search

mariana-bteixeira / python-mini-projects

A collection of simple python mini projects to enhance your python skills
https://python-world.github.io/python-mini-projects/#/
MIT License
0 stars 0 forks source link

CX Communication_Over_HTTP @ projects/Currency_converter/cc.py [master] #17

Open mariana-bteixeira opened 7 months ago

mariana-bteixeira commented 7 months ago

Communication_Over_HTTP issue exists @ projects/Currency_converter/cc.py in branch master

The application's requests.get method, in projects\Currency_converter\cc.py at line 19, sends an HTTP request to the server using get. However this request is sent over unprotected HTTP, without securing the channel with HTTPS. This will expose transported data to Man-in-the-Middle attacks.Similarity ID: 2018947983

Severity: Medium

CWE:319

Vulnerability details and guidance

Internal Guidance

Checkmarx

Training Recommended Fix

Lines: 18

Code (Line #18):

url = "http://data.fixer.io/api/latest?access_key=33ec7c73f8a4eb6b9b5b5f95118b2275"
mariana-bteixeira commented 7 months ago

Issue still exists.