Supported Fixes

C#

• Anti-forgery token validation disabled

• Arbitrary File Write via Archive Extraction (Zip Slip)

• Cross-site Scripting (XSS)

• Log Forging

• Path Traversal

• Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

• Sensitive Cookie Without 'HttpOnly' Flag

• Server-Side Request Forgery (SSRF)

• SQL Injection

• Use of Insufficiently Random Values

• XML External Entity (XXE) Injection

GO

• Clear Text Logging

• Command Injection

• Cross-site Scripting (XSS)

• Improper Certificate Validation

• Insecurely Generated Password

• SQL Injection

Java

• Arbitrary File Write via Archive Extraction (Zip Slip)

• Command Injection

• Cross-site Scripting (XSS)

• Improper Neutralization of CRLF Sequences in HTTP Headers

• Open Redirect

• Path Traversal

• Regular expression injection

• Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

• Sensitive Cookie Without 'HttpOnly' Flag

• Server-Side Request Forgery (SSRF)

• SQL Injection

• Trust Boundary Violation

• XML External Entity (XXE) Injection

JavaScript / TypeScript

• Allocation of Resources Without Limits or Throttling

• Command Injection

• Cross-site Scripting (XSS)

• Denial of Service (DoS) through Nested GraphQL Queries

• Indirect Command Injection via User Controlled Environment

• NoSQL Injection

• Open Redirect

• Path Traversal

• Privacy Leak

• Prototype Pollution

• Regular Expression Denial of Service (ReDoS)

• Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

• Server-Side Request Forgery (SSRF)

• SQL Injection

• Use of Hardcoded Credentials

Python

• Arbitrary File Write via Archive Extraction (Tar Slip)

• Code Injection

• Command Injection

• Cross Site Scripting (XSS)

• Debug Mode Enabled

• Incomplete URL sanitization

• Jinja auto-escape is set to false

• Path Traversal

• Regular Expression Denial of Service (ReDoS)

• SQL Injection

CPP

• Buffer Overflow

• String Termination Error

C#

• ASP.NET MVC Bad Practices: Controller Action Without AntiForgery Validation

• Cookie Security: HTTPOnly not Set on Application Cookie

• Cookie Security: Session Cookie not Sent Over SSL

• Cross-Site Scripting: Persistent

• Header Manipulation

• Insecure Randomness

• Insecure Randomness: Hardcoded Seed

• Log Forging

• Mass Assignment: Insecure Binder Configuration

• Mass Assignment: Request Parameters Bound via Input Formatter

• Null Dereference

• Object Model Violation: Just One of Equals() and GetHashCode() Defined

• Open Redirect

• Password Management: Password in Comment

• Path Manipulation

• Path Manipulation: Base Path Overwriting

• Path Manipulation: Zip Entry Overwrite

• Poor Error Handling: Overly Broad Catch

• Poor Logging Practice: Use of a System Output Stream

• SQL Injection

• System Information Leak

• System Information Leak: External

• System Information Leak: Internal

• Trust Boundary Violation

• XML Entity Expansion Injection

• XML External Entity Injection

DOCKERFILE

GO

• Log Forging

Java

• Code Correctness: Class Does Not Implement Equivalence Method

• Code Correctness: Comparison of Boxed Primitive Types

• Code Correctness: Erroneous String Compare

• Command Injection

• Cookie Security: Cookie not Sent Over SSL

• Cookie Security: HTTPOnly not Set

• Cross-Site Request Forgery

• Cross-Site Scripting: Reflected

• Denial of Service

• Denial of Service: Regular Expression

• Denial of Service: StringBuilder

• HTML5: Missing Content Security Policy

• HTTP Parameter Pollution

• Insecure Randomness

• J2EE Bad Practices: Leftover Debug Code

• J2EE Bad Practices: Threads

• Log Forging

• Log Forging (debug)

