· 4 years ago · Mar 30, 2021, 03:58 PM
1{"file": "CodeceptJS/lib/secret.js", "line": 0, "key": "file", "value": "CodeceptJS/lib/secret.js", "message": "secret file", "severity": "MAJOR"}
2{"file": "pyfailsafe/setup.cfg", "line": 0, "key": "file", "value": "pyfailsafe/setup.cfg", "message": "Generic configration file", "severity": "MINOR"}
3{"file": "airflow/airflow/contrib/example_dags/example_gcp_spanner.sql", "line": 0, "key": "file", "value": "airflow/airflow/contrib/example_dags/example_gcp_spanner.sql", "message": "SQL dump file", "severity": "MINOR"}
4{"file": "airflow/scripts/upstart/airflow-webserver.conf", "line": 0, "key": "file", "value": "airflow/scripts/upstart/airflow-webserver.conf", "message": "Generic configration file", "severity": "MINOR"}
5{"file": "airflow/scripts/ci/docker-compose.yml", "line": 34, "key": "POSTGRES_PASSWORD", "value": "airflow", "message": "Password", "severity": "CRITICAL"}
6{"file": "airflow/scripts/ci/docker-compose.yml", "line": 59, "key": "LDAP_ADMIN_PASSWORD", "value": "insecure", "message": "Password", "severity": "CRITICAL"}
7{"file": "airflow/scripts/ci/docker-compose.yml", "line": 60, "key": "LDAP_CONFIG_PASSWORD", "value": "insecure", "message": "Password", "severity": "CRITICAL"}
8{"file": "airflow/airflow/contrib/example_dags/example_gcp_sql_query.py", "line": 61, "key": "GCSQL_POSTGRES_PASSWORD", "value": "password", "message": "Password", "severity": "CRITICAL"}
9{"file": "airflow/airflow/contrib/example_dags/example_gcp_sql_query.py", "line": 0, "key": "GCSQL_POSTGRES_PASSWORD", "value": "GCSQL_POSTGRES_PASSWORDpassword", "message": "Password", "severity": "CRITICAL"}
10{"file": "airflow/scripts/ci/airflow_travis.cfg", "line": 0, "key": "file", "value": "airflow/scripts/ci/airflow_travis.cfg", "message": "Generic configration file", "severity": "MINOR"}
11{"file": "airflow/scripts/ci/airflow_travis.cfg", "line": 31, "key": "fernet_key", "value": "af7CN0q6ag5U3g08IsPsw3K45U7Xa0axgVFhoh-3zB8=", "message": "API key", "severity": "MAJOR"}
12{"file": "airflow/scripts/ci/airflow_travis.cfg", "line": 49, "key": "smtp_password", "value": "airflow", "message": "Password", "severity": "CRITICAL"}
13{"file": "airflow/setup.py", "line": 94, "key": "function", "value": "os.system('rm -vrf ./build ./dist ./*.pyc ./*.tgz ./*.egg-info')", "message": "Dangerous Function", "severity": "MAJOR"}
14{"file": "airflow/setup.py", "line": 114, "key": "function", "value": "subprocess.call('./airflow/www/compile_assets.sh')", "message": "Dangerous Function", "severity": "MAJOR"}
15{"file": "airflow/airflow/lineage/backend/atlas/__init__.py", "line": 0, "key": "_password", "value": "atlaspassword", "message": "Password", "severity": "CRITICAL"}
16{"file": "airflow/scripts/ci/openldap/slapd.conf", "line": 0, "key": "file", "value": "airflow/scripts/ci/openldap/slapd.conf", "message": "Generic configration file", "severity": "MINOR"}
17{"file": "airflow/scripts/upstart/airflow-flower.conf", "line": 0, "key": "file", "value": "airflow/scripts/upstart/airflow-flower.conf", "message": "Generic configration file", "severity": "MINOR"}
18{"file": "airflow/scripts/upstart/airflow-scheduler.conf", "line": 0, "key": "file", "value": "airflow/scripts/upstart/airflow-scheduler.conf", "message": "Generic configration file", "severity": "MINOR"}
19{"file": "airflow/tox.ini", "line": 0, "key": "file", "value": "airflow/tox.ini", "message": "Generic configration file", "severity": "MINOR"}
20{"file": "airflow/airflow/operators/bash_operator.py", "line": 0, "key": "function", "value": "Popen(['bash', tmp_file.name], stdout=PIPE, stderr=STDOUT, cwd=tmp_dir, env=env, preexec_fn=pre_exec)", "message": "Dangerous Function", "severity": "MAJOR"}
21{"file": "airflow/scripts/ci/krb5/krb5.conf", "line": 0, "key": "file", "value": "airflow/scripts/ci/krb5/krb5.conf", "message": "Generic configration file", "severity": "MINOR"}
