Security Scan Report

Service: eizen-utils | Branch: feature/vulnerability-fixes | Build: #21 | Date: 2026-02-09 14:49:34
1
Critical
9
High
8
Medium
51
Low

LLM Verification Summary

Model: qwen3:14b | Verified: 30/69
TRUE Positives: 4 FALSE Positives: 6 Needs Review: 20
CRITICAL OWASP-DC CVE-2019-20478: In ruamel.yaml through 0.16.7, the load method allows remote code execution if the a NOT VERIFIED
pkg:pypi/ruamel.yaml.clib@0.2.14:0 CVE-2019-20478 | CVSS: 9.8 | CWE-NVD-CWE-noinfo
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unawa
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2019-14751: NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attack NOT VERIFIED
pkg:pypi/nltk:0 CVE-2019-14751 | CVSS: 7.5 | CWE-22
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during ex
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2021-3828: nltk is vulnerable to Inefficient Regular Expression Complexity NOT VERIFIED
pkg:pypi/nltk:0 CVE-2021-3828 | CVSS: 7.5 | CWE-697
nltk is vulnerable to Inefficient Regular Expression Complexity
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2021-3842: nltk is vulnerable to Inefficient Regular Expression Complexity NOT VERIFIED
pkg:pypi/nltk:0 CVE-2021-3842 | CVSS: 7.5 | CWE-1333
nltk is vulnerable to Inefficient Regular Expression Complexity
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2021-43854: NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, NOT VERIFIED
pkg:pypi/nltk:0 CVE-2021-43854 | CVSS: 7.5 | CWE-400
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Versions prior to 3.6.5 are vulne
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-3064: Parsing malicious or large YAML documents can consume excessive amounts of CPU or mem NOT VERIFIED
pkg:pypi/ruamel.yaml.clib@0.2.14:0 CVE-2022-3064 | CVSS: 7.5 | CWE-400
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-3064: Parsing malicious or large YAML documents can consume excessive amounts of CPU or mem NOT VERIFIED
pkg:pypi/ruamel.yaml@0.19.1:0 CVE-2022-3064 | CVSS: 7.5 | CWE-400
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2022-3064: Parsing malicious or large YAML documents can consume excessive amounts of CPU or mem NOT VERIFIED
pkg:pypi/yaml:0 CVE-2022-3064 | CVSS: 7.5 | CWE-400
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-45770: jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disp NOT VERIFIED
pkg:pypi/pyjwt@2.11.0:0 CVE-2025-45770 | CVSS: 7.0 | CWE-326
jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is su
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
HIGH OWASP-DC CVE-2025-45770: jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disp NOT VERIFIED
pkg:pypi/jwt:0 CVE-2025-45770 | CVSS: 7.0 | CWE-326
jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is su
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM Bandit Possible binding to all interfaces. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/./dms_utils/src/api/api.py:66
65 import uvicorn 66 uvicorn.run(app, host="0.0.0.0", port=8000)
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
MEDIUM Bandit Call to requests without timeout TRUE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/./dms_utils/src/service_utils/antz_server_utils.py:51
50 files = [('files[]', (file_name, file_obj, 'image/png'))] 51 response = requests.post(self.server_url, headers=headers, data=payload, files=files) 52
LLM Analysis: LLM indicated true positive
Recommendation: Fix the vulnerability
MEDIUM Bandit Call to requests without timeout TRUE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/./dms_utils/src/service_utils/antz_server_utils.py:108
107 try: 108 response = requests.get(file_url, stream=True) 109 response.raise_for_status()
LLM Analysis: The absence of a timeout parameter in requests.get allows potential DoS attacks by hanging indefinitely on unresponsive servers. No timeout is explicitly set in the code snippet.
Recommendation: Add a timeout parameter (e.g., timeout=10) to the requests.get call to mitigate resource exhaustion risks.
MEDIUM Bandit Call to requests without timeout TRUE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/./dms_utils/src/service_utils/eizen_dms_utils.py:67
66 files = [('file', (file_name, f, 'application/octet-stream'))] 67 response = requests.post(url, headers=headers, data=payload, files=files) 68
LLM Analysis: LLM indicated true positive
Recommendation: Fix the vulnerability
MEDIUM Bandit Call to requests without timeout TRUE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/./dms_utils/src/service_utils/eizen_dms_utils.py:119
118 try: 119 response = requests.delete(url, headers=headers) 120 response.raise_for_status()
LLM Analysis: The absence of a timeout in HTTP requests can lead to denial-of-service vulnerabilities if the server is unresponsive. The requests library's default behavior is to wait indefinitely, which is a known security risk.
Recommendation: Add a timeout parameter to the requests.delete call, e.g., timeout=(5, 30) for connect and read timeouts.
MEDIUM OWASP-DC CVE-2021-4235: Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system NOT VERIFIED
pkg:pypi/ruamel.yaml.clib@0.2.14:0 CVE-2021-4235 | CVSS: 5.5 | CWE-NVD-CWE-noinfo
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-4235: Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system NOT VERIFIED
pkg:pypi/ruamel.yaml@0.19.1:0 CVE-2021-4235 | CVSS: 5.5 | CWE-NVD-CWE-noinfo
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
MEDIUM OWASP-DC CVE-2021-4235: Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system NOT VERIFIED
pkg:pypi/yaml:0 CVE-2021-4235 | CVSS: 5.5 | CWE-NVD-CWE-noinfo
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3096
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3349
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/_make.py:3358