• Mass Assignment: Insecure Binder Configuration

• Missing Check against Null

• Null Dereference

• Open Redirect

• Password Management: Password in Comment

• Path Manipulation

• Path Manipulation: Zip Entry Overwrite

• Poor Error Handling: Empty Catch Block

• Poor Error Handling: Overly Broad Catch

• Poor Logging Practice: Use of a System Output Stream

• Poor Style: Confusing Naming

• Poor Style: Non-final Public Static Field

• Poor Style: Value Never Read

• Portability Flaw: Locale Dependent Comparison

• Privacy Violation

• Race Condition: Format Flaw

• Server-Side Request Forgery

• Spring Security Misconfiguration: Default Permit

• SQL Injection

• SQL Injection: Persistence

• System Information Leak

• System Information Leak: HTML Comment in JSP

• System Information Leak: Internal

• Trust Boundary Violation

• Unreleased Resource: Database

• Unreleased Resource: Files

• Unreleased Resource: Sockets

• Unreleased Resource: Streams

• Unreleased Resource: Synchronization

• Unreleased Resource: Unmanaged Object

• XML Entity Expansion Injection

• XML External Entity Injection

JavaScript / TypeScript

• Command Injection

• Cookie Security: Cookie not Sent Over SSL

• Credential Management: Hardcoded API Credentials

• Cross-Site Scripting: DOM

• Cross-Site Scripting: Self

• Hardcoded Domain in HTML

• Insecure Randomness

• Insecure Randomness: Hardcoded Seed

• Key Management: Hardcoded Encryption Key

• Open Redirect

• Password Management: Hardcoded Password

• Password Management: Password in Comment

• Path Manipulation

• Privacy Violation: Autocomplete

• System Information Leak: External

• System Information Leak: Internal

PHP

• Insecure Randomness

Python

• Cross-Site Request Forgery

• Dynamic Code Evaluation: Code Injection

• Password Management: Password in Comment

• Path Manipulation

• SQL Injection

• System Information Leak: Internal

XML

• Password Management: Password in Comment

• Weak XML Schema: Unbounded Occurrences

C#

• Declaration Of Catch For Generic Exception

• Deserialization of Untrusted Data

• Dynamic SQL Queries

• Heap Inspection

• HttpOnlyCookies

• Improper Exception Handling

• Improper Resource Shutdown or Release

• Improper Restriction of XXE Ref

• Information Exposure Through an Error Message

• Information Exposure via Headers

• Insecure Cookie

• Insufficient Logging of Exceptions

• Insufficient Logging of Sensitive Operations

• Just One of Equals and Hash code Defined

• Log Forging

• Missing HSTS Header

• Path Traversal

• Reflected XSS

• Reflected XSS All Clients

• SQL Injection

• SSRF

• Stored XSS

• Trust Boundary Violation in Session Variables

• Unsafe Object Binding

• Unvalidated Arguments Of Public Methods

• Use of Insufficiently Random Values

• Value Shadowing

GO

• Command Injection

• Log Forging

• Privacy Violation

• Second Order SQL Injection

• SQL Injection

• SSL Verification Bypass

• Use of Cryptographically Weak PRNG

Java

• Absolute Path Traversal

• Command Injection

• Confusing Naming

• Declaration Of Catch For Generic Exception

• Detection of Error Condition Without Action

• Frameable loging page

• HttpOnlyCookies

• Improper Resource Shutdown or Release

• Improper Restriction of Stored XXE Ref

• Improper Restriction of XXE Ref

• Information Exposure Through an Error Message

• Log Forging

• Open Redirect

• Password In Comment

• Portability Flaw Locale Dependent Comparison

• Privacy Violation

• Race Condition Format Flaw

• ReDoS From Regex Injection

• Reflected XSS All Clients

• Relative Path Traversal

• SQL Injection

• SQL Injection Evasion Attack

• SSRF

• Stored Absolute Path Traversal

• Stored Log Forging

• Stored XSS

• Trust Boundary Violation in Session Variables

• Unchecked Input for Loop Condition

• Unsafe Object Binding

• Use of Hard coded Cryptographic Key

• Use of Non Cryptographic Random

• Use of Wrong Operator in String Comparison

JavaScript / TypeScript

• Absolute Path Traversal

• Client DOM Code Injection

• Client DOM Open Redirect

• Client DOM Stored Code Injection

• Client DOM Stored XSS

• Client DOM XSS

• Client Hardcoded Domain

• Client Insecure Randomness

• Client JQuery Deprecated Symbols

• Client Password In Comment

• Client Potential XSS

• Client Regex Injection

• Client Use Of Iframe Without Sandbox

• Command Injection

• Hardcoded password in Connection String

• HttpOnly Cookie Flag Not Set

• Information Exposure Through an Error Message

• JWT Use Of Hardcoded Secret

• Log Forging

• Missing CSP Header

• Missing HSTS Header

• Open Redirect

• Prototype Pollution

• Relative Path Traversal

• Secret_Leak

• Server DoS by loop

• Server DoS by Loop

• SQL Injection

• SSRF

• Stored XSS

• Unchecked Input For Loop Condition

• Unprotected Cookie

• Unsafe Use Of Target blank

• Use of Deprecated or Obsolete Functions

• Use Of Hardcoded Password

• Use of Insufficiently Random Values

PHP

• Use of Non Cryptographic Random

Python

• Code Injection

• Command Argument Injection

• Debug Enabled

• Filtering Sensitive Logs

• Improper Resource Shutdown or Release

• Information Exposure Through an Error Message

• Log Forging

• Password in Comment

• Path Traversal

• Privacy Violation

• ReDoS Injection

• Second Order SQL Injection

• SQL Injection

• Stored Code Injection

• Stored Command Argument Injection

• Stored Command Argument Injection

• Unchecked Input for Loop Condition

• XSS

SQL

• Default Definer Rights in Package or Object Definition

• Second Order SQL Injection

C#

• Composite format strings should be used correctly

• Creating cookies without the "HttpOnly" flag is security-sensitive

• Creating cookies without the "secure" flag is security-sensitive

• Extracting archives should not lead to zip slip vulnerabilities

• Fields that are only assigned in the constructor should be "readonly"

• Formatting SQL queries is security-sensitive

• I/O function calls should not be vulnerable to path injection attacks

• Logging should not be vulnerable to injection attacks

• Logging templates should be constant

• Not specifying a timeout for regular expressions is security-sensitive

• Null pointers should not be dereferenced

• Sections of code should not be commented out

• Secure random number generators should not output predictable values

• Unassigned members should be removed

• Unread "private" fields should be removed

• Unused private types or members should be removed

DOCKERFILE

• S6471 Running containers as a privileged user is security-sensitive

GO

• Constructing arguments of system commands from user input is security-sensitive

• Database queries should not be vulnerable to injection attacks

• Formatting SQL queries is security-sensitive

• Using pseudorandom number generators (PRNGs) is security-sensitive

Java

• "Preconditions" and logging arguments should not require evaluation

• Accessing files should not lead to filesystem oracle attacks

• Creating cookies without the "HttpOnly" flag is security-sensitive

• Creating cookies without the "secure" flag is security-sensitive

• Database queries should not be vulnerable to injection attacks

• Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks

• Extracting archives should not lead to zip slip vulnerabilities

• Format strings should be used correctly

• Generic exceptions should never be thrown

• I/O function calls should not be vulnerable to path injection attacks

• javasecurity:S5146 HTTP request redirections should not be open to forging attacks

• Logging should not be vulnerable to injection attacks

• Public constants and fields initialized at declaration should be "static final" rather than merely "final"

• Regular expressions should not be vulnerable to Denial of Service attacks

• Sections of code should not be commented out

• Server-side requests should not be vulnerable to traversing attacks

• String literals should not be duplicated

• Strings and Boxed types should be compared using "equals()"

• Try-catch blocks should not be nested

• Unnecessary imports should be removed

• Unused "private" fields should be removed

• Unused assignments should be removed

• Unused local variables should be removed

• Using pseudorandom number generators (PRNGs) is security-sensitive

JavaScript / TypeScript

• Creating cookies without the "secure" flag is security-sensitive

• Database queries should not be vulnerable to injection attacks

• Database queries should not be vulnerable to injection attacks

• DOM updates should not lead to cross-site scripting (XSS) attacks

• DOM updates should not lead to cross-site scripting (XSS) attacks

• DOM updates should not lead to open redirect vulnerabilities

• DOM updates should not lead to open redirect vulnerabilities

• Dynamic code execution should not be vulnerable to injection attacks

• Dynamically executing code is security-sensitive

• Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks

• Fields that are only assigned in the constructor should be "readonly"

• Formatting SQL queries is security-sensitive

• Function returns should not be invariant

• Hard-coded credentials are security-sensitive

• Hard-coded credentials are security-sensitive

• Hard-coded passwords are security-sensitive

• Hard-coded passwords are security-sensitive

• Hard-coded secrets are security-sensitive

• Hard-coded secrets are security-sensitive

• HTTP request redirections should not be open to forging attacks

• HTTP request redirections should not be open to forging attacks

• I/O function calls should not be vulnerable to path injection attacks

• I/O function calls should not be vulnerable to path injection attacks

• Jump statements should not occur in "finally" blocks

• Jump statements should not occur in "finally" blocks

• NoSQL operations should not be vulnerable to injection attacks

• NoSQL operations should not be vulnerable to injection attacks

• OS commands should not be vulnerable to command injection attacks

• Regular expressions should not be vulnerable to Denial of Service attacks

• Regular expressions should not be vulnerable to Denial of Service attacks

• Sections of code should not be commented out

• Sections of code should not be commented out

• Server-side requests should not be vulnerable to forging attacks

• Unnecessary character escapes should be removed

• Unnecessary character escapes should be removed

• Using pseudorandom number generators (PRNGs) is security-sensitive

• Using pseudorandom number generators (PRNGs) is security-sensitive

• Using remote artifacts without integrity checks is security-sensitive

• Using shell interpreter when executing OS commands is security-sensitive

• Using slow regular expressions is security-sensitive

• Using slow regular expressions is security-sensitive

• Variables should be declared explicitly

• Variables should be declared with "let" or "const"

• Variables should be declared with "let" or "const"

PHP

• Using pseudorandom number generators (PRNGs) is security-sensitive

Python

• "Exception" and "BaseException" should not be raised

• Constructing arguments of system commands from user input is security-sensitive

• Database queries should not be vulnerable to injection attacks

• Delivering code in production with debug features activated is security-sensitive

• Disabling auto-escaping in template engines is security-sensitive

• Disabling CSRF protections is security-sensitive

• Do not name local variables as builtin python functions

• Do not use identity comparisons (is / is not) with cached types

• Dynamic code execution should not be vulnerable to injection attacks

• Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks

• Formatting SQL queries is security-sensitive

• Function parameters' default values should not be modified or assigned

• I/O function calls should not be vulnerable to path injection attacks

• Logging should not be vulnerable to injection attacks

• Loop boundaries should not be vulnerable to injection attacks

• Properly use string formatting: add all arguments to the format string, don't supply unused arguments

• python:S5443 Using publicly writable directories is security-sensitive

• python:S5754 "SystemExit" should be re-raised

• Regular expressions should not be vulnerable to Denial of Service attacks

• Sections of code should not be commented out

• String literals should not be duplicated

• The "print" statement should not be used

• Unused assignments should be removed

• Wildcard imports should not be used

YAML

• Ensure whitespace in-between braces in template directives

CPP

• No space for zero terminator

• Use of dangerous function

C#

• Arbitrary file access during archive extraction (”Zip Slip”)

• Deserialization of untrusted data

• Insecure randomness

• Log entries created from user input

• SQL Injection

• Uncontrolled data used in path expression

GO

• Clear-text logging of sensitive information

• Command Injection

• Disabled TLS certificate check

• Incomplete regular expression for hostnames

• Log entries created from user input

• SQL Injection

Java

• Arbitrary file access during archive extraction (”Zip Slip”)

• Cross-site scripting

• Executing a command with a relative path

• Failure to use secure cookies

• HTTP response splitting

• Information exposure through an error message

• Log Injection

• Query built by concatenation with a possibly-untrusted string

• Query built from user-controlled sources

• Resolving XML external entity in user-controlled data

• Server-side request forgery

• Uncontrolled command line

• Uncontrolled data used in path expression

JavaScript / TypeScript

• Clear text transmission of sensitive cookie

• Client-side cross-site scripting

• Client-side URL redirect

• Database query built from user-controlled sources

• DOM text reinterpreted as HTML

• Hard-coded credentials

• Inclusion of functionality from an untrusted source

• Incomplete regular expression for hostnames

• Incomplete URL scheme check

• Incomplete URL substring sanitization

• Inefficient regular expression

• Information exposure through a stack trace

• Insecure randomness

• Log injection

• Missing rate limiting

• Overly permissive regular expression range

• Prototype-polluting assignment

• Prototype-polluting function

• Reflected cross-site scripting

• Reflected cross-site scripting

• Regular expression injection

• Server-side request forgery

• Server-side URL redirect

• Type confusion through parameter tampering

• Uncontrolled command line

• Uncontrolled data used in path expression

• Untrusted data passed to external API

• Useless regular-expression character escape

Python

• Arbitrary file write during tarfile extraction

• Code injection

• Flask app is run in debug mode

• Incomplete URL substring sanitization

• Information exposure through an exception

• Jinja2 templating with autoescape=False

• Jinja2 templating with autoescape=False

• Log Injection

• Overly permissive regular expression range

• Regular expression injection

• SQL query built from user-controlled sources

• Uncontrolled data used in path expression

• XSS

C#

• csharp/lang.best-practice.structured-logging.structured-logging

• lang.security.sqli.csharp-sqli.csharp-sqli

• OS command injection

• security_code_scan.SCS0002-1

• Use of cryptographically weak Pseudo-Random Number Generator (PRNG)

DOCKERFILE

• security.missing-user-entrypoint.missing-user-entrypoint

• security.missing-user.missing-user

GO

• Cookie Missing HTTP only

• dgryski.semgrep-go.errnilcheck.err-nil-check

• go.lang.security.audit.dangerous-exec-command.dangerous-exec-command

• go.lang.security.injection.open-redirect.open-redirect

• gorilla.security.audit.websocket-missing-origin-check.websocket-missing-origin-check

