SAST-PR #5
SAST-PR #5
Conversation
![prisma-cloud-devsecops[bot]](https://avatars.githubusercontent.com/in/135857?s=60&v=4){kind=small}
| # "User1":{"userid":"1", "username":"User1", "password": "Hash1"}, | ||
| # "User2":{"userid":"2", "username":"User2", "password": "Hash2"}, | ||
| # "User3":{"userid":"3", "username":"User3", "password": "Hash3"}, | ||
| # "User4":{"userid":"4", "username":"User4", "password": "Hash4"} |
There was a problem hiding this comment.
Random High Entropy String detected in code
Resource: 2040f60a486b2b058ec8f4b283a7f8322ce94cf8 | Checkov ID: CKV_SECRET_80
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string. Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters. Strings with a high entropy score are flagged as suspected secrets.
| # "User1":{"userid":"1", "username":"User1", "password": "Hash1"}, | ||
| # "User2":{"userid":"2", "username":"User2", "password": "Hash2"}, | ||
| # "User3":{"userid":"3", "username":"User3", "password": "Hash3"}, | ||
| # "User4":{"userid":"4", "username":"User4", "password": "Hash4"} |
There was a problem hiding this comment.
Random High Entropy String detected in code
Resource: 1b9a055ac10c19a8087181bab3d225c4f316c1d8 | Checkov ID: CKV_SECRET_80
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string. Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters. Strings with a high entropy score are flagged as suspected secrets.
| # USER_A7_LAB3 = { | ||
| # "User1":{"userid":"1", "username":"User1", "password": "Hash1"}, | ||
| # "User2":{"userid":"2", "username":"User2", "password": "Hash2"}, | ||
| # "User3":{"userid":"3", "username":"User3", "password": "Hash3"}, |
There was a problem hiding this comment.
Random High Entropy String detected in code
Resource: eea68dad131f47da001e11eb8671aff2f6c3d3f6 | Checkov ID: CKV_SECRET_80
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string. Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters. Strings with a high entropy score are flagged as suspected secrets.
| # USER_A7_LAB3 = { | ||
| # "User1":{"userid":"1", "username":"User1", "password": "Hash1"}, | ||
| # "User2":{"userid":"2", "username":"User2", "password": "Hash2"}, | ||
| # "User3":{"userid":"3", "username":"User3", "password": "Hash3"}, |
There was a problem hiding this comment.
Random High Entropy String detected in code
Resource: 416641961b1f3f90ff90e10aa6e20852778a5720 | Checkov ID: CKV_SECRET_80
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string. Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters. Strings with a high entropy score are flagged as suspected secrets.
|
|
||
| # USER_A7_LAB3 = { | ||
| # "User1":{"userid":"1", "username":"User1", "password": "Hash1"}, | ||
| # "User2":{"userid":"2", "username":"User2", "password": "Hash2"}, |
There was a problem hiding this comment.
Random High Entropy String detected in code
Resource: e54cf7cfa9b9e07b843808a4302615a95620dd4d | Checkov ID: CKV_SECRET_80
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string. Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters. Strings with a high entropy score are flagged as suspected secrets.
| ## Hardcoed user table for demonstration purpose only | ||
| USER_A7_LAB3 = { | ||
| "User1":{"userid":"1", "username":"User1", "password": "491a2800b80719ea9e3c89ca5472a8bda1bdd1533d4574ea5bd85b70a8e93be0"}, | ||
| "User2":{"userid":"2", "username":"User2", "password": "c577e95bf729b94c30a878d01155693a9cdddafbb2fe0d52143027474ecb91bc"}, |
There was a problem hiding this comment.
Base64 High Entropy String detected in code
Resource: 535b2d8fe6ebaa54cd567537e9b5f6916c75d983 | Checkov ID: CKV_SECRET_6
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string.
Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters.
Strings with a high entropy score are flagged as suspected secrets.
|
|
||
| ## Hardcoed user table for demonstration purpose only | ||
| USER_A7_LAB3 = { | ||
| "User1":{"userid":"1", "username":"User1", "password": "491a2800b80719ea9e3c89ca5472a8bda1bdd1533d4574ea5bd85b70a8e93be0"}, |
There was a problem hiding this comment.
Base64 High Entropy String detected in code
Resource: 1e259d43e353c9998a77795255906beda9cef624 | Checkov ID: CKV_SECRET_6
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string.
Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters.
Strings with a high entropy score are flagged as suspected secrets.
| sql_instance.save() | ||
| sql_instance = sql_lab_table(id="slinky", password="b4f945433ea4c369c12741f62a23ccc0") | ||
| sql_instance.save() | ||
| sql_instance = sql_lab_table(id="bloke", password="f8d1ce191319ea8f4d1d26e65e130dd5") |
There was a problem hiding this comment.
Base64 High Entropy String detected in code
Resource: 8754fc76ffad567a88f99aaeb311d427d83b0401 | Checkov ID: CKV_SECRET_6
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string.
Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters.
Strings with a high entropy score are flagged as suspected secrets.
| sql_instance.save() | ||
| sql_instance = sql_lab_table(id="jack", password="jack") | ||
| sql_instance.save() | ||
| sql_instance = sql_lab_table(id="slinky", password="b4f945433ea4c369c12741f62a23ccc0") |
There was a problem hiding this comment.
Base64 High Entropy String detected in code
Resource: 0f14a786480ab2f90352e6a801ac27a7fbf1e393 | Checkov ID: CKV_SECRET_6
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string.
Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters.
Strings with a high entropy score are flagged as suspected secrets.
| if name: | ||
| sql_query = "SELECT * FROM introduction_sql_lab_table WHERE id='"+name+"'AND password='"+password+"'" | ||
|
|
||
| sql_instance = sql_lab_table(id="admin", password="65079b006e85a7e798abecb99e47c154") |
There was a problem hiding this comment.
Base64 High Entropy String detected in code
Resource: f6fc23cfa63a00a45237a14a8d9e99f2749eb584 | Checkov ID: CKV_SECRET_6
Description
Entropy checks help detect unstructured secrets by measuring the entropy level of a single string.
Entropy is a concept used to assign a numerical score to how unpredictable a password is or the likelihood of highly random data in a string of characters.
Strings with a high entropy score are flagged as suspected secrets.
No description provided.