From 42548de78f47e97068a1b33d896ce078fe8ea644 Mon Sep 17 00:00:00 2001
From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com>
Date: Wed, 10 Jan 2024 22:50:30 +0100
Subject: [PATCH] advance snyk to support snykcode and snykcontainer #9270
(#9289)
* advance snyk to support snykcode and snykcontainer #9270
* :construction: update
* works, but information in findings is still missing
* shorten unittestfile
* finish
---
dojo/tools/snyk/parser.py | 65 +-
unittests/scans/snyk/snykcode_issue_9270.json | 10782 ++++++++++++++++
.../scans/snyk/snykcontainer_issue_9270.json | 4041 ++++++
unittests/tools/test_snyk_parser.py | 15 +-
4 files changed, 14890 insertions(+), 13 deletions(-)
create mode 100644 unittests/scans/snyk/snykcode_issue_9270.json
create mode 100644 unittests/scans/snyk/snykcontainer_issue_9270.json
diff --git a/dojo/tools/snyk/parser.py b/dojo/tools/snyk/parser.py
index 0918fc7f110..b5ee592cabe 100755
--- a/dojo/tools/snyk/parser.py
+++ b/dojo/tools/snyk/parser.py
@@ -42,23 +42,25 @@ def parse_json(self, json_output):
def get_items(self, tree, test):
items = {}
- target_file = tree.get("displayTargetFile", None)
- upgrades = tree.get("remediation", {}).get("upgrade", None)
+ iterator = 0
if "vulnerabilities" in tree:
+ target_file = tree.get("displayTargetFile", None)
+ upgrades = tree.get("remediation", {}).get("upgrade", None)
vulnerabilityTree = tree["vulnerabilities"]
-
for node in vulnerabilityTree:
item = self.get_item(
node, test, target_file=target_file, upgrades=upgrades
)
- unique_key = node["title"] + str(
- node["packageName"]
- + str(node["version"])
- + str(node["from"])
- + str(node["id"])
+ items[iterator] = item
+ iterator += 1
+ elif "runs" in tree and tree["runs"][0].get("results"):
+ results = tree["runs"][0]["results"]
+ for node in results:
+ item = self.get_code_item(
+ node, test
)
- items[unique_key] = item
-
+ items[iterator] = item
+ iterator += 1
return list(items.values())
def get_item(self, vulnerability, test, target_file=None, upgrades=None):
@@ -211,5 +213,48 @@ def get_item(self, vulnerability, test, target_file=None, upgrades=None):
current_pack_version, upgraded_pack
)
finding.mitigation += "\n - ".join(tertiary_upgrade_list)
+ return finding
+ def get_code_item(self, vulnerability, test):
+ ruleId = vulnerability["ruleId"]
+ ruleIndex = vulnerability["ruleIndex"]
+ message = vulnerability["message"]["text"]
+ score = vulnerability["properties"]["priorityScore"]
+ locations_uri = vulnerability["locations"][0]["physicalLocation"]["artifactLocation"]["uri"]
+ locations_uriBaseId = vulnerability["locations"][0]["physicalLocation"]["artifactLocation"]["uriBaseId"]
+ locations_startLine = vulnerability["locations"][0]["physicalLocation"]["region"]["startLine"]
+ locations_endLine = vulnerability["locations"][0]["physicalLocation"]["region"]["endLine"]
+ locations_startColumn = vulnerability["locations"][0]["physicalLocation"]["region"]["startColumn"]
+ locations_endColumn = vulnerability["locations"][0]["physicalLocation"]["region"]["endColumn"]
+ isAutofixable = vulnerability["properties"]["isAutofixable"]
+ if score <= 399:
+ severity = "Low"
+ elif score <= 699:
+ severity = "Medium"
+ elif score <= 899:
+ severity = "High"
+ else:
+ severity = "Critical"
+ # create the finding object
+ finding = Finding(
+ title=ruleId + "_" + locations_uri,
+ test=test,
+ severity=severity,
+ description="**ruleId**: " + str(ruleId) + "\n"
+ + "**ruleIndex**: " + str(ruleIndex) + "\n"
+ + "**message**: " + str(message) + "\n"
+ + "**score**: " + str(score) + "\n"
+ + "**uri**: " + locations_uri + "\n"
+ + "**uriBaseId**: " + locations_uriBaseId + "\n"
+ + "**startLine**: " + str(locations_startLine) + "\n"
+ + "**endLine**: " + str(locations_endLine) + "\n"
+ + "**startColumn**: " + str(locations_startColumn) + "\n"
+ + "**endColumn**: " + str(locations_endColumn) + "\n"
+ + "**isAutofixable**: " + str(isAutofixable) + "\n",
+ false_p=False,
+ duplicate=False,
+ out_of_scope=False,
+ static_finding=True,
+ dynamic_finding=False,
+ )
return finding
diff --git a/unittests/scans/snyk/snykcode_issue_9270.json b/unittests/scans/snyk/snykcode_issue_9270.json
new file mode 100644
index 00000000000..b9a56f85c44
--- /dev/null
+++ b/unittests/scans/snyk/snykcode_issue_9270.json
@@ -0,0 +1,10782 @@
+{
+ "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
+ "version": "2.1.0",
+ "runs": [
+ {
+ "tool": {
+ "driver": {
+ "name": "SnykCode",
+ "semanticVersion": "1.0.0",