• insecure-transport.go-stdlib.bypass-tls-verification.bypass-tls-verification

• lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion

• lang.security.audit.dangerous-exec-command.dangerous-exec-command

• lang.security.audit.database.string-formatted-query

• lang.security.audit.sqli.pgx-sqli.pgx-sqli

• lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter

• lang.security.injection.tainted-sql-string

• OS command injection

Java

• File Path Traversal in HttpServlet

• find_sec_bugs.FILE_UPLOAD_FILENAME-1

• find_sec_bugs.HTTPONLY_COOKIE-1

• find_sec_bugs.INSECURE_COOKIE-1

• find_sec_bugs.PATH_TRAVERSAL_OUT-1.PATH_TRAVERSAL_OUT-1

• find_sec_bugs.PREDICTABLE_RANDOM-1

• find_sec_bugs.PT_ABSOLUTE_PATH_TRAVERSAL-1

• find_sec_bugs.PT_RELATIVE_PATH_TRAVERSAL-1

• find_sec_bugs.UNVALIDATED_REDIRECT-1.URL_REWRITING-1

• find_sec_bugs.WEAK_FILENAMEUTILS-1

• gitlab.find_sec_bugs.CUSTOM_INJECTION-1

• gitlab.find_sec_bugs.CUSTOM_INJECTION-2

• gitlab.find_sec_bugs.SQL_INJECTION_SPRING_JDBC-1.SQL_INJECTION_JPA-1.SQL_INJECTION_JDO-1.SQL_INJECTION_JDBC-1.SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE-1

• gitlab.find_sec_bugs.SQL_INJECTION_SPRING_JDBC-1.SQL_INJECTION_JPA-1.SQL_INJECTION_JDO-1.SQL_INJECTION_JDBC-1.SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE-1.SQL_INJECTION-1.SQL_INJECTION_HIBERNATE-1.SQL_INJECTION_VERTX-1.SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING-1

• java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly

• java.lang.security.audit.cookie-missing-httponly.cookie-missing-httponly

• java.lang.security.audit.cookie-missing-secure-flag.cookie-missing-secure-flag

• java.lang.security.audit.crypto.weak-random.weak-random

• java.lang.security.audit.formatted-sql-string.formatted-sql-string

• java.lang.security.audit.sqli.jdbc-sqli.jdbc-sqli

• java.lang.security.audit.sqli.tainted-sql-from-http-request.tainted-sql-from-http-request

• java.mobb.custom_injection

• java.servlets.security.cookie-issecure-false.cookie-issecure-false

• java/mobb.pt_find_transitives

• lang.security.audit.command-injection-process-builder

• lang.security.audit.command-injection-process-builder.command-injection-process-builder

• lang.security.audit.unvalidated-redirect.unvalidated-redirect

• Path Traversal

• Relative File Path Traversal in HttpServlet

• Server-Side-Request-Forgery (SSRF)

• spring.security.audit.spring-unvalidated-redirect.spring-unvalidated-redirect

• SQL Injection

• Tainted File Path

JavaScript / TypeScript

• ajinabraham.njsscan.crypto.crypto_node.node_insecure_random_generator

• browser.security.eval-detected.eval-detected

• browser.security.insecure-document-method.insecure-document-method

• detect-non-literal-regexp

• Detected possible path traversal

• Detected possible path traversal

• Detected possible user input going into a path.join or path.resolve function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.

• eslint.detect-child-process

• eslint.detect-eval-with-expression

• eslint.detect-non-literal-regexp

• eslint.detect-object-injection

• eslint.detect-pseudoRandomBytes

• eslint.react-dangerouslysetinnerhtml

• express.security.audit.express-open-redirect.express-open-redirect

• express.security.audit.possible-user-input-redirect.unknown-value-in-redirect

• express.security.audit.xss.direct-response-write

• express.security.audit.xss.direct-response-write.direct-response-write

• express.security.injection.tainted-sql-string

• express.security.injection.tainted-sql-string.tainted-sql-string

• generic.secrets.gitleaks.generic-api-key

• generic.secrets.gitleaks.generic-api-key.generic-api-key

• gitlab.eslint.detect-object-injection

• gitlab.nodejs_scan.javascript-crypto-rule-node_insecure_random_generator

• gitlab.nodejs_scan.javascript-crypto-rule-node_insecure_random_generator

• html.security.audit.missing-integrity.missing-integrity

• https://semgrep.dev/r?q=javascript.lang.security.audit.incomplete-sanitization.incomplete-sanitization

