS: 9.8 | CWE-190
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code exe
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2022-48565: An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plist NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2022-48565 | CVSS: 9.8 | CWE-611
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2019-20478: In ruamel.yaml through 0.16.7, the load method allows remote code execution if the a NOT VERIFIED
pkg:pypi/ruamel.yaml.clib@0.2.14:0 CVE-2019-20478 | CVSS: 9.8 | CWE-NVD-CWE-noinfo
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unawa
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2023-30859: Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your NOT VERIFIED
pkg:pypi/triton@3.4.0:0 CVE-2023-30859 | CVSS: 9.8 | CWE-419
Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands on the spigot/bukkit console. When you en
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2008-1887: Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-1887 | CVSS: 9.3 | CWE-120
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, w
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
CRITICAL OWASP-DC CVE-2025-13836: When reading an HTTP response from a server, if no read amount is specified, the def NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2025-13836 | CVSS: 9.1 | CWE-125
When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amount
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2017-17522: Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2017-17522 | CVSS: 8.8 | CWE-74
Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-i
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2019-13404: The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 d NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2019-13404 | CVSS: 7.8 | CWE-552
The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases bef
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2024-9287: A vulnerability has been found in the CPython `venv` module and CLI where path names NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2024-9287 | CVSS: 7.8 | CWE-77
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-69223: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Vers NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69223 | CVSS: 7.5 | CWE-409
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be ab
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-69227: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Vers NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69227 | CVSS: 7.5 | CWE-835
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS at
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-69228: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Vers NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69228 | CVSS: 7.5 | CWE-770
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrol
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-69229: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In v NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69229 | CVSS: 7.5 | CWE-770
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a l
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2019-14751: NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attack NOT VERIFIED
pkg:pypi/nltk:0 CVE-2019-14751 | CVSS: 7.5 | CWE-22
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during ex
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2021-3828: nltk is vulnerable to Inefficient Regular Expression Complexity NOT VERIFIED
pkg:pypi/nltk:0 CVE-2021-3828 | CVSS: 7.5 | CWE-697
nltk is vulnerable to Inefficient Regular Expression Complexity
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2021-3842: nltk is vulnerable to Inefficient Regular Expression Complexity NOT VERIFIED
pkg:pypi/nltk:0 CVE-2021-3842 | CVSS: 7.5 | CWE-1333
nltk is vulnerable to Inefficient Regular Expression Complexity
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2021-43854: NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, NOT VERIFIED
pkg:pypi/nltk:0 CVE-2021-43854 | CVSS: 7.5 | CWE-400
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulne
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2005-0089: The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2005-0089 | CVSS: 7.5 | CWE-NVD-CWE-Other
The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, all
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2006-4980: Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2006-4980 | CVSS: 7.5 | CWE-NVD-CWE-Other
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide char
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2008-2315: Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attack NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-2315 | CVSS: 7.5 | CWE-190
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4)
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2008-2316: Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-2316 | CVSS: 7.5 | CWE-189
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of dat
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2008-3142: Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow contex NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-3142 | CVSS: 7.5 | CWE-120
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2008-3143: Multiple integer overflows in Python before 2.5.2 might allow context-dependent attac NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-3143 | CVSS: 7.5 | CWE-190
Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodu
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2018-1061: python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to c NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2018-1061 | CVSS: 7.5 | CWE-20
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of se
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2019-16056: An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3 NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2019-16056 | CVSS: 7.5 | CWE-NVD-CWE-noinfo
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. A
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-0391: A flaw was found in Python, specifically within the urllib.parse module. This module NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2022-0391 | CVSS: 7.5 | CWE-74
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-45061: An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2022-45061 | CVSS: 7.5 | CWE-407
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably lon
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-48560: A use-after-free exists in Python through 3.9 via heappushpop in heapq. NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2022-48560 | CVSS: 7.5 | CWE-416
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2023-24329: An issue in the urllib.parse component of Python before 3.11.4 allows attackers to b NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2023-24329 | CVSS: 7.5 | CWE-20
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2023-36632: The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2023-36632 | CVSS: 7.5 | CWE-674
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2024-6232: There is a MEDIUM severity vulnerability affecting CPython. Regular expressions NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2024-6232 | CVSS: 7.5 | CWE-1333
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2024-7592: There is a LOW severity vulnerability affecting CPython, specifically the 'http.cooki NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2024-7592 | CVSS: 7.5 | CWE-400
