DryRunSecurity / Sensitive Files Analyzer
succeeded
Mar 10, 2024 in 0s
Details
Potentially Sensitive Files: 10 detected
⚠️ Sensitive File dojo/reports/views.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file potentially contains views for reports, which might include sensitive data. |
| Filename |
dojo/reports/views.py |
| Code Link |
|
⚠️ Sensitive File dojo/tools/checkmarx/parser.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is used for parsing, which could potentially lead to security vulnerabilities. |
| Filename |
dojo/tools/checkmarx/parser.py |
| Code Link |
|
⚠️ Sensitive File helm/defectdojo/Chart.yaml (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is used for configuration, which could potentially impact security. |
| Filename |
helm/defectdojo/Chart.yaml |
| Code Link |
|
⚠️ Sensitive File requirements-lint.txt (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file lists the dependencies for the project, changes to which could introduce security vulnerabilities. |
| Filename |
requirements-lint.txt |
| Code Link |
|
⚠️ Sensitive File unittests/test_jira_config_engagement.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file tests the configuration for engagement with Jira, changes to which could impact security. |
| Filename |
unittests/test_jira_config_engagement.py |
| Code Link |
|
from django.urls import reverse |
|
⚠️ Sensitive File unittests/test_jira_config_engagement_epic.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file tests the configuration for engagement with Jira, changes to which could impact security. |
| Filename |
unittests/test_jira_config_engagement_epic.py |
| Code Link |
|
from .test_jira_config_engagement import JIRAConfigEngagementBase |
|
⚠️ Sensitive File components/package.json (click for details)
|
|
| Type |
Sensitive File |
| Description |
A change in this file may indicate an addition of a library/dependency which could introduce additional risk to the application either through vulnerable code, expansion of the application's attack surface via additional routes, or malicious code. |
| Filename |
components/package.json |
| Code Link |
|
⚠️ Sensitive File components/yarn.lock (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is a version file where dependencies libraries are versioned and controlled, changes may lead to introducing malicious versions of existing safe libraries through the introduction of harmful code. |
| Filename |
components/yarn.lock |
| Code Link |
|
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. |
|
⚠️ Sensitive File dojo/models.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is used to control access to database records, which could include changes to how authentication or authorization occur. |
| Filename |
dojo/models.py |
| Code Link |
|
⚠️ Sensitive File dojo/reports/urls.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
When a urls.py file is changed it often means that their have been changes to HTTP routes or endpoints in your Django application. As such, this changes the attack surface of the application and is a marker for risk. |
| Filename |
dojo/reports/urls.py |
| Code Link |
|
from django.urls import re_path |
|