• javascript-database-rule-node_knex_sqli_injection

• javascript-database-rule-node_nosqli_injection

• javascript-database-rule-node_nosqli_js_injection

• javascript-database-rule-node_sqli_injection

• javascript-dos-rule-regex_dos

• javascript-dos-rule-regex_dos

• javascript-jwt-rule-jwt_express_hardcoded

• javascript-jwt-rule-jwt_express_hardcoded

• javascript-redirect-rule-express_open_redirect

• javascript-redirect-rule-express_open_redirect

• javascript-redirect-rule-express_open_redirect2

• javascript-xss-rule-express_xss

• javascript.browser.security.insecure-innerhtml.insecure-innerhtml

• javascript.browser.security.raw-html-concat.raw-html-concat

• javascript.browser.security.wildcard-postmessage-configuration.wildcard-postmessage-configuration

• javascript.express.security.audit.xss.ejs.explicit-unescape.template-explicit-unescape

• javascript.express.security.injection.raw-html-format.raw-html-format

• javascript.jquery.security.audit.jquery-insecure-selector.jquery-insecure-selector

• javascript.lang.security.audit.detect-non-literal-fs-filename.detect-non-literal-fs-filename

• javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp

• javascript.lang.security.audit.detect-redos-mobb.detect-redos-mobb

• javascript.lang.security.audit.prototype-pollution-loop-mobb.prototype-pollution-loop-mobb

• javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop

• javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring

• javascript.lang.security.detect-child-process.detect-child-process

• javascript.mobb.log_forging

• javascript.mobb.system-information-leak-external

• jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret

• lang.security.audit.sqli.node-knex-sqli.node-knex-sqli

• lang.security.audit.sqli.node-postgres-sqli.node-postgres-sqli

• mobb.security.audit.express-check-cmdi

• njsscan.dos.regex_dos.regex_dos

• njsscan.dos.regex_injection.regex_injection_dos

• njsscan.eval.eval_node.eval_nodejs

• njsscan.generic.hardcoded_secrets.node_password

• njsscan.generic.hardcoded_secrets.node_secret

• njsscan.traversal.path_traversal.generic_path_traversal

• njsscan.xss.xss_node.express_xss

• nodejs_scan.javascript-crypto-rule-node_insecure_random_generator

• nodejs_scan.javascript-database-rule-node_knex_sqli_injection

• nodejs_scan.javascript-database-rule-node_nosqli_injection

• nodejs_scan.javascript-database-rule-node_nosqli_js_injection

• nodejs_scan.javascript-database-rule-node_sqli_injection

• nodejs_scan.javascript-dos-rule-regex_dos

• nodejs_scan.javascript-eval-rule-eval_nodejs

• nodejs_scan.javascript-exec-rule-shelljs_os_command_exec

• nodejs_scan.javascript-exec-rule-shelljs_os_command_exec

• nodejs_scan.javascript-jwt-rule-hardcoded_jwt_secret

• nodejs_scan.javascript-jwt-rule-jwt_express_hardcoded

• nodejs_scan.javascript-redirect-rule-express_open_redirect

• nodejs_scan.javascript-redirect-rule-express_open_redirect2

• nodejs_scan.javascript-xss-rule-express_xss

• Please provide a new title that explains javascript.lang.correctness.missing-template-string-indicator.missing-template-string-indicator

• Possible writing outside of the destination, make sure that the target path is nested in the intended destination

• pt using rendering templates

• pt using rendering templates

• pt using rendering templates

• pt using rendering templates

• react.security.audit.react-unsanitized-method.react-unsanitized-method

• secrets.gitleaks.generic-api-key

• secrets.gitleaks.generic-api-key.generic-api-key

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• SSRF

• typescript.lang.correctness.useless-ternary.useless-ternary

• typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml

Python

• A missing encoding argument in open() can lead corrupted data

• B113: request_without_timeout

• B602: subprocess_popen_with_shell_equals_true

• B603: subprocess_without_shell_equals_true

• B604: subprocess_popen_with_shell_equals_true

• bandit.B201

• bandit.B307

• django.security.injection.code.user-eval-format-string.user-eval-format-string

• django.security.injection.code.user-eval.user-eval

• django.security.injection.code.user-exec-format-string.user-exec-format-string

• django.security.injection.code.user-exec.user-exec

• django.security.injection.path-traversal.path-traversal-open

• django.security.injection.path-traversal.path-traversal-open.path-traversal-open

