UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

39 lines (38 loc) 997 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
rules: - id: avoid-bind-to-all-interfaces message: >- Running `socket.bind` to 0.0.0.0, or empty string could unexpectedly expose the server publicly as it binds to all available interfaces. Consider instead getting correct address from an environment variable or configuration file. metadata: cwe: - 'CWE-200: Exposure of Sensitive Information to an Unauthorized Actor' owasp: - A01:2021 - Broken Access Control category: security technology: - python references: - https://owasp.org/Top10/A01_2021-Broken_Access_Control cwe2021-top25: true subcategory: - vuln likelihood: HIGH impact: MEDIUM confidence: HIGH languages: [python] severity: INFO pattern-either: - pattern: | $S = socket.socket(...) ... $S.bind(("0.0.0.0", ...)) - pattern: | $S = socket.socket(...) ... $S.bind(("::", ...)) - pattern: | $S = socket.socket(...) ... $S.bind(("", ...))