+ "version": "1.0.0",
+ "rules": [
+ {
+ "id": "javascript/XSS",
+ "name": "XSS",
+ "shortDescription": {
+ "text": "Cross-site Scripting (XSS)"
+ },
+ "defaultConfiguration": {
+ "level": "warning"
+ },
+ "help": {
+ "markdown": "## Details\n\nA cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.\n\nThis is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser's Same Origin Policy.\n\nInjecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.\n\nEscaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, `<` can be coded as `<`; and `>` can be coded as `>`; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses `<` and `>` as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they've been correctly escaped in the application code and in this way the attempted attack is diverted.\n\nThe most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.\n\n### Types of attacks\nThere are a few methods by which XSS can be manipulated:\n\n|Type|Origin|Description|\n|--|--|--|\n|**Stored**|Server|The malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.|\n|**Reflected**|Server|The attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user's browser.|\n|**DOM-based**|Client|The attacker forces the user's browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.|\n|**Mutated**| |The attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.|\n\n### Affected environments\nThe following environments are susceptible to an XSS attack:\n\n* Web servers\n* Application servers\n* Web application environments\n\n## Best practices for prevention\nThis section describes the top best practices designed to specifically protect your code:\n\n* Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.\n* Convert special characters such as `?`, `&`, `/`, `<`, `>` and spaces to their respective HTML or URL encoded equivalents.\n* Give users the option to disable client-side scripts.\n* Redirect invalid requests.\n* Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.\n* Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.\n* Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "XSS",
+ "Security",
+ "SourceNetworkRequest",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/mjackson/unpkg/commit/db69375e9c944a115e0d542485694e5529e1ddd7?diff=split#diff-59f9f1a3f7e9116d78e320b8b4f3739db8ceaddcff22dae7d19dbc2a5304024aL-1",
+ "lines": [
+ {
+ "line": "res.status(404).send(`Cannot find main file \"${mainFilename}\" in package ${req.packageSpec}`)\n",
+ "lineNumber": 95,
+ "lineChange": "removed"
+ },
+ {
+ "line": "res.status(404).type('text').send(`Cannot find main file \"${mainFilename}\" in package ${req.packageSpec}`)\n",
+ "lineNumber": 95,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/themeblvd/backroad/commit/08be2967098668a994d9d8bd034452c7b5b1ae6b?diff=split#diff-a73913970ad590fbf5ed8688eed6f7eda75939c6217a98c2d583e27709b7226fL-1",
+ "lines": [
+ {
+ "line": "res.status(500).send(err);\n",
+ "lineNumber": 80,
+ "lineChange": "removed"
+ },
+ {
+ "line": "res.status(404).send({ message: 'User not found.' });\n",
+ "lineNumber": 80,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/embark-framework/embark/commit/efbe71f5e25a3070088a3ea3a08e953e8e446a52?diff=split#diff-7c96a33de8e6615819fd2eccdb5d047d6fde50184a37faf63235fcf90319a606L-1",
+ "lines": [
+ {
+ "line": "return res.send(\"-- couldn't profile \" + contractName + \" - it's not deployed or could be an interface\");\n",
+ "lineNumber": 82,
+ "lineChange": "removed"
+ },
+ {
+ "line": "return res.send({error: \"-- couldn't profile \" + contractName + \" - it's not deployed or could be an interface\"});\n",
+ "lineNumber": 82,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 141,
+ "cwe": [
+ "CWE-79"
+ ]
+ }
+ },
+ {
+ "id": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "name": "NoRateLimitingForExpensiveWebOperation",
+ "shortDescription": {
+ "text": "Allocation of Resources Without Limits or Throttling"
+ },
+ "defaultConfiguration": {
+ "level": "warning"
+ },
+ "help": {
+ "markdown": "\n## Details\n\nWithout unlimited resources, software operating in the real world is inherently limited in the resources it may consume; similarly, servers are limited by the number of simultaneous sessions they can handle. Therefore, it is important for developers to design software that considers these real-world physical (or virtual) limitations and limits user sessions accordingly, both in terms of the number of user sessions and in the quantity of resources each user may demand. Software with this weakness does not include such limitations and as a result, individual user sessions may consume too many resources, leading to unintended software behavior including, potentially, denial of service. This can be compared to a single restaurant customer emptying out the entire buffet, leaving no food for other customers--or an entire busload mobbing the buffet all at once, with a similar effect. This may happen inadvertently or as a result of an attack by a malicious user.\n\n## Best practices for prevention\n* Test extensively to obtain baseline values indicating how the software performs in the real world under various conditions (normal and peak); use these values to determine reasonable software limits.\n* Set clear limits for all flexible parameters such as maximum allocable memory, number of processes within a given timeframe, file descriptors, requests per client, number of records per request, etc. This is particularly true for any parameters within user control.\n* Release all resources when no longer in use, including incorporating timeouts for inactive users, processes, and resources.\n* Familiarize Dev, Ops, and IT teams with best practices for recognizing and preventing DoS attacks and out-of-control resource allocation to prevent catastrophic failures.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "NoRateLimitingForExpensiveWebOperation",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/ministryofjustice/apvs-external-web/commit/0c9c9b33869909092d7cb442f10e76a08e4acb60?diff=split#diff-322f0482bd28fc40f84fcb0aaf208fef7fb63082d462cf02d11f46e59c531c24L-1",
+ "lines": [
+ {
+ "line": "// rate limiting\n",
+ "lineNumber": 43,
+ "lineChange": "added"
+ },
+ {
+ "line": "if (config.RATE_LIMITING_ENABLED === 'true') {\n",
+ "lineNumber": 44,
+ "lineChange": "added"
+ },
+ {
+ "line": " app.enable('trust proxy')\n",
+ "lineNumber": 45,
+ "lineChange": "added"
+ },
+ {
+ "line": " var limiter = new RateLimit({\n",
+ "lineNumber": 46,
+ "lineChange": "added"
+ },
+ {
+ "line": " windowMs: parseInt(config.RATE_LIMITING_WINDOW_MILLISECONDS),\n",
+ "lineNumber": 47,
+ "lineChange": "added"
+ },
+ {
+ "line": " max: parseInt(config.RATE_LIMITING_REQUEST_LIMIT),\n",
+ "lineNumber": 48,
+ "lineChange": "added"
+ },
+ {
+ "line": " delayMs: 0, // disable delaying - full speed until the max limit is reached\n",
+ "lineNumber": 49,
+ "lineChange": "added"
+ },
+ {
+ "line": " skip: function (req) {\n",
+ "lineNumber": 50,
+ "lineChange": "added"
+ },
+ {
+ "line": " return req.url.startsWith('/public') // skip public assets\n",
+ "lineNumber": 51,
+ "lineChange": "added"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 52,
+ "lineChange": "added"
+ },
+ {
+ "line": " })\n",
+ "lineNumber": 53,
+ "lineChange": "added"
+ },
+ {
+ "line": " // apply to all requests\n",
+ "lineNumber": 54,
+ "lineChange": "added"
+ },
+ {
+ "line": " app.use(limiter)\n",
+ "lineNumber": 55,
+ "lineChange": "added"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 56,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 57,
+ "lineChange": "added"
+ },
+ {
+ "line": "var packageJson = require('../package.json')\n",
+ "lineNumber": 58,
+ "lineChange": "none"
+ },
+ {
+ "line": "var developmentMode = app.get('env') === 'development'\n",
+ "lineNumber": 59,
+ "lineChange": "none"
+ },
+ {
+ "line": "var releaseVersion = packageJson.version\n",
+ "lineNumber": 60,
+ "lineChange": "none"
+ },
+ {
+ "line": "var serviceName = 'Get help with prison visits'\n",
+ "lineNumber": 61,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 62,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.set('view engine', 'html')\n",
+ "lineNumber": 63,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.set('views', path.join(__dirname, 'views'))\n",
+ "lineNumber": 64,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 65,
+ "lineChange": "none"
+ },
+ {
+ "line": "nunjucks(app, {\n",
+ "lineNumber": 66,
+ "lineChange": "none"
+ },
+ {
+ "line": " watch: developmentMode,\n",
+ "lineNumber": 67,
+ "lineChange": "none"
+ },
+ {
+ "line": " noCache: developmentMode\n",
+ "lineNumber": 68,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 69,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 70,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use('/public', express.static(path.join(__dirname, 'public')))\n",