22{"file": "airflow/airflow/operators/python_operator.py", "line": 0, "key": "function", "value": "subprocess.check_output(cmd, stderr=subprocess.STDOUT, close_fds=True)", "message": "Dangerous Function", "severity": "MAJOR"}
23{"file": "airflow/airflow/settings.py", "line": 0, "key": "file", "value": "airflow/airflow/settings.py", "message": "Django configuration file", "severity": "MAJOR"}
24{"file": "airflow/scripts/systemd/airflow.conf", "line": 0, "key": "file", "value": "airflow/scripts/systemd/airflow.conf", "message": "Generic configration file", "severity": "MINOR"}
25{"file": "airflow/airflow/task/task_runner/base_task_runner.py", "line": 72, "key": "function", "value": "subprocess.call(['sudo', 'chown', self.run_as_user, cfg_path], close_fds=True)", "message": "Dangerous Function", "severity": "MAJOR"}
26{"file": "airflow/airflow/task/task_runner/base_task_runner.py", "line": 173, "key": "function", "value": "subprocess.call(['sudo', 'rm', self._cfg_path], close_fds=True)", "message": "Dangerous Function", "severity": "MAJOR"}
27{"file": "airflow/scripts/ci/2-setup-kdc.sh", "line": 27, "key": "PASS", "value": "airflow", "message": "Password", "severity": "CRITICAL"}
28{"file": "airflow/airflow/config_templates/default_airflow.cfg", "line": 0, "key": "file", "value": "airflow/airflow/config_templates/default_airflow.cfg", "message": "Generic configration file", "severity": "MINOR"}
29{"file": "airflow/airflow/config_templates/default_airflow.cfg", "line": 543, "key": "bind_password", "value": "insecure", "message": "Password", "severity": "CRITICAL"}
30{"file": "airflow/airflow/utils/db.py", "line": 109, "key": "password", "value": "airflow", "message": "Password", "severity": "CRITICAL"}
31{"file": "airflow/airflow/utils/db.py", "line": 153, "key": "password", "value": "airflow", "message": "Password", "severity": "CRITICAL"}
32{"file": "airflow/scripts/upstart/airflow-worker.conf", "line": 0, "key": "file", "value": "airflow/scripts/upstart/airflow-worker.conf", "message": "Generic configration file", "severity": "MINOR"}
33{"file": "airflow/airflow/alembic.ini", "line": 0, "key": "file", "value": "airflow/airflow/alembic.ini", "message": "Generic configration file", "severity": "MINOR"}
34{"file": "airflow/airflow/kubernetes/secret.py", "line": 0, "key": "file", "value": "airflow/airflow/kubernetes/secret.py", "message": "secret file", "severity": "MAJOR"}
35{"file": "airflow/airflow/config_templates/default_test.cfg", "line": 0, "key": "file", "value": "airflow/airflow/config_templates/default_test.cfg", "message": "Generic configration file", "severity": "MINOR"}
36{"file": "airflow/airflow/config_templates/default_test.cfg", "line": 86, "key": "smtp_password", "value": "airflow", "message": "Password", "severity": "CRITICAL"}
37{"file": "airflow/setup.cfg", "line": 0, "key": "file", "value": "airflow/setup.cfg", "message": "Generic configration file", "severity": "MINOR"}
38{"file": "airflow/airflow/contrib/sensors/bash_sensor.py", "line": 0, "key": "function", "value": "Popen(['bash', fname], stdout=PIPE, stderr=STDOUT, close_fds=True, cwd=tmp_dir, env=self.env, preexec_fn=os.setsid)", "message": "Dangerous Function", "severity": "MAJOR"}
39{"file": "airflow/airflow/config_templates/airflow_local_settings.py", "line": 0, "key": "file", "value": "airflow/airflow/config_templates/airflow_local_settings.py", "message": "Django configuration file", "severity": "MAJOR"}
40{"file": "airflow/airflow/security/kerberos.py", "line": 83, "key": "function", "value": "subprocess.call(cmdv, close_fds=True)", "message": "Dangerous Function", "severity": "MAJOR"}
41{"file": "backpack-android/bpk-droid-local.ini", "line": 0, "key": "file", "value": "backpack-android/bpk-droid-local.ini", "message": "Generic configration file", "severity": "MINOR"}
42{"file": "backpack-android/bpk-droid.ini", "line": 0, "key": "file", "value": "backpack-android/bpk-droid.ini", "message": "Generic configration file", "severity": "MINOR"}
43{"file": "react-native/scripts/.tests.env", "line": 0, "key": "file", "value": "react-native/scripts/.tests.env", "message": "Environment configuration file", "severity": "MAJOR"}
44{"file": "react-native/packages/rn-tester/android/app/gradle.properties", "line": 6, "key": "MYAPP_RELEASE_STORE_PASSWORD", "value": "android", "message": "Password", "severity": "CRITICAL"}
45{"file": "react-native/packages/rn-tester/android/app/gradle.properties", "line": 7, "key": "MYAPP_RELEASE_KEY_PASSWORD", "value": "android", "message": "Password", "severity": "CRITICAL"}
46{"file": "react-native/ReactAndroid/src/main/java/com/facebook/react/views/textinput/ReactTextInputManager.java", "line": 110, "key": "KEYBOARD_TYPE_VISIBLE_PASSWORD", "value": "visible-password", "message": "Password", "severity": "CRITICAL"}
47{"file": "backpack-react-native/android/bpk-avd.ini", "line": 0, "key": "file", "value": "backpack-react-native/android/bpk-avd.ini", "message": "Generic configration file", "severity": "MINOR"}
48{"file": "backpack-react-native/android/keystores/debug.keystore.properties", "line": 4, "key": "key_store_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
49{"file": "backpack-react-native/android/keystores/debug.keystore.properties", "line": 3, "key": "key_alias_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
50{"file": "xcpretty/features/fixtures/xcodebuild.log", "line": 0, "key": "file", "value": "xcpretty/features/fixtures/xcodebuild.log", "message": "Log file", "severity": "MINOR"}
51{"file": "backpack-react-scripts/packages/react-scripts/fixtures/kitchensink/template/.env", "line": 0, "key": "file", "value": "backpack-react-scripts/packages/react-scripts/fixtures/kitchensink/template/.env", "message": "Environment configuration file", "severity": "MAJOR"}
52{"file": "whispers/setup.cfg", "line": 0, "key": "file", "value": "whispers/setup.cfg", "message": "Generic configration file", "severity": "MINOR"}
53{"file": "whispers/whispers/rules/secret.yml", "line": 0, "key": "file", "value": "whispers/whispers/rules/secret.yml", "message": "secret file", "severity": "MAJOR"}
54{"file": "whispers/whispers/rules/password.yml", "line": 0, "key": "file", "value": "whispers/whispers/rules/password.yml", "message": "password file", "severity": "MAJOR"}
55{"file": "AppAuth-Android/library/javatests/net/openid/appauth/TokenResponseTest.java", "line": 50, "key": "TEST_KEY_ACCESS_TOKEN", "value": "pAstudrU6axaw#Da355eseTu6ugufrev", "message": "API key", "severity": "MAJOR"}
56{"file": "AppAuth-Android/library/javatests/net/openid/appauth/ClientSecretBasicTest.java", "line": 1, "key": "secret", "value": "*-._0123456789abcdefghijklmnoprstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", "message": "Secret", "severity": "MINOR"}
57{"file": "AppAuth-Android/library/java/net/openid/appauth/TokenRequest.java", "line": 106, "key": "GRANT_TYPE_PASSWORD", "value": "password", "message": "Password", "severity": "CRITICAL"}
58{"file": "folium/docs/_themes/f6/theme.conf", "line": 0, "key": "file", "value": "folium/docs/_themes/f6/theme.conf", "message": "Generic configration file", "severity": "MINOR"}
59{"file": "folium/setup.cfg", "line": 0, "key": "file", "value": "folium/setup.cfg", "message": "Generic configration file", "severity": "MINOR"}
60{"file": "react-native-fast-image/react-native-fast-image-example-cocoapods/android/keystores/debug.keystore.properties", "line": 4, "key": "key_store_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
61{"file": "react-native-fast-image/react-native-fast-image-example-cocoapods/android/keystores/debug.keystore.properties", "line": 3, "key": "key_alias_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
62{"file": "react-native-fast-image/react-native-fast-image-example/android/keystores/debug.keystore.properties", "line": 4, "key": "key_store_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
