Flask app detected with DEBUG mode enabledPTC-W0029
a05, owasp-top-10
Running Flask applications in debug mode results in the Werkzeug debugger being enabled. This includes a feature that allows arbitrary code execution. Documentation for both Flask and Werkzeug strongly suggests that debug mode should never be enabled on production systems.
Bad practice
from flask import Flask
app = Flask(__name__)
@app.route('/')
def main():
return 'Hello!'
app.run(debug=True) # Don't do this
Recommended
from flask import Flask
app = Flask(__name__)
@app.route('/')
def main():
return 'Hello!'
app.run()