semgrep_id:bandit.B311:531:531

{
  "id": "182c4749eaa4592c25d754671116adced75e4efd211df62bdd3ecc308630dc38",
  "category": "sast",
  "name": "Use of insufficiently random values",
  "description": "Depending on the context, generating weak random numbers may expose cryptographic functions,\nwhich rely on these numbers, to be exploitable. When generating numbers for sensitive values\nsuch as tokens, nonces, and cryptographic keys, it is recommended that the `secrets` module\nbe used instead.\n\nExample using the secrets module:\n```\nimport secrets\n\n# Generate a secure random 64 byte array\nrandom_bytes = secrets.token_bytes(64)\nprint(random_bytes)\n\n# Generate a secure random 64 byte array as a hex string\nrandom_bytes_hex = secrets.token_hex(64)\n\n# Generate a secure random 64 byte array base64 encoded for use in URLs\nrandom_string = secrets.token_urlsafe(64)\n```\n\nFor more information on the `secrets` module see:\n- https://docs.python.org/3/library/secrets.html\n",
  "cve": "semgrep_id:bandit.B311:531:531",
  "severity": "Medium",
  "scanner": {
    "id": "semgrep",
    "name": "Semgrep"
  },
  "location": {
    "file": "mytoninstaller/settings.py",
    "start_line": 531
  },
  "identifiers": [
    {
      "type": "semgrep_id",
      "name": "bandit.B311",
      "value": "bandit.B311",
      "url": "https://semgrep.dev/r/gitlab.bandit.B311"
    },
    {
      "type": "cwe",
      "name": "CWE-330",
      "value": "330",
      "url": "https://cwe.mitre.org/data/definitions/330.html"
    },
    {
      "type": "owasp",
      "name": "A02:2021 - Cryptographic Failures",
      "value": "A02:2021"
    },
    {
      "type": "owasp",
      "name": "A3:2017 - Sensitive Data Exposure",
      "value": "A3:2017"
    },
    {
      "type": "bandit_test_id",
      "name": "Bandit Test ID B311",
      "value": "B311"
    }
  ]
}