Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
A Snyk API key has been found hard-coded in the codebase. Exposing API keys in code can allow unauthorized users to access your Snyk account and services.
Impact#
If attackers obtain this API key, they could use your Snyk account to access sensitive security data, manipulate project settings, or deplete your usage limits, potentially leading to data breaches or loss of control over your security monitoring.