This repository was archived by the owner on Aug 25, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsemgrep_1-9.yaml
50 lines (50 loc) · 1.75 KB
/
semgrep_1-9.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
rules:
- id: flask-ssti
message: В связи с недостаточной санитизацией вводимого в шаблон значения возможно инъектирование атакующим конструкции, распознаваемой шаблонизатором Jinja в качестве валидной, что может привести к исполнению произвольного кода сервером.
languages: [python]
severity: WARNING
metadata:
cwe:
- "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"
category: security
technology:
- flask
patterns:
- pattern-either:
- pattern: |
$TEMPLATE = ... + $S
- pattern: |
$TEMPLATE = $S + ...
- pattern: |
$TEMPLATE = ... + $S + ...
- pattern: |
$TEMPLATE = "...".format($S)
- pattern: |
$TEMPLATE = "...".format(..., $S)
- pattern: |
$TEMPLATE = "...".format($S, ...)
- pattern: |
$TEMPLATE = "...".format(..., $S, ...)
- pattern: |
$TEMPLATE = "..." % $S
- pattern: |
$TEMPLATE = f"...{$S}..."
- pattern-either:
- pattern: |
...
render_template_string($TEMPLATE, ...)
- pattern: |
...
return render_template_string($TEMPLATE, ...)
- pattern: |
...
return render_template_string($TEMPLATE, ...), $ELSE
- pattern: |
...
flask.render_template_string($TEMPLATE, ...)
- pattern: |
...
return flask.render_template_string($TEMPLATE, ...)
- pattern: |
...
return flask.render_template_string($TEMPLATE, ...), $ELSE