greprules.io
Sign inSubmit rule
Explore/cve-2025-31479-typer-shows-locals-in-exceptions

CVE-2025-31479: Typer Shows Locals In Exceptions

Initializing a Typer application with default exception handling will print local variables during exception tracebacks. This can inadvertently expose sensitive information such as credentials, API keys, or tokens in standard output and logs. Explicitly pass `pretty_exceptions_show_locals=False` to `Typer()` to prevent this leakage.

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0python
greprules fetch cve-2025-31479-typer-shows-locals-in-exceptions --engine opengrep

Description

Initializing a Typer application with default exception handling will print local variables during exception tracebacks. This can inadvertently expose sensitive information such as credentials, API keys, or tokens in standard output and logs. Explicitly pass `pretty_exceptions_show_locals=False` to `Typer()` to prevent this leakage.

Detection target

Not provided

Recommended fix

Not provided

False-positive notes

Not provided

License
Apache-2.0
Source context
Public repository
Source
Provally CVE rule catalog
Validation status
Verified
Trust signals
109 downloads0 direct109 via packs
· 0 stars · Trust score 65How trust works
Included packs
2 packs

Community feedback

Sign in to report false positives, mark this rule useful, or suggest metadata improvements.

Mark usefulReport false positiveSuggest metadata