+ "lineNumber": 71,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use('/public', express.static(path.join(__dirname, 'govuk_modules', 'govuk_template')))\n",
+ "lineNumber": 72,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use('/public', express.static(path.join(__dirname, 'govuk_modules', 'govuk_frontend_toolkit')))\n",
+ "lineNumber": 73,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(favicon(path.join(__dirname, 'govuk_modules', 'govuk_template', 'images', 'favicon.ico')))\n",
+ "lineNumber": 74,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 75,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Basic auth\n",
+ "lineNumber": 76,
+ "lineChange": "none"
+ },
+ {
+ "line": "if (config.BASIC_AUTH_ENABLED === 'true') {\n",
+ "lineNumber": 77,
+ "lineChange": "none"
+ },
+ {
+ "line": " app.use(function (req, res, next) {\n",
+ "lineNumber": 78,
+ "lineChange": "none"
+ },
+ {
+ "line": " var credentials = auth(req)\n",
+ "lineNumber": 79,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 80,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (req.url === '' || req.url === '/' || req.url === '/status') {\n",
+ "lineNumber": 81,
+ "lineChange": "none"
+ },
+ {
+ "line": " next() // must leave root url free for Azure gateway\n",
+ "lineNumber": 82,
+ "lineChange": "none"
+ },
+ {
+ "line": " } else {\n",
+ "lineNumber": 83,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (!credentials ||\n",
+ "lineNumber": 84,
+ "lineChange": "none"
+ },
+ {
+ "line": " credentials.name !== config.BASIC_AUTH_USERNAME ||\n",
+ "lineNumber": 85,
+ "lineChange": "none"
+ },
+ {
+ "line": " credentials.pass !== config.BASIC_AUTH_PASSWORD) {\n",
+ "lineNumber": 86,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.statusCode = 401\n",
+ "lineNumber": 87,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.setHeader('WWW-Authenticate', 'Basic realm=\"APVS External Web\"')\n",
+ "lineNumber": 88,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.end('Access denied')\n",
+ "lineNumber": 89,
+ "lineChange": "none"
+ },
+ {
+ "line": " } else {\n",
+ "lineNumber": 90,
+ "lineChange": "none"
+ },
+ {
+ "line": " next()\n",
+ "lineNumber": 91,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 92,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 93,
+ "lineChange": "none"
+ },
+ {
+ "line": " })\n",
+ "lineNumber": 94,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 95,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 96,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(bodyParser.json())\n",
+ "lineNumber": 97,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(bodyParser.urlencoded({ extended: false }))\n",
+ "lineNumber": 98,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(expressSanitized())\n",
+ "lineNumber": 99,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 100,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Send assetPath to all views.\n",
+ "lineNumber": 101,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(function (req, res, next) {\n",
+ "lineNumber": 102,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.locals.asset_path = '/public/'\n",
+ "lineNumber": 103,
+ "lineChange": "none"
+ },
+ {
+ "line": " next()\n",
+ "lineNumber": 104,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 105,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 106,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Add variables that are available in all views.\n",
+ "lineNumber": 107,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(function (req, res, next) {\n",
+ "lineNumber": 108,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.locals.serviceName = serviceName\n",
+ "lineNumber": 109,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.locals.releaseVersion = 'v' + releaseVersion\n",
+ "lineNumber": 110,
+ "lineChange": "none"
+ },
+ {
+ "line": " next()\n",
+ "lineNumber": 111,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 112,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 113,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Set locale for translations.\n",
+ "lineNumber": 114,
+ "lineChange": "none"
+ },
+ {
+ "line": "i18n.configure({\n",
+ "lineNumber": 115,
+ "lineChange": "none"
+ },
+ {
+ "line": " locales: ['en', 'cy'],\n",
+ "lineNumber": 116,
+ "lineChange": "none"
+ },
+ {
+ "line": " directory: path.join(__dirname, '/locales'),\n",
+ "lineNumber": 117,
+ "lineChange": "none"
+ },
+ {
+ "line": " updateFiles: config.I18N_UPDATEFILES || true\n",
