GitLab Security Products

These functions may be used to either drop or change account privileges. If the calls fail, the process will continue to run with the privileges assigned to it on start. Depending on the logic of the application, this may allow attackers to abuse the system due to privileges never being changed to a different access level. Always ensure return values of this

The umask function call sets the process's file mode creation mask. umask values determine what permissions a file should be created with and who can read or write to these files. Ensure that umask is given most restrictive possible setting depending on the context, usually 066 or 077, for more information please see: https://en.wikipedia.org/wiki/Umask#Mask

Format specifiers can take optional field widths, which should be used to limit how many characters are copied into the target buffer. Example: ``` const char str[20] = "AAAAAAAAAAAAAAAAAAA"; char buf[11] = {0}; sscanf(str, "%10s", &buf); // buf = AAAAAAAAAA\0 ```

This function is synonymous with `getenv("HOME")` and should be treated as untrusted input as it could be modified by an attacker. Possible risks include: - The value being too large and causing buffer overflows - Files under the attacker's control being used maliciously - Files outside of an attacker's control becoming accessible, depending on access privil

This function is synonymous with `getenv("TMP")` and should be treated as untrusted input as it could be modified by an attacker. Possible risks include: - The value being too large and causing buffer overflows - Files under the attacker's control being used maliciously - Files outside of an attacker's control becoming accessible, depending on access privile

This function's return value should be treated as untrusted input as it could be modified by an attacker. Possible risks include: - The value being too large and causing buffer overflows - Files under the attacker's control being used maliciously - Files outside of an attacker's control becoming accessible, depending on access privileges.

The gets() function reads a line from stdin into the provided buffer until either a terminating newline or EOF. This terminating newline or EOF is replaced with a null byte `'\0'`. No check for buffer overruns are performed so it is recommended to use `fgets()` instead. Do note that some platforms will continue reading data after a `'\0'` is encountered. Usa

`getwd` does not contain a parameter to limit how many characters can be copied into the destination buffer. For portability and security reasons `getwd` has been deprecated in favor of `getcwd`. For more information please see: https://linux.die.net/man/3/getcwd

The `strcat` family of functions are unable to limit how many bytes are copied to the destination buffer. It is recommended to use more secure alternatives such as `snprintf`. If developing for C Runtime Library (CRT), more secure versions of these functions should be used, see: https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/strcat-s-wcsca

Consider using more secure alternatives such as `snprintf`, instead of the `wcsncat` family of functions. If developing for C Runtime Library (CRT), more secure versions of these functions should be used, see: https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/strncat-strncat-l-wcsncat-wcsncat-l-mbsncat-mbsncat-l?view=msvc-170

The `lstrcpy` family of functions do not provide the ability to limit or check buffer sizes before copying to a destination buffer. This can lead to buffer overflows. Consider using more secure alternatives such as `strncpy_s`. If developing for C Runtime Library (CRT), more secure versions of these functions should be used, see: https://learn.microsoft.com/

The `lstrcpyn` family of functions do not always check for invalid pointers or check if there is sufficient space prior to copying. The count argument limits the number of characters copied but does validate if the count will fit within the size of the destination buffer, leading to potential overflows. If developing for C Runtime Library (CRT), more secure

The `memcpy` family of functions require the developer to validate that the destination buffer is the same size or larger than the source buffer. Buffer overflows could be introduced if care is not taken to validate buffer sizes. If developing for C Runtime Library (CRT), more secure versions of these functions should be used, see: https://learn.microsoft.co

The input buffer is the number of bytes in the string, but the size of the output buffer is the number of characters. To avoid overflows, the application must determine the correct buffer size which depends on the data type the buffer receives. For more information see: https://learn.microsoft.com/en-us/windows/win32/intl/security-considerations--internation

The `realpath` function should not be called with a destination buffer as it could lead to overflowing if the path is greater than PATH_LEN. It is instead recommended to call `realpath` with the destination buffer set to NULL and use the return value as the resolved path. Be sure to free the returned pointer as realpath will allocate the buffer internally us

Format specifiers can take optional field widths, which should be used to limit how many characters are copied into the target buffer. For more information please see: https://linux.die.net/man/3/scanf Example: ``` char buf[11] = {0}; scanf("%10s", &buf); // buf = AAAAAAAAAA\0 ``` If developing for C Runtime Library (CRT), more secure versions of these funct

Use sprintf_s, snprintf, or vsnprintf instead. The `sprintf` family of functions do not allow callers to set limits on how many bytes the destination buffer can hold. Consider using more secure alternatives such as `snprintf`. For more information please see: https://linux.die.net/man/3/snprintf If developing for C Runtime Library (CRT), more secure versions

The `StrCat` family of functions do not guarantee the final string to be null terminated. Consider using one of the following alternatives: `StringCbCat`, `StringCbCatEx`, `StringCbCatN`, `StringCbCatNEx`, `StringCchCat`, `StringCchCatEx`, `StringCchCatN`, or `StringCchCatNEx`. For more information please see: https://learn.microsoft.com/en-us/windows/win32/

The `strcat` family of functions are unable to limit how many bytes are copied to the destination buffer. It is recommended to use more secure alternatives such as `snprintf`. For more information please see: https://linux.die.net/man/3/snprintf If developing for C Runtime Library (CRT), more secure versions of these functions should be used, see: https://le

The `strccpy` and `strcadd` functions do not allow the caller to check that the destination size of the buffer will fit the input buffer prior to copying. For more information please see: https://docs.oracle.com/cd/E18752_01/html/816-5172/streadd-3gen.html

The `strcpy` family of functions do not provide the ability to limit or check buffer sizes before copying to a destination buffer. This can lead to buffer overflows. Consider using more secure alternatives such as `strncpy` and provide the correct limit to the destination buffer and ensure the string is null terminated. For more information please see: https

The `StrCpy` family of functions do not guarantee the final string to be null terminated. Consider using one of the following alternatives `StringCbCopy`, `StringCbCopyEx`, `StringCbCopyN`, `StringCbCopyNEx`, `StringCchCopy`, `StringCchCopyEx`, `StringCchCopyN`, or `StringCchCopyNEx`. If developing for C Runtime Library (CRT), more secure versions of these f

The `strecpy` and `streadd` functions require that the destination buffer size be at least four times the size of the source due to each character potentially becoming a `\` and 3 digits. For more information please see: https://docs.oracle.com/cd/E18752_01/html/816-5172/streadd-3gen.html

The `strlen` family of functions does not handle strings that are not null terminated. This can lead to buffer over reads and cause the application to crash by accessing unintended memory locations. It is recommended that `strnlen` be used instead as a `maxlen` value can be provided. For more information please see: https://linux.die.net/man/3/strnlen If dev

The `strncat` family of functions are easy to use incorrectly when calculating destination buffer sizes. It is recommended to use more secure alternatives such as `snprintf`. For more information please see: https://linux.die.net/man/3/snprintf If developing for C Runtime Library (CRT), more secure versions of these functions should be used, see: https://lea

The `strncpy` family of functions do not properly handle strings that are not null terminated. It is recommended to use more secure alternatives such as `snprintf`. For more information please see: https://linux.die.net/man/3/snprintf If developing for C Runtime Library (CRT), more secure versions of these functions should be used, see: https://learn.microso

This function is easy to misuse by not accounting for the space necessary when transforming strings. Ensure that the destination buffer is large enough to fit the transformed output. For more information please see: https://docs.oracle.com/cd/E36784_01/html/E36877/strtrns-3gen.html

The crypt functions are not recommended due to the significantly small key space. Modern hardware can crack crypt produced passwords relatively quickly. Consider using the Argon2id password hashing algorithm provided by libsodium. For more information please see: https://libsodium.gitbook.io/doc/password_hashing.