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/converters.py:54
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/attr/converters.py:58
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/cachecontrol/_cmd.py:33
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as i NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/nltk/parse/corenlp.py:31
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:107
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:123
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:137
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:161
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:175
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:191
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:204
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:227
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:243
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:260
requires login
LLM Analysis: The code snippet shows only a comment ('requires login') without actual authentication implementation. Flask endpoints require explicit decorators (e.g., @login_required) for authentication, which are absent here. The tool likely misinterpreted a comment as a vulnerability.
Recommendation: Verify if the actual code enforces authentication via Flask's security decorators. Adjust Semgrep rules to avoid flagging comments as vulnerabilities.
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:276
requires login
LLM Analysis: LLM indicated false positive
Recommendation: Review manually
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:292
requires login
LLM Analysis: The code snippet shows only a comment ('requires login') without actual authentication implementation. Flask endpoints typically use decorators like @login_required for authentication, which are not present here. The tool likely misinterpreted a comment as a missing security control.
Recommendation: Verify if the actual code enforces authentication via proper Flask decorators or logic. Adjust Semgrep rules to avoid flagging comments as vulnerabilities.
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:309
requires login
LLM Analysis: The code snippet shows only a comment ('requires login') without actual authentication implementation. Flask endpoints typically use decorators like @login_required for authentication, which are not present here. The tool may have misinterpreted a comment as a missing security control.
Recommendation: Review the tool's rule configuration to avoid flagging comments as vulnerabilities. Ensure actual authentication decorators are implemented if required.
LOW Semgrep Flask endpoint - verify authentication is properly configured. FALSE POSITIVE
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:319
requires login
LLM Analysis: The code snippet shows a comment ('requires login') rather than actual authentication logic. Flask endpoints typically use decorators like @login_required for authentication, which are not present here. The tool may have misinterpreted a comment as a vulnerability.
Recommendation: Verify if the actual route handler implements authentication (e.g., using Flask-Login decorators). Adjust Semgrep rules to avoid flagging comments as vulnerabilities.
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:340
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:354
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:368
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NEEDS REVIEW
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:388
requires login
LLM Analysis: LLM verification inconclusive
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:410
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:424
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:438
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:446
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:460
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:488
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:502
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:519
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:537
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:581
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:607
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/purl2url.py:650
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:126
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:222
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:263
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:281
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:313
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:343
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:404
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:459
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:498
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:608
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:670
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Flask endpoint - verify authentication is properly configured. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/packageurl/contrib/url2purl.py:755
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Detected a request using 'http://'. This request will be unencrypted. Use 'https://' instead. NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/pip/_vendor/cachecontrol/_cmd.py:33
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required
LOW Semgrep Annotations passed to `typing.get_type_hints` are evaluated in `globals` and `locals` namespaces. Ma NOT VERIFIED
/home/eizen-7/jenkins/workspace/new-scan/.sast-venv/lib/python3.12/site-packages/pydantic/v1/generics.py:400
requires login
LLM Analysis: Not processed due to limit
Recommendation: Manual review required