Tainted flow: 'req' from os.getenv (line 161, credential/environment) → urllib.request.urlopen (network output)
Critical
- Category
- Data Flow
- Content
headers={"Content-Type": "application/json"}, method="POST", ) with urllib.request.urlopen(req, timeout=timeout) as resp: return json.loads(resp.read().decode("utf-8"))- Confidence
- 94% confidence
- Finding
- with urllib.request.urlopen(req, timeout=timeout) as resp:
