PyPoplib

The poplib module. POP3() is plaintext; POP3_SSL encrypts. Plaintext POP3 is a credential-over-plaintext finding.

1 sink1 sanitizer

Taint flow0 sources → 1 sanitizer → 1 sink

Sanitizers — blocks taint

.POP3_SSL()

Sinks — dangerous call

.POP3()Plaintext POP3

Sinks

— dangerous functions taint must not reach

.POP3()Sink

Signature

poplib.POP3(host, port=110, timeout=...) -> POP3

Plaintext POP3. Finding.

— functions that neutralize taint

.POP3_SSL()Sanitizer

Signature

poplib.POP3_SSL(host, port=995, keyfile=None, certfile=None, timeout=..., context=None) -> POP3_SSL

POP3 over TLS. Safe.

tracks:return

FQN	Field
poplib	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

rule.py

from codepathfinder.go_rule import PyPoplib