Colosseum
Reports/paramiko

paramiko

The leading native Python SSHv2 protocol library.

paramiko9.7K starsPythonLGPL-2.1
Scanned: February 16, 2026
Report Version: 1.0.0

How does your project compare?

Scan your repo free →

Overall Grade

B

3,387 total findings

Architecture
A40
Correctness
A10
Performance
D1606
Security
C1731

What Traditional Tools Missed

CategoryColosseumBanditSemgrep
Bandit1,2676350
Semgrep1,267010
Total3,38763510

3,387 findings (100%) were not detected by Bandit or Semgrep. These include compound vulnerabilities, logic errors, and context-dependent security issues that rule-based scanners aren't designed to catch.

Notable Findings

CriticalPerformance

Potential hotspot: set_file_attr has high complexity score (10)

Impact: Potential hotspot: set_file_attr has high complexity score (10)
Recommended Fix: Review and remediate.
CriticalPerformance

Potential hotspot: _read_folder has high complexity score (15)

Impact: Potential hotspot: _read_folder has high complexity score (15)
Recommended Fix: Review and remediate.
CriticalPerformance

Potential hotspot: finish_subsystem has high complexity score (13)

Impact: Potential hotspot: finish_subsystem has high complexity score (13)
Recommended Fix: Review and remediate.
CriticalPerformance

Potential hotspot: start_subsystem has high complexity score (24)

Impact: Potential hotspot: start_subsystem has high complexity score (24)
Recommended Fix: Review and remediate.
CriticalPerformance

Potential hotspot: _send_handle_response has high complexity score (12)

Impact: Potential hotspot: _send_handle_response has high complexity score (12)
Recommended Fix: Review and remediate.
CriticalPerformance

Potential hotspot: _response has high complexity score (21)

Impact: Potential hotspot: _response has high complexity score (21)
Recommended Fix: Review and remediate.
CriticalPerformance

Potential hotspot: _check_file has high complexity score (44)

Impact: Potential hotspot: _check_file has high complexity score (44)
Recommended Fix: Review and remediate.
Share:PostShare

Responsible Disclosure

This public report is intended to demonstrate the depth of analysis possible with modern code scanning tools and to help the broader open source community understand common vulnerability patterns.

Scan Your Python Repo Free

Find vulnerabilities traditional tools miss. Deep analysis of Python codebases with side-by-side tool comparison.

Start Free ScanView Pricing

Embed This Badge

[![BattleHarden Report](https://battleharden.dev/api/badge/paramiko)](https://battleharden.dev/reports/paramiko)