The DES algorithm has not been recommended for over 15 years and was withdrawn from NIST (FIPS 46-3) in 2005. Consider using libsodium's `crypto_secretbox_easy` authenticated encryption functions instead. For more information please see: https://libsodium.gitbook.io/doc/secret-key_cryptography/secretbox. If you must be FIPS compliant, consider using OpenSSLs

The RC4 algorithm is vulnerable to many attacks and should no longer be used for encrypting data streams. Consider using libsodium's `crypto_secretstream_xchacha20poly1305` stream cipher encryption functions instead. For more information please see: https://libsodium.gitbook.io/doc/secret-key_cryptography/secretstream If you must be FIPS compliant, consider

Format string vulnerabilities allow an attacker to read or in some cases, potentially write data to and from locations in the processes' memory. To prevent against format string attacks, do not allow users or un-validated input to provide the format specification. Consider using a constant for the format specification, or only allow specific characters to be

Format string vulnerabilities allow an attacker to read or in some cases, potentially write data to and from locations in the processes' memory. To prevent against format string attacks, do not allow users or un-validated input to provide the format specification. Consider using a constant for the format specification, or only allow specific characters to be

Format string vulnerabilities allow an attacker to read or in some cases, potentially write data to and from locations in the processes' memory. To prevent against format string attacks, do not allow users or un-validated input to provide the format specification. Consider using a constant for the format specification, or strip all format specifiers from the

Format string vulnerabilities allow an attacker to read or in some cases, potentially write data to and from locations in the processes' memory. To prevent against format string attacks, do not allow users or un-validated input to provide the format specification. Consider using a constant for the format specification, or strip all format specifiers from the

The `memalign` function may not check that the alignment argument is correct. Calling free (on non Linux-based systems) may fail and in certain circumstances this failure may be exploitable. This function has been deprecated in favor of `posix_memalign`. For more information please see: https://linux.die.net/man/3/memalign

The `atoi` family of functions can potentially overflow or underflow integer values. Consider using `stroul` instead. For more information please see: https://wiki.sei.cmu.edu/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number

Make sure that you set inheritance by hand if you wish it to inherit.

`cuserid()` is poorly defined (e.g., some systems use the effective UID, like Linux, while others like System V use the real UID). Therefore, you can't trust what it does. The cuserid function was included in the 1988 version of POSIX, but removed from the 1990 version. Also, if passed a non-null parameter, there's a risk of a buffer overflow if the passed-i

Usage of the `open` family of functions may hint at a potential Time Of Check Time Of Use (TOCTOU) vulnerability. An attacker may be able to modify the file being specified by the `open` function prior to the `open` function being called. Prior to calling `open`, use `lstat` to open the file and confirm the attributes are correct. Then use `open` to get a fi

The `getlogin` function suffers from many bugs or unknown behaviors depending on the system. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling TTY of our program does not necessarily mean it is the user who started the process. Use getpwuid(geteuid()) and extract the desired information instead. Fo

This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data. Some systems will write to stderr instead of stdout. Some will read from stdin if it can not be read from /dev/tty. In some systems the buffer i

The `LoadLibrary` function is used to load DLLs dynamically. Depending on the filepath parameter, the OS version, and the modes set for the process prior to calling LoadLibrary, DLL hijacking may be possible. Attackers can exploit this by placing DLL files with the same name in directories that are searched before the legitimate DLL is. To assist in preventi

The `LoadLibraryEx` function is used to load DLLs dynamically. Depending on the filepath parameter, the OS version, and the modes set for the process prior to calling LoadLibrary, DLL hijacking may be possible. Attackers can exploit this by placing DLL files with the same name in directories that are searched before the legitimate DLL is. To assist in preven

When `SetSecurityDescriptorDacl` is called with a null `pDacl` parameter and the `bDaclPresent` flag is `TRUE`, all access to the object is allowed. An attacker could set the object to Deny all, which would include even the Administrator user(s). Either call `SetSecurityDescriptorDacl` with bDaclPresent as `FALSE`, or supply a valid non-null `pDacl` paramete

The `gsignal` and `ssignal` functions are obsolete and no longer recommended. Consider using the `raise` or `sigaction` functions instead for process signaling. For more information please see: https://linux.die.net/man/3/sigaction

The ulimit function is obsolete and no longer recommended. Use `getrlimit(2)`, `setrlimit`, or `sysconf` instead. For more information please see: https://linux.die.net/man/3/setrlimit

The `usleep` function has been deprecated, use `nanosleep` or `setitimer` instead. For more information please see: https://linux.die.net/man/3/setitimer

Usage of the `access` function call hints at a potential Time Of Check Time Of Use (TOCTOU) vulnerability. Using the `access` function to check if a file exists and is readable before opening it, an attacker can create a race condition between the `access` call and opening the file. The attacker could replace the file with a different one or modify its conte

Usage of the `chmod` function call hints at a potential Time Of Check Time Of Use (TOCTOU) vulnerability. An attacker may be able to modify the file being specified by the `chmod` function prior to the `chmod` function being called. Since `chmod` will resolve symbolic links, an attacker may be able to exploit this fact to have files outside of their control

Usage of the `chown` function call hints at a potential Time Of Check Time Of Use (TOCTOU) vulnerability. An attacker may be able to modify the file being specified by the `chmod` function prior to the `chown` function being called. Since `chown` will resolve symbolic links, an attacker may be able to exploit this fact to have files outside of their control

Usage of the `readlink` function call hints at a potential Time Of Check Time Of Use (TOCTOU) vulnerability. An attacker may be able to modify the file being specified by the `readlink` function prior to the `readlink` function being called. Additionally, care must be taken that the buffer provided is large enough to hold the contents of the file. Instead of

The `vfork` function is suffers from portability issues and is not recommended. In some Linux systems `vfork` is vulnerable to a race condition while the child process is running as the user's UID but hasn't executed `execve`. The user may be able to send signals to this process, which in `vfork` would not be sent to the parent process. As a result a user ma

The detected function is not sufficient at generating security-related random numbers, such as those used in key and nonce creation. Consider using the libsodium library's `randombytes_random` function instead. More information on libsodium's random number generators can be found here: https://libsodium.gitbook.io/doc/generating_random_data. If FIPS validati

Due to how `CreateProcess` parses spaces, an attacker may be able to exploit this function by creating a binary with the same name that is loaded first, depending on the search path order. Ensure that quotation marks around the executable path are used, such as: ``` CreateProcessA(NULL, "\"C:\\Program Files\\MyApp.exe\"", ...) ``` For more information, pleas

Due to how `CreateProcess` parses spaces, an attacker may be able to exploit this function by creating a binary with the same name that is loaded first, depending on the search path order. Ensure that quotation marks around the executable path are used, such as: ``` CreateProcessAsUser(hToken, NULL, "\"C:\\Program Files\\MyApp.exe\"", ...) ``` For more infor

It is generally not recommended to call out to the operating system to execute commands. When the application is executing file system based commands, user input should never be used in constructing commands or command arguments. If possible, determine if a library can be used instead to provide the same functionality. Otherwise, consider hard coding both th

It is generally not recommended to call out to the operating system to execute commands. When the application is executing file system based commands, user input should never be used in constructing commands or command arguments. If possible, determine if a library can be used instead to provide the same functionality. Otherwise, consider hard coding both th

The `GetTempFileName` function works by generating a randomly named file, creating the file (if it does not exist) and then closing it. An application wishing to use this temporary file will need to reopen this file to begin working with it. This leads to a potential Time Of Check Time Of Use (TOCTOU) vulnerability, as an attacker could replace or modify the

Some older Unix-like systems, `mkstemp` would create temp files with 0666 permissions, meaning the file created would be read/write access for all users. Ensure the process has called the `umask` function with restricted permissions prior to calling `mkstemp` and validate the permissions prior to using the file descriptor. For more information on temporary f

The `mktemp` function should no longer be used due to multiple flaws. Some implementations created random files by using known information like the process ID and a single letter. This allows for possible race conditions where an attacker could guess or manipulate these files prior to them being used. Consider using the `mkstemp` function instead, but be awa

There exists a possible race condition in between the time that `tmpfile` returns a pathname, and the time that the program opens it, another program might create that pathname using `open`, or create it as a symbolic link. Consider using the `mkstemp` function instead, but be aware it also contains possible risks. Ensure the process has called the `umask` f

There exists a possible race condition in between the time that `tempnam` or `tmpnam` returns a pathname, and the time that the program opens it, another program might create that pathname using `open`, or create it as a symbolic link. Consider using the `mkstemp` function instead, but be aware it also contains possible risks. Ensure the process has called t

The `HttpOnly` attribute when set to `true` protects the cookie value from being accessed by client side JavaScript such as reading the `document.cookie` values. By enabling this protection, a website that is vulnerable to Cross-Site Scripting (XSS) will be able to block malicious scripts from accessing the cookie value from JavaScript. Example of protecting

The `Secure` attribute when set to `true` protects the cookie value from being being transmitted over clear text communication paths such as HTTP. By enabling this protection, the cookie will only be sent over HTTPS. Example of protecting an HttpCookie: ``` // Create an HttpOnly cookie. HttpCookie someCookie = new HttpCookie("SomeCookieName", "SomeValue"); s

The `ServicePointManager.ServerCertificateValidationCallback` event has been set to always return `true`, which effectively disables the validation of server certificates. This allows for an adversary who is in between the application and the target host to intercept potentially sensitive information or transmit malicious data. Remove the callback function t

DES, TripleDES and RC2 are all considered broken or insecure cryptographic algorithms. If using .NET Framework greater than version 6.0 consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications, `AES-256-GCM` is recommended, however it has many drawbacks: - Slower than `ChaCha20Po

Cryptographic algorithms provide many different modes of operation, only some of which provide message integrity. Without message integrity it could be possible for an adversary to attempt to tamper with the ciphertext which could lead to compromising the encryption key. Newer algorithms apply message integrity to validate ciphertext has not been tampered wi

Both MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recommended to switch to a password hashing algorithm such as Argon2id or PBKDF2. Currently the

Depending on the context, generating weak random numbers may expose cryptographic functions which rely on these numbers to be exploitable. When generating numbers for sensitive values such as tokens, nonces, and cryptographic keys, it is recommended that the `RandomNumberGenerator` class be used. Example `RandomNumberGenerator` usage: ``` Int32 randInt = Ran

The application failed to protect against Cross-Site Request Forgery (CSRF) due to not including the `[ValidateAntiForgeryToken]` attribute on an HTTP method handler that could change user state (usually in the form of POST or PUT methods). The vulnerability can be exploited by an adversary creating a link or form on a third party site and tricking an authen

Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object construction, which occurs during the deserialization process. - Exploit mass assignment by including fields that are not nor

The application may allow open redirects if created using user supplied input. Open redirects are commonly abused in phishing attacks where the original domain or URL looks like a legitimate link, but then redirects a user to a malicious site. An example would be `https://example.com/redirect?url=https://%62%61%64%2e%63%6f%6d%2f%66%61%6b%65%6c%6f%67%69%6e` w

OS command injection is a critical vulnerability that can lead to a full system compromise as it may allow an adversary to pass in arbitrary commands or arguments to be executed. User input should never be used in constructing commands or command arguments to functions which execute OS commands. This includes filenames supplied by user uploads or downloads.

LDAP injection attacks exploit LDAP queries to influence how data is returned by the LDAP, or in this case an Active Directory server. It is recommended that newer applications use the `System.DirectoryServices.AccountManagement` API instead of `DirectorySearcher` API as it hides the complexity of querying LDAP directly. However, the `AccountManagement` API

SQL Injection is a critical vulnerability that can lead to data or system compromise. By dynamically generating SQL query strings, user input may be able to influence the logic of the SQL statement. This could lead to an adversary accessing information they should not have access to, or in some circumstances, being able to execute OS functionality or code. R

External XML entities are a feature of XML parsers that allow documents to contain references to other documents or data. This feature can be abused to read files, communicate with external hosts, exfiltrate data, or cause a Denial of Service (DoS). XML parsers and document loaders must be configured to not resolve entities. This can be done by: - Ensuring y

External XML entities are a feature of XML parsers that allow documents to contain references to other documents or data. This feature can be abused to read files, communicate with external hosts, exfiltrate data, or cause a Denial of Service (DoS). XML parsers and document loaders must be configured to not resolve entities. This can be done by: - Ensuring y

XPath injection is a vulnerability that can allow an adversary to inject or modify how an XML query is structured. Depending on the logic of the original query, this could lead to adversaries extracting unauthorized information or in rare cases bypassing authorization checks. It is recommended that LINQ to XML is used instead of XPath for querying XML docume

By setting `XsltSettings.EnableScript` to true, an adversary who is able to influence the loaded XSL document could directly inject code to compromise the system. It is strongly recommended that an alternative approach is used to work with XML data. For increased security: - Never process user-supplied XSL style sheets - Ensure `XsltSettings.EnableScript` is

The application's `PasswordValidator.RequiredLength` property allows passwords to be less than 8 characters. Consider requiring a length of at least 8 or more characters to reduce the chance of passwords being brute forced. Example of setting the RequiredLength to 8 in ASP.NET Core Identity: ``` builder.Services.Configure<IdentityOptions>(options => { // Def

The application dynamically constructs file or path information. If the path information comes from user input, it could be abused to read sensitive files, access other users data, or aid in exploitation to gain further system access. User input should never be used in constructing paths or files for interacting with the filesystem. This includes filenames s

By using the `[ValidateInput(false)]` attribute in a controller class, the application will disable request validation for that method. This disables ASP.NET from examining requests for injection attacks such as Cross-Site-Scripting (XSS). If possible, re-enable validation by using `ValidateInput(true)`. In some cases this may not be possible, in which case

Cross Site Scripting (XSS) is an attack which exploits a web application or system to treat user input as markup or script code. It is important to encode the data depending on the specific context it is used in. There are at least six context types: - Inside HTML tags `<div>context 1</div>` - Inside attributes: `<div class="context 2"></div>` - Inside event

Cross Site Scripting (XSS) is an attack which exploits a web application or system to treat user input as markup or script code. It is important to encode the data depending on the specific context it is used in. User input that is used within the application scripts must be encoded, sanitized or validated to ensure it cannot change the behavior of the Javas

The DES algorithm has not been recommended for over 15 years and was withdrawn from NIST (FIPS 46-3) in 2005. It is recommended that an algorithm that provides message integrity be used instead. Consider using `XChaCha20Poly1305` or `AES-256-GCM`. For older applications, `AES-256-GCM` is recommended, however it has many drawbacks: - Slower than `XChaCha20Pol

The MD5 message-digest algorithm has been cryptographically broken and is unsuitable for further use. The MD5 hash algorithm has been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. It is recommended that the SHA-3 or BLAKE2 family of algorithms be used for non-password based

The RC4 stream-cipher has been cryptographically broken and is unsuitable for use in production. It is recommended that ChaCha20 or Advanced Encryption Standard (AES) be used instead. Consider using `XChaCha20Poly1305` or `AES-256-GCM`. For older applications, `AES-256-GCM` is recommended, however it has many drawbacks: - Slower than `XChaCha20Poly1305` - Sm

The SHA-1 message-digest algorithm has been cryptographically broken and is unsuitable for further use. It is recommended that the SHA-3, or BLAKE2 family of algorithms be used for non-password based cryptographic hashes instead. For password based cryptographic hashes, consider using the bcrypt or Argon2id family of cryptographic hashes. Hashing values usin

Usage of a cryptographically insecure cipher suite has been detected. It is recommended that alternative ciphers be used instead. It is strongly recommended that all TLS connections use TLS 1.3 as Go will automatically choose the most secure cipher when negotiating the TLS handshake with client or servers. TLS 1.3 cipher suites are configured to require Perf

The application was found to ignore host keys. Host keys are important as they provide assurance that the client can prove that the host is trusted. By ignoring these host keys, it is impossible for the client to validate the connection is to a trusted host. For the `ssh.ClientConfig` `HostKeyCallback` property, consider using the [knownhosts](https://pkg.go

TLS versions 1.1 and 1.0 were deprecated by the IETF in June 2018 due to a number of attacks against the vulnerable versions. Use of a deprecated TLS version may result in the unauthorized retrieval of sensitive information. It is strongly recommended that all TLS connections use TLS 1.3 as Go will automatically choose the most secure cipher when negotiating

The application is generating an RSA key that is less than the recommended 2048 bits. The National Institute of Standards and Technology (NIST) deprecated signing Digital Certificates that contained RSA Public Keys of 1024 bits in December 2010. While 1024-bit RSA keys have not been factored yet, advances in compute may make it possible in the near future. T

Go's `math/rand` is not meant for use in generating random numbers for any cryptographic or security sensitive context. This includes generating random numbers that could be used in user specific identifiers or where the random number that is generated is considered to be secret. Replace all imports of `math/rand` with `crypto/rand`.

