https://github.com/NVIDIA/warp ·
lang: python ·
LOC: ·
source: corpus_mined
| Rule | Severity | Count |
|---|---|---|
SEC020 Secret Printed to Logs |
high | 3 |
SEC005 Command Injection Risk |
high | 1 |
SEC012 ZipSlip — Archive Path Traversal |
medium | 1 |
SEC005
Command Injection Risk
warp/_src/build_dll.py:45
· conf 0.50
[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.SEC012
ZipSlip — Archive Path Traversal
tools/packman/bootstrap/install_package.py:156
· conf 1.00
[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.SEC020
Secret Printed to Logs
tools/ci/publishing/kitmaker_release.py:190
· conf 0.10
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
tools/pre-commit-hooks/check_version_consistency.py:122
· conf 0.10
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
warp/examples/core/example_alloc_tracker.py:113
· conf 0.10
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/ea65a57b-58fc-4cf4-b3ce-536d04e461e0/.