• django.security.injection.tainted-sql-string.tainted-sql-string

• flask.security.injection.path-traversal-open

• flask.security.injection.path-traversal-open.path-traversal-open

• flask.security.injection.subprocess-injection

• flask.security.injection.tainted-sql-string.tainted-sql-string

• flask.security.injection.user-eval.eval-injection

• flask.security.injection.user-exec.exec-injection

• gitlab.bandit.B113

• lang.maintainability.is-function-without-parentheses.is-function-without-parentheses

• lang.security.audit.dangerous-asyncio-create-exec-audit

• lang.security.audit.dangerous-subprocess-use-audit.dangerous-subprocess-use-audit

• lang.security.audit.eval-detected.eval-detected

• lang.security.audit.exec-detected.exec-detected

• lang.security.audit.logging.logger-credential-leak.python-logger-credential-disclosure

• lang.security.dangerous-subprocess-use

• Please provide a new title that explains bandit.B101

• Please provide a new title that explains lang.correctness.return-in-init.return-in-init

• Possible cmdi attack

• possible os cmdi

• possible os cmdi

• possible os cmdi

• possible os cmdi

• possible os cmdi

• possible os cmdi

• python.django.correctness.nontext-field-must-set-null-true.nontext-field-must-set-null-true

• python.django.security.audit.avoid-mark-safe.avoid-mark-safe

• python.django.security.django-no-csrf-token.django-no-csrf-token

• python.django.security.injection.open-redirect.open-redirect

• python.flask.security.audit.debug-enabled.debug-enabled

• python.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2

• python.flask.security.xss.audit.explicit-unescape-with-markup.explicit-unescape-with-markup

• python.jinja2.security.audit.missing-autoescape-disabled.missing-autoescape-disabled

• python.lang.correctness.exit.use-sys-exit

• python.lang.maintainability.useless-ifelse.useless-if-body

• python.lang.security.audit.dangerous-subprocess-use-audit.dangerous-subprocess-use-audit

• python.lang.security.audit.exec-detected.exec-detected

• python.lang.security.audit.formatted-sql-query.formatted-sql-query

• python.lang.security.audit.sqli.psycopg-sqli.psycopg-sqli

• python.lang.security.audit.subprocess-shell-true.subprocess-shell-true

• python.lang.security.insecure-uuid-version.insecure-uuid-version

• python.requests.best-practice.use-raise-for-status.use-raise-for-status

• python.requests.best-practice.use-timeout.use-timeout

• python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text

• python.sqlalchemy.security.sqlalchemy-execute-raw-query.sqlalchemy-execute-raw-query

• python.tarfile-extractall-traversal.tarfile-extractall-traversal

• python_exec_rule-subprocess-call-array

• sqli

• sqli

• sqli

• sqli

• sqli

• sqli

• sqli

• The application may be vulnerable to a path traversal if it extracts untrusted archive files.

• The application was found calling the exec function with a non-literal variable

• XSS

YAML

• An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release.

• Please provide a new title that explains github-actions.security.third-party-action-not-pinned-to-commit-sha

• Service '$SERVICE' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this.

• Service has a writable filesystem

• Service port is exposed on all interfaces

• yaml.github-actions.security.run-shell-injection.run-shell-injection

GO

• SQL Injection

Java

• Avoid user-input file

• Avoid using printStackTrace()

• Prefer SecureRandom over Random

• Prevent path traversal

JavaScript / TypeScript

• Avoid setting insecure cookie settings

• Command Injection

• Path traversal

• SQL Injection

• SQL Injection

Python

• Avoid SQL injections

• Do not use an empty list as a default parameter

• no-exec

• Path Traversal