hvac is the Python client for HashiCorp Vault. Client.secrets.kv.v2.read_secret_version reads a secret — the returned payload is a source. Client() with verify=False disables TLS verification (major finding).
.secrets.kv.v2.read_secret_version().secrets.kv.v2.read_secret_version()SourceClient.secrets.kv.v2.read_secret_version(path, mount_point='secret', version=None, ...) -> dict
Reads a KV secret. Return value carries secret data.
return.Client()Neutralhvac.Client(url='http://localhost:8200', token=None, verify=True, ...) -> Client
Vault client. Finding when verify=False.
| FQN | Field | |
|---|---|---|
| hvac | fqns[0] | |
| hvac.Client | fqns[1] |
Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.
from codepathfinder.go_rule import PyHvac