search

mariana-bteixeira / python-mini-projects

A collection of simple python mini projects to enhance your python skills
https://python-world.github.io/python-mini-projects/#/
MIT License
0 stars 0 forks source link

CX Communication_Over_HTTP @ projects/Fetch_current_weather/fetch_current_weather.py [master] #6

Open mariana-bteixeira opened 10 months ago

mariana-bteixeira commented 10 months ago

Communication_Over_HTTP issue exists @ projects/Fetch_current_weather/fetch_current_weather.py in branch master

The application's requests.get method, in projects\Fetch_current_weather\fetch_current_weather.py at line 14, sends an HTTP request to the server using get. However this request is sent over unprotected HTTP, without securing the channel with HTTPS. This will expose transported data to Man-in-the-Middle attacks.Similarity ID: 1469275027

Severity: Medium

CWE:319

Vulnerability details and guidance

Internal Guidance

Checkmarx

Training Recommended Fix

Lines: 8

Code (Line #8):

base_url = "http://api.openweathermap.org/data/2.5/weather?"
mariana-bteixeira commented 10 months ago

Issue still exists.