The integrated platform for monitoring & security
Observability
End-to-end, simplified visibility into your stack’s health & performance
インフラ
Applications
ログ
セキュリティ
Detect, prioritize, and respond to threats in real-time
Cloud Security
Application Security
Cloud SIEM
Digital Experience
Optimize front-end performance and enhance user experiences
Related Products
Software Delivery
Build, test, secure and ship quality code faster
Service Management
Integrated, streamlined workflows for faster time-to-resolution
AIOps
AI
Monitor and improve model performance. Pinpoint root causes and detect anomalies
AI Observability
Platform Capabilities
Built-in features & integrations that power the Datadog platform
Built-in Features
Workflows & Collaboration
Extensibility
Industry
テクノロジー
Use-case
Looking for Datadog logos?
You can find the logo assets on our press page.
ID: python-security/no-eval
python-security/no-eval
Language: Python
Severity: Notice
Category: Security
CWE: 94
eval() is insecure, and passing in unsanitized data could create a vulnerability, as reported by the official Python documentation. Generated code should be controlled as mentioned by CWE-94.
eval()
print("bla") eval('[1, 2, 3]') # eval() can be unsafe
import foo foo.eval('[1, 2, 3]')
from ast import literal_eval print("bla") literal_eval('[1, 2, 3]')
Seamless integrations. Try Datadog Code Analysis
1 2
rulesets: - python-security # Rules to enforce Python security.
For more information, please read the Code Analysis documentation
Identify code vulnerabilities directly in yourVS Code editor
Identify code vulnerabilities directly inJetBrains products
