DryRunSecurity / Sensitive Files Analyzer
succeeded
Mar 20, 2024 in 0s
Details
Potentially Sensitive Files: 12 detected
⚠️ Sensitive File docs/package-lock.json (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is used to control and version dependencies, changes to it can introduce vulnerable or malicious code. |
| Filename |
docs/package-lock.json |
| Code Link |
|
⚠️ Sensitive File docs/package.json (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is used to control and version dependencies, changes to it can introduce vulnerable or malicious code. |
| Filename |
docs/package.json |
| Code Link |
|
⚠️ Sensitive File dojo/models.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is used to control access to database records, changes to it could impact security. |
| Filename |
dojo/models.py |
| Code Link |
|
⚠️ Sensitive File dojo/reports/urls.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
Changes to this file indicate changes to HTTP routes or endpoints, altering the attack surface of the application. |
| Filename |
dojo/reports/urls.py |
| Code Link |
|
from django.urls import re_path |
|
⚠️ Sensitive File dojo/settings/settings.dist.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is used to control configurations, changes to it could impact security. |
| Filename |
dojo/settings/settings.dist.py |
| Code Link |
|
# Django settings for DefectDojo |
|
⚠️ Sensitive File dojo/tools/npm_audit_7_plus/parser.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is a parser for npm audit, which may contain security impacting configurations. |
| Filename |
dojo/tools/npm_audit_7_plus/parser.py |
| Code Link |
|
"""Parser for NPM Audit v7+ Scan.""" |
|
⚠️ Sensitive File dojo/tools/pip_audit/parser.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is a parser for pip audit, which may contain security impacting configurations. |
| Filename |
dojo/tools/pip_audit/parser.py |
| Code Link |
|
"""Parser for pip-audit.""" |
|
⚠️ Sensitive File dojo/tools/qualys/parser.py (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is a parser for qualys, which may contain security impacting configurations. |
| Filename |
dojo/tools/qualys/parser.py |
| Code Link |
|
⚠️ Sensitive File helm/defectdojo/Chart.yaml (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is a helm chart configuration file, which may contain security impacting configurations. |
| Filename |
helm/defectdojo/Chart.yaml |
| Code Link |
|
⚠️ Sensitive File helm/defectdojo/values.yaml (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is a helm values configuration file, which may contain security impacting configurations. |
| Filename |
helm/defectdojo/values.yaml |
| Code Link |
|
⚠️ Sensitive File requirements-lint.txt (click for details)
|
|
| Type |
Sensitive File |
| Description |
This file is a dependencies file, changes to which could introduce malicious versions of libraries. |
| Filename |
requirements-lint.txt |
| Code Link |
|
⚠️ Sensitive File components/package.json (click for details)
|
|
| Type |
Sensitive File |
| Description |
Node.js/ExpressJS/Next.js applications manage their dependencies through package.json and package.json.lock files. A change in these files may indicate an addition of a library/dependency which could introduce additional risk to the application either through vulnerable code, expansion of the application's attack surface via additional routes, or malicious code. |
| Filename |
components/package.json |
| Code Link |
|