Supported Fixes
A "fix" is defined as a code remediation that has been validated and tested by Mobb engineers.
All fixes must meet the following criteria:
The fix addresses the security issue as identified by the SAST tool
The fix should be recognized by the SAST tool (The SAST tool should recognize the finding as fixed upon re-scan)
Here are the categories of stable fixes that Mobb currently supports. If there is a category you'd like to see Mobb support that is not listed here, please email us at support@mobb.ai.
If you'd like us to support a SAST tool that is not listed here, please tell us by submitting it here.
Since different SAST vendors often name issues differently, the issue names in parentheses are the Mobb normalized names.
List of Supported Issue Types for Checkmarx
C#
Declaration Of Catch For Generic Exception
Deserialization of Untrusted Data
HttpOnlyCookies
Improper Exception Handling
Improper Resource Shutdown or Release
Improper Restriction of XXE Ref
Information Exposure Through an Error Message
Information Exposure via Headers
Insecure Cookie
Insufficient Logging of Exceptions
Insufficient Logging of Sensitive Operations
Just One of Equals and Hash code Defined
Log Forging
Path Traversal
Reflected XSS All Clients
SQL Injection
SSRF
Stored XSS
Trust Boundary Violation in Session Variables
Unsafe Object Binding
Unvalidated Arguments Of Public Methods
Use of Insufficiently Random Values
Value Shadowing
Java
Absolute Path Traversal
Command Injection
Confusing Naming
Declaration Of Catch For Generic Exception
Detection of Error Condition Without Action
HttpOnlyCookies
Improper Resource Shutdown or Release
Improper Restriction of Stored XXE Ref
Improper Restriction of XXE Ref
Information Exposure Through an Error Message
Log Forging
Portability Flaw Locale Dependent Comparison
Race Condition Format Flaw
ReDoS From Regex Injection
Reflected XSS All Clients
Relative Path Traversal
SQL Injection
SSRF
Stored Log Forging
Stored XSS
Trust Boundary Violation in Session Variables
Unchecked Input for Loop Condition
Use of Non Cryptographic Random
Use of Wrong Operator in String Comparison
JavaScript / TypeScript
Absolute Path Traversal
Client DOM Open Redirect
Client DOM Stored XSS
Client DOM XSS
Client Hardcoded Domain
Client Insecure Randomness
Client JQuery Deprecated Symbols
Client Password In Comment
Client Potential XSS
Client Regex Injection
Client Use Of Iframe Without Sandbox
Command Injection
Hardcoded password in Connection String
JWT Use Of Hardcoded Secret
Log Forging
Open Redirect
Prototype Pollution
Relative Path Traversal
Server DoS by loop
Server DoS by Loop
SQL Injection
SSRF
Stored XSS
Unchecked Input For Loop Condition
Unprotected Cookie
Unsafe Use Of Target blank
Use of Deprecated or Obsolete Functions
Use Of Hardcoded Password
Use of Insufficiently Random Values
PHP
Use of Non Cryptographic Random
Python
SQL
Default Definer Rights in Package or Object Definition
To learn more about configuring your fix policies in Mobb, click here.
Last updated