The application was found setting file permissions to overly permissive values. Consider using the following values if the application user is the only process to access the file: - 0400 - read only access to the file - 0200 - write only access to the file - 0600 - read/write access to the file Example creating a file with read/write permissions for the appl

The application was found setting directory permissions to overly permissive values. Consider using the following values if the application user is the only process to access files in the directory specified: - 0700 - read/write access to the files in the directory Another common value is `0750` which allows the application user read/write access and group u

Directly decompressing files or buffers may lead to a potential Denial of Service (DoS) due to a decompression bomb. Decompression bombs are maliciously compressed files or data that decompresses to extremely large sizes. This can cause the process to run out of memory, or the disk to fill up. To protect against decompression bombs, an [io.LimitReader(...)](

The application dynamically constructs file or path information. If the path information comes from user input, it could be abused to read sensitive files, access other users data or aid in exploitation to gain further system access. User input should never be used in constructing paths or files for interacting with the filesystem. This includes filenames su

The application is potentially exposing the entire filesystem by mounting the root directory `/` to an HTTP handler function. Anyone who is able to access this HTTP server may be able to access any file that the HTTP server has access to. Restrict the `http.Dir` path to only a specific folder instead of the entire filesystem. Example server only allowing dir

The application was found setting file permissions to overly permissive values. Consider using the following values if the application user is the only process to access the file: - 0400 - read only access to the file - 0200 - write only access to the file - 0600 - read/write access to the file Example writing file contents with read/write permissions for th

The application was found creating files in shared system temporary directories (`/tmp` or `/var/tmp`) without using the `os.CreateTemp` function. Depending on how the application uses this temporary file, an attacker may be able to create symlinks that point to other files prior to the application creating or writing to the target file, leading to unintende

The application may be vulnerable to a path traversal if it extracts untrusted archive files. This vulnerability is colloquially known as 'Zip Slip'. Archive files may contain folders which, when extracted, may write outside of the intended directory. This is exploited by including path traversal characters such as `../../other/directory` to overwrite or pla

Go's `net/http` serve functions may be vulnerable to resource consumption attacks if timeouts are not properly configured prior to starting the HTTP server. An adversary may open up thousands of connections but never complete sending all data, or never terminate the connections. This may lead to the server no longer accepting new connections. To protect agai

Server-Side-Request-Forgery (SSRF) exploits backend systems that initiate requests to third parties. If user input is used in constructing or sending these requests, an attacker could supply malicious data to force the request to other systems or modify request data to cause unwanted actions. Ensure user input is not used directly in constructing URLs or URI

Cross Site Scripting (XSS) is an attack which exploits a web application or system to treat user input as markup or script code. It is important to encode the data depending on the specific context it is used in. There are at least six context types: - Inside HTML tags `<div>context 1</div>` - Inside attributes: `<div class="context 2"></div>` - Inside event

Go has a built in profiling service that is enabled by starting an HTTP server with `net/http/pprof` imported. The `/debug/pprof` endpoint does not require any authentication and can be accessed by anonymous users. This profiling endpoint can leak sensitive information and should not be enabled in production. To remediate this, remove the `net/http/pprof` im

Golang's `int` type size depends on the architecture of where the application is running. For 32-bit systems, `int` is 32-bit, for 64-bit systems, `int` will be 64-bit. By calling `strconv.Atoi` with a large number, the integer may overflow if the `int` return value is type converted into a smaller type (`int32` or `int16`). This could cause unexpected appli

Go's `for ... range` statements create an iteration variable for each iteration of the loop. By taking the address of this iteration variable, the value of the address will be re-used and always point to the same location in memory. This can have unexpected behavior if the address is stored or re-used. This can be fixed by: - Not referencing the address of t

Binding to all network interfaces can potentially open up a service to traffic on unintended interfaces, that may not be properly documented or secured. By passing "0.0.0.0" as the address to the `Listen` family of functions, the application will bind to all interfaces. Consider passing in the interface ip address through an environment variable, configurati

SQL Injection is a critical vulnerability that can lead to data or system compromise. By dynamically generating SQL query strings, user input may be able to influence the logic of the SQL statement. This could lead to an adversary accessing information they should not have access to or in some circumstances, being able to execute OS functionality or code. Re

OS command injection is a critical vulnerability that can lead to a full system compromise as it may allow an adversary to pass in arbitrary commands or arguments to be executed. User input should never be used in constructing commands or command arguments to functions which execute OS commands. This includes filenames supplied by user uploads or downloads.

The `unsafe` package in Go allows low-level access to memory management features. This includes pointers and direct access to memory. The Go compiler will no longer be able to enforce type safety when working with the `unsafe` pointer types. While powerful, access to these functions can lead to many security related issues such as: - [Buffer overflows](https

The `Secure` attribute when set to `true` protects the cookie value from being being transmitted over clear text communication paths such as HTTP. By enabling this protection, the cookie will only be sent over HTTPS. Example of protecting a `Cookie`: ``` // Create an Secure cookie. Cookie someCookie = new Cookie("SomeCookieName", "SomeValue"); // Set Secure

HTTP Response Splitting is a vulnerability where Carriage Return (CR `\r`) and Line Feed (LF `\n`) characters are introduced into an HTTP header from user-supplied input. By injecting the `\r\n` character sequence, an adversary could potentially modify how the response is interpreted by the client or any downstream caching services. This could allow an adver

HTTP Response Splitting is a vulnerability where Carriage Return (CR `\r`) and Line Feed (LF `\n`) characters are introduced into an HTTP header from user-supplied input. By injecting the `\r\n` character sequence, an adversary could potentially modify how the response is interpreted by the client or any down stream caching services. This could allow an adve

This application potentially allows user-supplied input into the value of the `Access-Control-Allow-Origin` response header. This header is part of the [Cross-Origin Resource Sharing](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) CORS specification. By allowing user input to specify which domains can communicate with this server, an adversary could

The Blowfish encryption algorithm was meant as a drop-in replacement for DES and was created in 1993. Smaller key sizes may make the ciphertext vulnerable to [birthday attacks](https://en.wikipedia.org/wiki/Birthday_attack). While no known attacks against Blowfish exist, it should never be used to encrypt files over 4GB in size. If possible consider using AE

DES, TripleDES and RC2 are all considered broken or insecure cryptographic algorithms. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications that don't have support for `ChaCha20Poly130

DES, TripleDES and RC2 are all considered broken or insecure cryptographic algorithms. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications that don't have support for `ChaCha20Poly130

Cryptographic algorithms provide many different modes of operation, only some of which provide message integrity. Without message integrity it could be possible for an adversary to attempt to tamper with the ciphertext which could lead to compromising the encryption key. Newer algorithms apply message integrity to validate ciphertext has not been tampered wi

Cryptographic algorithms provide many different modes of operation, only some of which provide message integrity. Without message integrity it could be possible for an adversary to attempt to tamper with the ciphertext which could lead to compromising the encryption key. Newer algorithms apply message integrity to validate ciphertext has not been tampered wi

Cryptographic block ciphers can be configured to pad individual blocks if there is not enough input data to match the size of the block. This specific mode of CBC used in combination with PKCS5Padding is susceptible to padding oracle attacks. An adversary could potentially decrypt the message if the system exposed the difference between plaintext with invali

The application was found implementing a custom `java.security.MessageDigest`. It is strongly recommended that a standard Digest algorithm be chosen instead as implementing a digest by hand is error-prone. The National Institute of Standards and Technology (NIST) recommends the use of SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, or SHA-512/256. Example o

The network communications for Hazelcast is configured to use a deprecated symmetric cipher. Consider using TLS/SSL when establishing communications across the Hazelcast cluster. For more information on configuring TLS/SSL for Hazelcast see: https://docs.hazelcast.com/imdg/4.2/security/tls-ssl

The application is generating an RSA key that is less than the recommended 2048 bits. The National Institute of Standards and Technology (NIST) deprecated signing Digital Certificates that contained RSA Public Keys of 1024 bits in December 2010. While 1024-bit RSA keys have not been factored yet, advances in compute may make it possible in the near future. C

The application was found creating a `NullCipher` instance. `NullCipher` implements the `Cipher` interface by returning ciphertext identical to the supplied plaintext. This means any data passed to the `doFinal(...)` or `update(...)` methods will not actually encrypt the input. Remove the NullCipher reference and replace with a legitimate `Cipher` instance s

The software uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP). By not enabling padding, the algorithm maybe vulnerable to [chosen plaintext attacks](https://en.wikipedia.org/wiki/Chosen-plaintext_attack). To enable OAEP mode, pass `RSA/ECB/OAEPWithSHA-256AndMGF1Padding` to the `Cipher.getInstance` method. Example e

The application was found using an insecure or risky digest or signature algorithm. Both MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recommended

The `org.apache.http.impl.client.DefaultHttpClient` does not verify the hostnames upon connection. This allows for an adversary who is in between the application and the target host to intercept potentially sensitive information or transmit malicious data. Do not use the `org.apache.http.impl.client.DefaultHttpClient();` as it is deprecated. Instead use the

Avoid initializing SSLContext with insecure protocols like `SSL`, `SSLv2`, or `SSLv3`. These protocols are outdated and do not validate certificates by default. Additionally, these older `SSL` versions have many known security issues. Instead, use secure protocols like `TLSv1.2` or `TLSv1.3`. ``` SSLContext context = SSLContext.getInstance("TLSv1.3"); ``` Fo

The application was found enabling insecure TLS protocol versions. When enabling protocol versions for an `SSLContext`, only the following versions should be allowed: - TLSv1.2 - TLSv1.3 - DTLSv1.2 - DTLSv1.3 To mitigate potential security risks, it is strongly advised to enforce TLS 1.2 as the minimum protocol version and disallow older versions such as TLS

The `HostnameVerifier` has been set to always return `true`. This effectively disables the validation of server or client certificates. This could allow an adversary who is in between the application and the target host to launch a Man in the middle attack (MITM) i.e intercept potentially sensitive information or inject malicious content into the communicati

Unvalidated redirects occur when an application redirects a user to a destination URL specified by a user supplied parameter that is not validated. Such vulnerabilities can be used to facilitate phishing attacks. To avoid open redirect vulnerabilities in Java, one effective strategy is to only allow redirection to URLs that are pre-defined in a safe list. Th

The `X509TrustManager` has been configured to return null. This effectively disables the validation of server or client certificates. This could allow an adversary who is in between the application and the target host to launch a Man in the middle attack (MITM) i.e intercept potentially sensitive information or inject malicious content into the communication

The filename provided by the FileUpload API can be tampered with by the client to reference unauthorized files. The provided filename should be properly validated to ensure it's properly structured, contains no unauthorized path characters (e.g., / \), and refers to an authorized file. The application was found to take a parameter from user input to construc

The filename provided by the FileUpload API can be tampered with which could lead to unauthorized access or file inclusion vulnerabilities. To mitigate this risk, it is essential to conduct rigorous validation of the filenames provided by clients. This validation should ensure that the filename adheres to a predefined structure, is devoid of potentially dang

OS command injection is a critical vulnerability that can lead to a full system compromise as it may allow an adversary to pass in arbitrary commands or arguments to be executed. User input should never be used in constructing commands or command arguments to functions which execute OS commands. This includes filenames supplied by user uploads or downloads.

This rule identifies potential Expression Language (EL) injection vulnerabilities within Java applications. The rule targets use of `createValueExpression`, `createMethodExpression`, `ELProcessor.eval`, `getValue`, and `setValue` methods, particularly when input to these methods is not a hardcoded string, indicating dynamic evaluation of potentially untruste

The `HttpRequest.getRequestDispatcher()`'s `include` and `forward` methods will return any file that is resolvable within the web application context. This includes the `web.xml` file, any compiled classes, `jsp` files, and additional JAR or WAR libraries that are accessible. Never pass user-supplied input directly to any of these methods. Use a lookup table

The `org.springframework.web.servlet.ModelAndView` class may potentially allow access to restricted files if called with user-supplied input. The ModelAndView class looks up a view by name to resolve a `.jsp` file. If this view name comes from user-supplied input, it could be abused to attempt to return a JSP view that the user should not have access to. Use

The application was found including unvalidated user input into a URL, which could lead to HTTP Parameter Pollution (HPP) or worse, Server Side Request Forgery (SSRF). This could allow an adversary to override the value of a URL or a request parameter. HTTP Parameter Pollution (HPP) attacks consist of injecting encoded query string delimiters into other exis

LDAP injection attacks exploit LDAP queries to influence how data is returned by the LDAP server. Later versions of Java's `InitialDirContext.search` introduced a four argument method, one of which is the `filterArg` parameter. The `filterArg` will be automatically encoded when querying the LDAP server. If this method signature is not available, the applicat

The Object Graph Navigation Language (OGNL) is an expression language that allows access to Java objects and properties stored in an ActionContext. Usage of these low-level functions is discouraged because they can effectively execute strings as code, leading to remote code execution vulnerabilities. Consider using struts tags when processing user-supplied i

The application dynamically constructs file or path information. If the path information comes from user input, it could be abused to read sensitive files, access other users' data, or aid in exploitation to gain further system access. User input should never be used in constructing paths or files for interacting with the filesystem. This includes filenames

The application does not provide authentication when communicating an LDAP server. It is strongly recommended that the LDAP server be configured with authentication and restrict what queries users can execute. Example code that authenticates with a remote LDAP server and encodes any user-supplied input: ``` // Create a properties to hold the ldap connection

A potential hard-coded password was identified in a database connection string. Passwords should not be stored directly in code but loaded from secure locations such as a Key Management System (KMS). The purpose of using a Key Management System is so access can be audited and keys easily rotated in the event of a breach. By hardcoding passwords, it will be e

The application does not provide authentication when communicating a database server. It is strongly recommended that the database server be configured with authentication and restrict what queries users can execute. Please see your database server's documentation on how to configure a password. Additionally, passwords should not be stored directly in code b

A potential hard-coded password was identified in a hard-coded string. Passwords should not be stored directly in code but loaded from secure locations such as a Key Management System (KMS). The purpose of using a Key Management System is so access can be audited and keys easily rotated in the event of a breach. By hardcoding passwords, it will be extremely

The application was found to permit the `RuntimePermission` of `createClassLoader`, `ReflectPermission` of `suppressAccessChecks`, or both. By granting the `RuntimePermission` of `createClassLoader`, a compromised application could instantiate their own class loaders and load arbitrary classes. By granting the `ReflectPermission` of `suppressAccessChecks` an

The application was found setting file permissions to overly permissive values. Consider using the following values if the application user is the only process to access the file: - `r--` - read only access to the file - `w--` - write only access to the file - `rw-` - read/write access to the file Example setting read/write permissions for only the owner of

The application executes an argument using a `ScriptEngine`'s `eval` method. This may allow for direct OS commands to be executed as it's possible to pass in strings such as `java.lang.Runtime.getRuntime().exec('/bin/sh ...');`. Never pass user-supplied input directly to the `eval` function. If possible hardcode all JavasScript code or use a lookup table to

The application was found calling SpringFramework's `SpelExpressionParser.parseExpression`. Calling this method directly with user-supplied input may allow an adversary to execute arbitrary Java code including OS system commands. Never call `parseExpression` or `parseRaw` directly with user-supplied input. Consider alternate methods such as a lookup table to

The Apache commons mail client by default does not enable TLS server identity. This allows for an adversary who is in between the application and the target host to intercept potentially sensitive information or transmit malicious data. Enable checking server identity by calling `Email.setSSLCheckServerIdentity(true)` Example email client that enables TLS an

The application was found calling `MimeMessage` methods without encoding new line characters. Much like HTTP, Simple Mail Transfer Protocol (SMTP) is a text based protocol that uses headers to convey additional directives for how email messages should be treated. An adversary could potentially cause email messages to be sent to unintended recipients by abusi

Server-Side-Request-Forgery (SSRF) exploits backend systems that initiate requests to third parties. If user input is used in constructing or sending these requests, an attacker could supply malicious data to force the request to other systems or modify request data to cause unwanted actions. Ensure user input is not used directly in constructing URLs or URI

The application is using `Integer.toHexString` on a digest array buffer which may lead to an incorrect version of values. Consider using the `java.util.HexFormat` object introduced in Java 17. For older Java applications consider using the `javax.xml.bind.DatatypeConverter`. Example using `HexFormat` to create a human-readable string: ``` // Create a Message

The application allows user input to control format string parameters. By passing invalid format string specifiers an adversary could cause the application to throw exceptions or possibly leak internal information depending on application logic. Never allow user-supplied input to be used to create a format string. Replace all format string arguments with har

The application was found matching a variable during a regular expression pattern match, and then calling string modification functions after validation has occurred. This is usually indicative of a poor input validation strategy as an adversary may attempt to exploit the removal of characters. For example a common mistake in attempting to remove path charac

The application was found matching a variable during a regular expression pattern match, and then calling a Unicode normalize function after validation has occurred. This is usually indicative of a poor input validation strategy as an adversary may attempt to exploit the normalization process. To remediate this issue, always perform Unicode normalization bef

The application may allow control over a template string. Providing user input directly in the template by dynamically creating template strings may allow an adversary to execute arbitrary Java code, including OS system commands. For Velocity, never call `evaluate` with user-supplied input in the template string. Use a `VelocityContext` object instead to dat

The application was found using user-supplied input in a `java.sql.Connection`'s `setCatalog` call. This could allow an adversary to supply a different database for the lifetime of the connection. Allowing external control of system settings can disrupt service or cause an application to behave in unexpected, and potentially malicious ways. Most likely this

SAML parses attestations as an XML document. By processing XML comments, comment fields can end up modifying the interpretation of input fields. This could allow an adversary to insert an XML comment to break up the attestation's username or other fields, allowing an attacker to bypass authorization or authentication checks. To remediate this issue, when usi

Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object construction, which occurs during the deserialization process. - Exploit mass assignment by including fields that are not nor

The application performs XSLT translation with potentially malicious input. An adversary who is able to influence the loaded XSL document could call XSL functions or exploit External XML Entity (XXE) attacks that allow file retrieval or force the parser to connect to arbitrary servers to exfiltrate files. It is strongly recommended that an alternative approa

The application is disabling Wicket's string escaping functionality by calling `setEscapeModelStrings(false)`. This could lead to Cross Site Scripting (XSS) if used with user-supplied input. XSS is an attack which exploits a web application or system to treat user input as markup or script code. It is important to encode the data depending on the specific co

The application is returning user-supplied data from an HTTP request directly into an HTTP response output writer. This could lead to Cross Site Scripting (XSS) if the input were malicious script code and the application server is not properly validating the output. XSS is an attack which exploits a web application or system to treat user input as markup or

External XML entities are a feature of XML parsers that allow documents to contain references to other documents or data. This feature can be abused to read files, communicate with external hosts, exfiltrate data, or cause a Denial of Service (DoS). The XMLReaderFactory has been deprecated. It is recommended that [SAXParserFactory](https://docs.oracle.com/ja

The application is using Buffer API methods with the `noAssert` parameter set to `true` for the read buffer methods. This disables the bounds checking and could result in reading beyond the end of the buffer, leading to potential memory corruption and security vulnerabilities. When `noAssert` is set to `true`, the methods do not perform bounds checking, allo

The application is using Buffer API methods with the `noAssert` parameter set to `true` for the write buffer methods. This disables the bounds checking and could result in writing beyond the end of the buffer, leading to potential memory corruption and security vulnerabilities. When `noAssert` is set to `true`, the methods do not perform bounds checking, all

The application was found calling the `new Buffer` constructor which has been deprecated since Node 8. By passing in a non-literal value, an adversary could allocate large amounts of memory. Other issues also exist with the `Buffer` constructor: - Older versions would return uninitialized memory, which could contain sensitive information - Unable to easily d

The `RegExp` constructor was called with a non-literal value. If an adversary were able to supply a malicious regex, they could cause a Regular Expression Denial of Service (ReDoS) against the application. In Node applications, this could cause the entire application to no longer be responsive to other users' requests. To remediate this issue, never allow us

The application was found calling the `eval` function OR Function() constructor OR setTimeout() OR setInterval() methods. If the variables or strings or functions passed to these methods contains user-supplied input, an adversary could attempt to execute arbitrary JavaScript code. This could lead to a full system compromise in Node applications or Cross-site

Depending on the context, generating weak random numbers may expose cryptographic functions, which rely on these numbers, to be exploitable. When generating numbers for sensitive values such as tokens, nonces, and cryptographic keys, it is recommended that the `randomBytes` method of the `crypto` module be used instead of `pseudoRandomBytes`. Example using `

The application was found calling `dangerouslySetInnerHTML` which may lead to Cross Site Scripting (XSS). By default, React components will encode the data properly before rendering. Calling `dangerouslySetInnerHTML` disables this encoding and allows raw markup and JavaScript to be executed. XSS is an attack which exploits a web application or system to trea

The application was found to dynamically import a module by calling `require` using a non-literal string. An adversary might be able to read the first line of arbitrary files. If they had write access to the file system, they may also be able to execute arbitrary code. To remediate this issue, use a hardcoded string literal when calling `require`. Never call

The application was found executing string comparisons using one of `===`, `!==`, `==` or `!=` against security sensitive values. String comparisons like this are not constant time, meaning the first character found not to match in the two strings will immediately exit the conditional statement. This allows an adversary to calculate or observe small timing d

Markup escaping disabled. This can be used with some template engines to escape disabling of HTML entities, which can lead to XSS attacks.

The application was found using `assert` in non-test code. Usually reserved for debug and test code, the `assert` function is commonly used to test conditions before continuing execution. However, enclosed code will be removed when compiling Python code to optimized byte code. Depending on the assertion and subsequent logic, this could lead to undefined beha

Binding to all network interfaces can potentially open up a service to traffic on unintended interfaces, that may not be properly documented or secured. By passing "0.0.0.0", "::" or an empty string as the address to the `socket.bind` function, the application will bind to all interfaces. Consider passing in the interface ip address through an environment va

Cryptographic algorithms provide many different modes of operation, only some of which provide message integrity. Without message integrity it could be possible for an adversary to attempt to tamper with the ciphertext which could lead to compromising the encryption key. Newer algorithms apply message integrity to validate ciphertext has not been tampered wi

The Blowfish encryption algorithm was meant as a drop-in replacement for DES and was created in 1993. Smaller key sizes may make the ciphertext vulnerable to [birthday attacks](https://en.wikipedia.org/wiki/Birthday_attack). While no known attacks against Blowfish exist, it should never be used to encrypt files over 4GB in size. If possible consider using Ch

DES, TripleDES, RC2 and RC4 are all considered broken or insecure cryptographic algorithms. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications that don't have support for `ChaCha20Po

DES, TripleDES, RC2 and RC4 are all considered broken or insecure cryptographic algorithms. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications that don't have support for `ChaCha20Po

DES, TripleDES, RC2 and RC4 are all considered broken or insecure cryptographic algorithms. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications that don't have support for `ChaCha20Po

The application was found using the `xor` algorithm, which can be trivially decoded. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications that don't have support for `ChaCha20Poly1305`

The application is generating an RSA key that is less than the recommended 2048 bits. The National Institute of Standards and Technology (NIST) deprecated signing Digital Certificates that contained RSA Public Keys of 1024 bits in December 2010. While 1024-bit RSA keys have not been factored yet, advances in compute may make it possible in the near future. C

The application was found using an insufficient curve size for the Elliptical Cryptography (EC) asymmetric algorithm. NIST recommends using a key size of 224 or greater. To remediate this issue, replace the current key size with `ec.SECP384R1`, Example using `ec.SECP384R1`: ``` from cryptography.hazmat.primitives.asymmetric import ec # Generate an EC private

The application was found using an insecure or risky digest or signature algorithm. MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recommended to s

The application was found using an insecure or risky digest or signature algorithm. MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recommended to s

DES, TripleDES, RC2 and RC4 are all considered broken or insecure cryptographic algorithms. Newer algorithms apply message integrity to validate ciphertext has not been tampered with. Consider using `ChaCha20Poly1305` instead as it is easier and faster than the alternatives such as `AES-256-GCM`. For older applications that don't have support for `ChaCha20Po

The Blowfish encryption algorithm was meant as a drop-in replacement for DES and was created in 1993. Smaller key sizes may make the ciphertext vulnerable to [birthday attacks](https://en.wikipedia.org/wiki/Birthday_attack). While no known attacks against Blowfish exist, it should never be used to encrypt files over 4GB in size. If possible consider using Ch

The IDEA encryption algorithm was meant as a drop-in replacement for DES and was created in 1991. A number of [vulnerabilities and exploits](https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm#Security) have been identified to work against IDEA and it is no longer recommended. If possible consider using ChaCha20Poly1305 or AES-GCM instead o

The application was found using an insecure or risky digest or signature algorithm. MD2, MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recommended

The application was found using an insecure or risky digest or signature algorithm. MD2, MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recommended

The application was found using an insecure or risky digest or signature algorithm. MD2, MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recommended

The application was found using an insecure or risky digest or signature algorithm. MD2, MD4, MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recomm

The application was found using an insecure or risky digest or signature algorithm. MD2, MD4, MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recomm

The application was found using an insecure or risky digest or signature algorithm. MD2, MD4, MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recomm

The application was found using an insecure or risky digest or signature algorithm. MD2, MD4, MD5 and SHA1 hash algorithms have been found to be vulnerable to producing collisions. This means that two different values, when hashed, can lead to the same hash value. If the application is trying to use these hash methods for storing passwords, then it is recomm

The application was detected importing `pycrypto`. This package has been deprecated as it contains security vulnerabilities. To remediate this issue, consider using the [cryptography](https://cryptography.io/) package instead.

The application was found using `cPickle` which is vulnerable to deserialization attacks. Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object construction, which occurs during t

The application was found using `dill` which is vulnerable to deserialization attacks. Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object construction, which occurs during the

The application was found using `dill` which is vulnerable to deserialization attacks. Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object construction, which occurs during the

The application was found using `pickle` which is vulnerable to deserialization attacks. Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object construction, which occurs during th

The application was found using `shelve` which is vulnerable to deserialization attacks as it calls `pickle` internally. Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object cons

The application was found using an unsafe version of `yaml` load which is vulnerable to deserialization attacks. Deserialization attacks exploit the process of reading serialized data and turning it back into an object. By constructing malicious objects and serializing them, an adversary may attempt to: - Inject code that is executed upon object construction

SQL Injection is a critical vulnerability that can lead to data or system compromise. By dynamically generating SQL query strings, user input may be able to influence the logic of the SQL statement. This could lead to an adversary accessing information they should not have access to, or in some circumstances, being able to execute OS functionality or code. R

The application was found using Jinja2 `Environment` without autoescaping enabled. If using in the context of HTML this could lead to Cross-Site Scripting (XSS) attacks when rendering with user-supplied input. Unfortunately, Jinja2 does not support context-aware escaping, meaning it is insufficient to protect against XSS for the various web contexts. It is i

The application was found using mako templates without `default_filters` being passed to the `Template` or `TemplateLookup` constructors. If using in the context of HTML, this could lead to Cross-Site Scripting (XSS) attacks when rendering with user-supplied input. Unfortunately, Jinja2 does not support context-aware escaping, meaning it is insufficient to p

The application was found calling the `eval` function with non-literal data. If the variable contains user-controlled data, either partially or fully, an adversary could compromise the entire system by executing arbitrary Python code. To remediate this issue, remove all calls to `eval` and consider alternative methods for executing the necessary business log

The application was found calling the `exec` function with a non-literal variable. If the variable comes from user-supplied input, an adversary could compromise the entire system by executing arbitrary python code. To remediate this issue, remove all calls to `exec` and consider alternative methods for executing the necessary business logic. There is almost

Detected use of the wildcard character in a system call that spawns a shell. This subjects the wildcard to normal shell expansion, which can have unintended consequences if there exist any non-standard file names. For instance, a file named `-e sh script.sh` could cause issues when expanded by the shell and executed as a command. Consider using a different m

Starting a process with a shell; seems safe, but may be changed in the future, consider rewriting without shell

Starting a process with a shell; seems safe, but may be changed in the future, consider rewriting without shell

Found dynamic content when spawning a process. This is dangerous if externaldata can reach this function call because it allows a malicious actor toexecute commands. Ensure no external data reaches here.

Python possesses many mechanisms to invoke an external executable. However, doing so may present a security issue if appropriate care is not taken to sanitize any user provided or variable input. This plugin test is part of a family of tests built to check for process spawning and warn appropriately. Specifically, this test looks for the spawning of a subpro

Found `subprocess` function `$FUNC` with `shell=True`. This is dangerous because this call will spawn the command using a shell process. Doing so propagates current shell settings and variables, which makes it much easier for a malicious actor to execute commands. Use `shell=False` instead.

subprocess call - check for execution of untrusted input

The application was found setting file permissions to overly permissive values. Consider using the following values if the application user is the only process to access the file: - 0400 - read only access to the file - 0200 - write only access to the file - 0600 - read/write access to the file Example creating a file with read/write permissions for the appl

The application may be vulnerable to a path traversal if it extracts untrusted archive files. This vulnerability is colloquially known as 'Zip Slip'. Archive files may contain folders which, when extracted, may write outside of the intended directory. This is exploited by including path traversal characters such as `../../other/directory` to overwrite or pla

The Flask application is running with `debug=True` configured. By enabling this option, certain exceptions or errors could cause sensitive information to be leaked in HTTP responses. Additionally, it is not recommended to run a Flask application using `Flask.run(...)` in production. Instead, a WSGI server such as [gunicorn](https://flask.palletsprojects.com/

The application was found using an FTP library. As FTP does not provide encryption, it is strongly recommended that any file transfers be done over a more secure transport such as SSH. The [paramiko](https://www.paramiko.org/) library can be used with an SCP module to allow secure file transfers. Example using `paramiko` SSH client and the `scp` module: ```

The application was found calling the `logging.config.listen`` function, which provides the ability to listen for external configuration files over a socket server. This listen socket parses part of the configuration and calls `eval` on the supplied configuration file. A local user, or an adversary who is able to exploit a Server Side Request Forgery (SSRF)

Depending on the context, generating weak random numbers may expose cryptographic functions, which rely on these numbers, to be exploitable. When generating numbers for sensitive values such as tokens, nonces, and cryptographic keys, it is recommended that the `secrets` module be used instead. Example using the secrets module: ``` import secrets # Generate a

The application was found using the `requests` module without configuring a timeout value for connections. This could lead to uncontrolled resource consumption where the application could run out of socket descriptors, effectively causing a Denial of Service (DoS). To remediate this issue, pass in a `timeout=` argument to each `requests` call. Example using

Pysnmp was detected using versions SNMPv1 or SNMPv2. SNPMv1 and SNMPv2 are insecure and should no longer be used as they do not offer encryption. If possible, query SNMP devices using SNMPv3 instead. Example querying a device using SNMPv3 with SHA-AES: ``` from pysnmp.hlapi import * # Create the snpm iterator iterator = getCmd( SnmpEngine(), # Configure usin

Pysnmp was detected using SNMPv3 without authentication or encryption protections enabled. - Use of `usmNoAuthProtocol` or `usmNoPrivProtocol` indicates that either authentication or privacy, respectively, is not being used. - The absence of `authKey` (or `authKey=None`) implies no authentication, which is equivalent to using `usmNoAuthProtocol`. - The absen

SQL Injection is a critical vulnerability that can lead to data or system compromise. By dynamically generating SQL query strings, user input may be able to influence the logic of the SQL statement. This could lead to an adversary accessing information they should not have access to, or in some circumstances, being able to execute OS functionality or code. R

The application was found to ignore host keys. Host keys are important as they provide assurance that the client can prove that the host is trusted. By ignoring these host keys, it is impossible for the client to validate the connection is to a trusted host. To remediate this issue, remove the call to `set_missing_host_key_policy(...)` which sets the host ke

