Cfripper

Latest version: v1.16.0

Safety actively analyzes 710445 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 14

1.3.1

Not secure
Fixes
- Fixes `CrossAccountCheckingRule` when checking resources without `PROPERTY_WITH_POLICYDOCUMENT`.

1.3.0

Not secure
Improvements
- Add `ElasticsearchDomainCrossAccountTrustRule` and `OpenSearchDomainCrossAccountTrustRule`
- Bump `pycfmodel` to `0.13.0`

1.2.2

Not secure
Improvements
- Bump `pycfmodel` to `0.11.1`

1.2.1

Not secure
Fixes
- The `WildcardResourceRule` would fail if it received a policy document that was a string. It was expecting all policy documents to be a dictionary. Some AWS services allow for string policies though (e.g. `AWS::Logs::ResourcePolicy`). The rule has been updated to handle string policies by attempting to convert it to a dictionary.

1.2.0

Not secure
Updates
- The rules `EC2SecurityGroupOpenToWorldRule` and `EC2SecurityGroupIngressOpenToWorldRule` were by default allowing ports 80 and 443. This has now been migrated to use a filter object, that can be optionally applied. See the README for further details. This means if the filter is not applied, Security Groups open to the world on ports 80 and 443 will start failing in CFRipper.

1.1.2

Not secure
Fixes
- Add a fix to the `KMSKeyEnabledKeyRotation` rule to be able to detect the `EnableKeyRotation` property properly.

Page 6 of 14

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.