63{"file": "react-native-fast-image/react-native-fast-image-example/android/keystores/debug.keystore.properties", "line": 3, "key": "key_alias_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
64{"file": "aiotask-context/setup.cfg", "line": 0, "key": "file", "value": "aiotask-context/setup.cfg", "message": "Generic configration file", "severity": "MINOR"}
65{"file": "aiotask-context/tox.ini", "line": 0, "key": "file", "value": "aiotask-context/tox.ini", "message": "Generic configration file", "severity": "MINOR"}
66{"file": "cfripper/cfripper/rules/hardcoded_RDS_password.py", "line": 0, "key": "file", "value": "cfripper/cfripper/rules/hardcoded_RDS_password.py", "message": "password file", "severity": "MAJOR"}
67{"file": "skyscanner-python-sdk/setup.cfg", "line": 0, "key": "file", "value": "skyscanner-python-sdk/setup.cfg", "message": "Generic configration file", "severity": "MINOR"}
68{"file": "skyscanner-python-sdk/tox.ini", "line": 0, "key": "file", "value": "skyscanner-python-sdk/tox.ini", "message": "Generic configration file", "severity": "MINOR"}
69{"file": "detox/examples/demo-react-native/android/keystores/debug.keystore.properties", "line": 4, "key": "key_store_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
70{"file": "detox/examples/demo-react-native/android/keystores/debug.keystore.properties", "line": 3, "key": "key_alias_password", "value": "android", "message": "Password", "severity": "CRITICAL"}
71{"file": "LambdaGuard/setup.cfg", "line": 0, "key": "file", "value": "LambdaGuard/setup.cfg", "message": "Generic configration file", "severity": "MINOR"}
72{"file": "LambdaGuard/setup.py", "line": 23, "key": "function", "value": "exec(code.read_text(), ret)", "message": "Dangerous Function", "severity": "MAJOR"}
73{"file": "hackameetup/ios/hackameetup/Stubs/livePrices.json", "line": 2, "key": "SessionKey", "value": "bf4d5fc452874e26a2cc286e27a03f5c_rrsqbjcb_06a13f0a788e803fcc56e78802891a26", "message": "API key", "severity": "MAJOR"}
74{"file": "hackameetup/ios/hackameetup/Stubs/pollLivePrices_cache.json", "line": 1, "key": "SessionKey", "value": "e6b634a0b0534dc7be98c314a70c7cc9_rrsqbjcb_06a13f0a788e803fcc56e78802891a26", "message": "API key", "severity": "MAJOR"}
75{"file": "argocd-progressive-rollout/hack/dev/secrets.yml", "line": 8, "key": "admin.password", "value": "JDJhJDEwJEguMGttLkpoV25IdFBUWmdraEZ3TC5vYS5pVWJrakxOeVMwVGY3UVZkaFN0eGZEMjBPdXhp", "message": "Password", "severity": "CRITICAL"}
76{"file": "argocd-progressive-rollout/hack/dev/secrets.yml", "line": 10, "key": "accounts.prc.password", "value": "JDJhJDEwJEguMGttLkpoV25IdFBUWmdraEZ3TC5vYS5pVWJrakxOeVMwVGY3UVZkaFN0eGZEMjBPdXhp", "message": "Password", "severity": "CRITICAL"}
77{"file": "argocd-progressive-rollout/hack/dev/secrets.yml", "line": 12, "key": "server.secretkey", "value": "WW93MUpTd1crOEtTa3hJZDM3TTY2bEJVYW5ZMndRVEVMQ0JiZjRwc2hTQT0=", "message": "API key", "severity": "MAJOR"}
78{"file": "argocd-progressive-rollout/hack/dev/control-plane.yml", "line": 15, "key": "server", "value": "aHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3Zj", "message": "AWS Secret Access Key", "severity": "BLOCKER"}
79{"file": "argocd-progressive-rollout/hack/dev-functions.sh", "line": 85, "key": "ARGOCD_PASSWORD", "value": "prc", "message": "Password", "severity": "CRITICAL"}
80{"file": "backpack-docs/docs/src/components/Analytics/AnalyticsContainer.js", "line": 28, "key": "STORAGE_KEY", "value": "BPK_DOCS_accept-cookies", "message": "API key", "severity": "MAJOR"}
81{"file": "backpack-docs/docs/src/components/Analytics/AnalyticsContainer.test.js", "line": 37, "key": "storageKey", "value": "BPK_DOCS_accept-cookies", "message": "API key", "severity": "MAJOR"}
82{"file": "sonar-secrets/java/src/main/java/org/sonar/skyscanner/java/MyJavaRulesDefinition.java", "line": 42, "key": "REPOSITORY_KEY", "value": "sonar-secrets-java", "message": "API key", "severity": "MAJOR"}