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-3064: Parsing malicious or large YAML documents can consume excessive amounts of CPU or mem NOT VERIFIED
pkg:pypi/ruamel.yaml.clib@0.2.14:0 CVE-2022-3064 | CVSS: 7.5 | CWE-400
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-3064: Parsing malicious or large YAML documents can consume excessive amounts of CPU or mem NOT VERIFIED
pkg:pypi/ruamel.yaml@0.19.1:0 CVE-2022-3064 | CVSS: 7.5 | CWE-400
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-3064: Parsing malicious or large YAML documents can consume excessive amounts of CPU or mem NOT VERIFIED
pkg:pypi/yaml:0 CVE-2022-3064 | CVSS: 7.5 | CWE-400
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2015-5652: Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2015-5652 | CVSS: 7.2 | CWE-NVD-CWE-Other
Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE:
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-45770: jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disp NOT VERIFIED
pkg:pypi/pyjwt@2.11.0:0 CVE-2025-45770 | CVSS: 7.0 | CWE-326
jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is su
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-45770: jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disp NOT VERIFIED
pkg:pypi/jwt:0 CVE-2025-45770 | CVSS: 7.0 | CWE-326
jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is su
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-26488: In Python before 3.10.3 on Windows, local users can gain privileges because the sear NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2022-26488 | CVSS: 7.0 | CWE-426
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the sy
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM Bandit Possible binding to all interfaces. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/./main.py:130
129 "main:app", 130 host=os.getenv("API_HOST", "0.0.0.0"), 131 port=int(os.getenv("API_PORT", 8777)),
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2008-5983: Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 a NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-5983 | CVSS: 6.9 | CWE-426
Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not co
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2008-1679: Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependen NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-1679 | CVSS: 6.8 | CWE-190
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigge
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-69224: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Vers NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69224 | CVSS: 6.5 | CWE-444
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2016-0772: The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5. NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2016-0772 | CVSS: 6.5 | CWE-693
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypas
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2017-18207: The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does n NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2017-18207 | CVSS: 6.5 | CWE-369
The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-3733: There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2021-3733 | CVSS: 6.5 | CWE-400
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression De
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2022-48564: read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS at NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2022-48564 | CVSS: 6.5 | CWE-400
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2014-7185: Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent at NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2014-7185 | CVSS: 6.4 | CWE-189
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2016-5699: CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2016-5699 | CVSS: 6.1 | CWE-113
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2013-7440: The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3 NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2013-7440 | CVSS: 5.9 | CWE-19
The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof server
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-23336: The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, f NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2021-23336 | CVSS: 5.9 | CWE-444
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2022-48566: An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Co NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2022-48566 | CVSS: 5.9 | CWE-362
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2007-4965: Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow co NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2007-4965 | CVSS: 5.8 | CWE-190
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive informatio
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-3426: There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2021-3426 | CVSS: 5.7 | CWE-22
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to discl
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-13837: When loading a plist file, the plistlib module reads data in size specified by the f NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2025-13837 | CVSS: 5.5 | CWE-400
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-6075: If the value passed to os.path.expandvars() is user-controlled a performance degrada NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2025-6075 | CVSS: 5.5 | CWE-400
If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-4235: Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system NOT VERIFIED
pkg:pypi/ruamel.yaml.clib@0.2.14:0 CVE-2021-4235 | CVSS: 5.5 | CWE-NVD-CWE-noinfo
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-4235: Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system NOT VERIFIED
pkg:pypi/ruamel.yaml@0.19.1:0 CVE-2021-4235 | CVSS: 5.5 | CWE-NVD-CWE-noinfo
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-4235: Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system NOT VERIFIED
pkg:pypi/yaml:0 CVE-2021-4235 | CVSS: 5.5 | CWE-NVD-CWE-noinfo
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-69226: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Vers NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69226 | CVSS: 5.3 | CWE-22
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path nor
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-69225: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Vers NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69225 | CVSS: 5.3 | CWE-444
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-69230: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In v NOT VERIFIED
pkg:pypi/aiohttp@3.13.2:0 CVE-2025-69230 | CVSS: 5.3 | CWE-779
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-12084: When building nested elements using xml.dom.minidom methods such as appendChild() th NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2025-12084 | CVSS: 5.3 | CWE-407
When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building exc
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2025-12781: When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2025-12781 | CVSS: 5.3 | CWE-704
When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars"
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2023-27043: The email module of Python through 3.11.3 incorrectly parses e-mail addresses that c NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2023-27043 | CVSS: 5.3 | CWE-20
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In s
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2023-40217: An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2023-40217 | CVSS: 5.3 | CWE-NVD-CWE-noinfo
