The Python analyzer detects 5 additional security problems: JWT signature, CBC IV's randomness and more

Hello Python developers,

Our Python analyzer was upgraded to detect 5 additional security problems:

  • S5659: JWT should be signed and verified with strong cipher algorithms
  • S3329: Cipher Block Chaining IV’s should be random and unique
  • S2257: Using non-standard cryptographic algorithms is security-sensitive
  • S2612: Setting loose POSIX file permissions is security-sensitive
  • S3752: Allowing both safe and unsafe HTTP methods is security-sensitive

This is available now on SonarCloud and will come with SonarQube 8.8.

Alex

2 Likes