Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
A PGP private key has been found directly in the codebase, which means sensitive cryptographic credentials are exposed. Private keys should never be hardcoded or stored in source control.
Impact#
If this private key is leaked, attackers could decrypt confidential data, impersonate users, or gain unauthorized access to secure systems, leading to data breaches or loss of trust.