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentic
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2008-3144: Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in P NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2008-3144 | CVSS: 5.0 | CWE-190
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2010-3492: The asyncore module in Python before 3.2 does not properly handle unsuccessful calls NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2010-3492 | CVSS: 5.0 | CWE-NVD-CWE-Other
The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should hand
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2012-0845: SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7. NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2012-0845 | CVSS: 5.0 | CWE-399
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2012-1150: Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 com NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2012-1150 | CVSS: 5.0 | CWE-310
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-depe
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2002-1119: os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predi NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2002-1119 | CVSS: 4.6 | CWE-NVD-CWE-Other
os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3096
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3349
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3358
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/converters.py:54
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/converters.py:58
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/cachecontrol/_cmd.py:33
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as i NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/nltk/parse/corenlp.py:31
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:107
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:123
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:137
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:161
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:175
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:191
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:204
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:227
requires login
LLM Analysis: The code snippet shows only a comment ('requires login') without any actual authentication implementation. Flask endpoints require explicit authentication checks (e.g., @login_required decorator), but the tool incorrectly flags a comment as a vulnerability. No exploitable code is present.
Recommendation: Verify if the actual code enforces authentication. If the comment is the only indicator, adjust Semgrep rules to avoid flagging comments as vulnerabilities.
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:243
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:260
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:276
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:292
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:309
requires login
LLM Analysis: The code snippet shows only a comment ('requires login') without actual authentication implementation. Flask endpoints typically use decorators like @login_required for authentication, which are not present here. The tool likely misinterpreted a comment as a missing security control.
Recommendation: Verify if the actual code enforces authentication via proper Flask decorators or logic. Adjust Semgrep rules to avoid flagging comments as vulnerabilities.
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:319
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:340
requires login
LLM Analysis: The code snippet shows only a comment ('requires login') without actual authentication implementation. Flask endpoints typically use decorators like @login_required for authentication, which are not present here. The tool may have misinterpreted a comment as a missing security check.
Recommendation: Verify if the actual code implements authentication (e.g., via decorators or manual checks). If the line is merely a comment, update the tool's rule to ignore such placeholders.
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:354
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:368
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:388
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:410
requires login
LLM Analysis: The code snippet shows only a comment ('requires login') without actual Flask route code or authentication logic. The finding likely misinterprets a comment as an endpoint implementation.
Recommendation: Verify if the actual Flask route code exists in this file and check for proper authentication decorators (e.g., @login_required).
LOW Semgrep Flask endpoint - verify authentication is properly configured. TRUE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:424
requires login
LLM Analysis: The code snippet indicates a missing authentication check for a Flask endpoint. The presence of a 'requires login' comment without corresponding authentication logic (e.g., @login_required decorator) suggests a misconfigured endpoint.
Recommendation: Implement proper authentication mechanisms (e.g., Flask-Login decorator) for the endpoint.
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:438
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:446
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:460
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:488
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:502
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:519
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:537
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:581
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:607
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:650
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:126
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:222
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:263
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:281
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:313
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:343
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:404
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:459
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:498
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:608
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:670
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:755
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/pip/_vendor/cachecontrol/_cmd.py:33
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/pydantic/v1/generics.py:400
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW OWASP-DC CVE-2006-1542: Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 un NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2006-1542 | CVSS: 3.7 | CWE-NVD-CWE-Other
Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by run
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW OWASP-DC CVE-2018-1000030: Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After- NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2018-1000030 | CVSS: 3.6 | CWE-787
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be v
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW OWASP-DC CVE-2011-4940: The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python NOT VERIFIED
pkg:pypi/packageurl-python@0.17.6:0 CVE-2011-4940 | CVSS: 2.6 | CWE-79
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Ty
LLM Analysis: Not processed due to limit
Recommendation: Manual review required