The application was found using the `requests` module without configuring a timeout value for connections. The `verify=False` argument has been set, which effectively disables the validation of server certificates. This allows for an adversary who is in between the application and the target host to intercept potentially sensitive information or transmit mal

The application was found calling `ssl.wrap_socket` without a TLS protocol version specified. Additionally, `ssl.wrap_socket` has been deprecated since Python 3.7. It is strongly recommended that newer applications use TLS 1.2 or 1.3 and `SSLContext.wrap_socket`. To remediate this issue, create a new TLS context and pass in `ssl.PROTOCOL_TLS_CLIENT` for clie

The application was found calling an SSL module with SSL or TLS protocols that have known deficiencies. It is strongly recommended that newer applications use TLS 1.2 or 1.3 and `SSLContext.wrap_socket`. If using the `pyOpenSSL` module, please note that it has been deprecated and the Python Cryptographic Authority strongly suggests moving to use the [pyca/cr

The application was found creating a SSL context using the `_create_unverified_context`. This effectively disables the validation of server certificates. This allows for an adversary who is in between the application and the target host to intercept potentially sensitive information or transmit malicious data. To remediate this issue remove the call to `_cre

The application was found using a telnet library. As telnet does not provide encryption, it is strongly recommended that communications use a more secure transport such as SSH. The [paramiko](https://www.paramiko.org/) library can be used to initiate SSH connections. Example using `paramiko` SSH client: ``` import paramiko import scp # Create an SSH client w

The application was found creating files in shared system temporary directories (`/tmp` or `/var/tmp`) without using the `tempfile.TemporaryFile` function. Depending on how the application uses this temporary file, an attacker may be able to create symlinks that point to other files prior to the application creating or writing to the target file, leading to

The application was found creating temporary files with the insecure `mktemp` method. Depending on how the application uses this temporary file, an attacker may be able to create symlinks that point to other files prior to the application creating or writing to the target file, leading to unintended files being created or overwritten. To remediate this issue

The application was found passing in a non-literal value to the `urllib` methods which issue requests. `urllib` supports the `file://` scheme, which may allow an adversary who can control the URL value to read arbitrary files on the file system. To remediate this issue either hardcode the URLs being used in urllib or use the `requests` module instead. Exampl

The application was found using the `xml.etree` package for processing XML. Pythons default xml processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `etree` package s

The application was found using the `xml.etree` package for processing XML. Pythons default xml processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `etree` package s

The application was found using the `lxml.etree` package for processing XML. Python's default XML processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `etree` package

The application was found using the `xml.dom.expatbuilder` which calls the `xml.dom.minidom` package for processing XML. Python's default XML processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity inje

The application was found using the `xml.sax.expatreader` package for processing XML. Python's default XML processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `xml.s

The application was found using the `xml.dom.minidom` package for processing XML. Python's default XML processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `xml.dom.m

The application was found using the `xml.dom.pulldom` package for processing XML. Python's default XML processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `xml.dom.p

The application was found using the `xml.sax` package for processing XML. Python's default XML processors suffer from various XML parsing vulnerabilities and care must be taken when handling XML data. Additionally, depending on the version of Python, more critical vulnerabilities such as eXternal XML Entity injection maybe exploitable. The `xml.sax` package

Starting a process with a partial executable path

Starting a process with a partial executable path

subprocess call - check for execution of untrusted input

The sensitive information may be valuable information on its own (such as a password), or it may be useful for launching other, more deadly attacks. If an attack fails, an attacker may use error information provided by the server to launch another more focused attack. For example, an attempt to exploit a path traversal weakness (CWE-22) might yield the full

Insecure WebView Implementation. leading to a security problem known as SSL certificate validation bypass. This occurs when the app fails to properly validate SSL certificates, allowing potentially malicious or spoofed certificates to be accepted, leading to a Man-in-the-Middle (MitM) attack where an attacker intercepts and manipulates communication between

Remote WebView debugging is enabled. This allows an attacker with debugging access to interact with the webview and steal or corrupt data. To fix these security issues, it is recommended to disable remote debugging and restrict file access in the WebView. Here's how you can do it: ``` WebView webView = new WebView(context); // Disable remote debugging if (Bu

WebView load files from external storage. Files in external storage can be modified by any application. Loading files from external storage in a WebView can introduce security risks, as it allows web content to access potentially sensitive data stored on the device's external storage. This can lead to unauthorized access to user data, including personal file

WebView File System Access is enabled. An attacker able to inject script into a WebView, could exploit the opportunity to unauthorized access to sensitive user data or system files. To fix this security issue, you should disable file access in the WebView or restrict it to specific directories. An example: ``` // Create a WebView instance WebView webView = n

AES with ECB mode is deterministic in nature and not suitable for encrypting large amount of repetitive data.

AES algorithms requires an initialization vector (IV). Providing no or null IV in some implementation results to a 0 IV. Use of a deterministic IV makes dictionary attacks easier.

The MD5 hashing algorithm is considered cryptographically weak and vulnerable to collision attacks, where two different inputs generate the same output hash. When used for hashing sensitive data, attackers can exploit this weakness to generate collisions, allowing them to bypass security checks or masquerade malicious data as legitimate. This vulnerability i

The SHA-1 hashing algorithm is no longer considered secure for cryptographic applications due to its vulnerability to collision attacks, where two different inputs produce the same output hash. SHA-1's susceptibility to collision attacks undermines the security of cryptographic operations, allowing attackers to forge signatures or manipulate data without det

'String comparisons using ''==='', ''!=='', ''!='' and ''=='' is vulnerable to timing attacks. More info: https://snyk.io/blog/node-js-timing-attack-ccc-ctf/'

The application sets NODE_TLS_REJECT_UNAUTHORIZED to '0', which instructs Node.js to disable TLS/SSL certificate validation. This configuration allows the application to accept self-signed certificates or certificates from untrusted authorities, undermining the TLS security model. Disabling TLS/SSL certificate validation compromises the integrity and confide

A weak or broken cryptographic algorithm was identified. Using these functions will introduce vulnerabilities or downgrade the security of your application.

Untrusted input concatinated with raw SQL query using knex raw() or whereRaw() functions can result in SQL Injection.

Untrusted user input in MongoDB $where operator can result in NoSQL JavaScript Injection.

Untrusted input concatinated with raw SQL query can result in SQL Injection.

The Sequelize connection string indicates that TLS certificate validation of database server is disabled. This is equivalent to not having TLS. An attacker can present any invalid certificate and Sequelize will make database connection ignoring certificate errors. This setting make the connection susceptible to man in the middle (MITM) attacks. Not applicabl

'The Sequelize connection string indicates that database server does not use TLS. Non TLS connections are susceptible to man in the middle (MITM) attacks.'

'The Sequelize connection string indicates that an older version of TLS is in use. TLS1.0 and TLS1.1 are deprecated and should be used. By default, Sequelize use TLSv1.2 but it''s recommended to use TLS1.3. Not applicable to SQLite database.'

This application is looping over user controlled objects, which can lead to a layer 7 denial of service vulnerability. A layer 7 denial of service attack refers to overloading the application layer of the OSI model, typically layer 7. This can happen when user-controlled input such as objects, arrays, strings, etc. are iterated or looped over without proper

Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service.

Application can load content over HTTP and that makes the app vulnerable to Man in the middle attacks.

Blink's expirimental features are enabled in this application. Some of the features may affect the security of the application.

Disabling context isolation can introduce Prototype Pollution vulnerabilities.

Disabling webSecurity will disable the same-origin policy and allows the execution of insecure code from any domain.

Experimental features are not expected to be in production ready applications.

Node integration exposes node.js APIs to the electron app and this can introduce remote code execution vulnerabilities to the application if the app is vulnerable to Cross Site Scripting (XSS).

User controlled data in eval() or similar functions may result in Server Side Injection or Remote Code Injection

Passing untrusted user input directly into the require() function without proper validation or sanitization can possibly cause a vulnerability known as remote code execution (RCE). An attacker could manipulate the input to load and execute arbitrary code from external sources, potentially leading to severe security breaches such as data theft, system comprom