+ "lineNumber": 118,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 119,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(i18n.init)\n",
+ "lineNumber": 120,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 121,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Log each HTML request and it's response.\n",
+ "lineNumber": 122,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(function (req, res, next) {\n",
+ "lineNumber": 123,
+ "lineChange": "none"
+ },
+ {
+ "line": " // Log response started.\n",
+ "lineNumber": 124,
+ "lineChange": "none"
+ },
+ {
+ "line": " log.info({ request: req }, 'Route Started.')\n",
+ "lineNumber": 125,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 126,
+ "lineChange": "none"
+ },
+ {
+ "line": " // Log response finished.\n",
+ "lineNumber": 127,
+ "lineChange": "none"
+ },
+ {
+ "line": " onFinished(res, function () {\n",
+ "lineNumber": 128,
+ "lineChange": "none"
+ },
+ {
+ "line": " log.info({ response: res }, 'Route Complete.')\n",
+ "lineNumber": 129,
+ "lineChange": "none"
+ },
+ {
+ "line": " })\n",
+ "lineNumber": 130,
+ "lineChange": "none"
+ },
+ {
+ "line": " next()\n",
+ "lineNumber": 131,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 132,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 133,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Use cookie parser middleware (required for csurf)\n",
+ "lineNumber": 134,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(cookieParser(config.EXT_APPLICATION_SECRET, { httpOnly: true, secure: config.EXT_SECURE_COOKIE === 'true' }))\n",
+ "lineNumber": 135,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 136,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Check for valid CSRF tokens on state-changing methods.\n",
+ "lineNumber": 137,
+ "lineChange": "none"
+ },
+ {
+ "line": "var csrfProtection = csurf({ cookie: { httpOnly: true, secure: config.EXT_SECURE_COOKIE === 'true' } })\n",
+ "lineNumber": 138,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 139,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(function (req, res, next) {\n",
+ "lineNumber": 140,
+ "lineChange": "none"
+ },
+ {
+ "line": " csrfExcludeRoutes.forEach(function (route) {\n",
+ "lineNumber": 141,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (req.originalUrl.includes(route) && req.method === 'POST') {\n",
+ "lineNumber": 142,
+ "lineChange": "none"
+ },
+ {
+ "line": " next()\n",
+ "lineNumber": 143,
+ "lineChange": "none"
+ },
+ {
+ "line": " } else {\n",
+ "lineNumber": 144,
+ "lineChange": "none"
+ },
+ {
+ "line": " csrfProtection(req, res, next)\n",
+ "lineNumber": 145,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 146,
+ "lineChange": "none"
+ },
+ {
+ "line": " })\n",
+ "lineNumber": 147,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 148,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 149,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Generate CSRF tokens to be sent in POST requests\n",
+ "lineNumber": 150,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(function (req, res, next) {\n",
+ "lineNumber": 151,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (req.hasOwnProperty('csrfToken')) {\n",
+ "lineNumber": 152,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.locals.csrfToken = req.csrfToken()\n",
+ "lineNumber": 153,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 154,
+ "lineChange": "none"
+ },
+ {
+ "line": " next()\n",
+ "lineNumber": 155,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 156,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 157,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Build the router to route all HTTP requests and pass to the routes file for route configuration.\n",
+ "lineNumber": 158,
+ "lineChange": "none"
+ },
+ {
+ "line": "var router = express.Router()\n",
+ "lineNumber": 159,
+ "lineChange": "none"
+ },
+ {
+ "line": "routes(router)\n",
+ "lineNumber": 160,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use('/', router)\n",
+ "lineNumber": 161,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 162,
+ "lineChange": "none"
+ },
+ {
+ "line": "// catch 404 and forward to error handler.\n",
+ "lineNumber": 163,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(function (req, res, next) {\n",
+ "lineNumber": 164,
+ "lineChange": "none"
+ },
+ {
+ "line": " var err = new Error('Not Found')\n",
+ "lineNumber": 165,
+ "lineChange": "none"
+ },
+ {
+ "line": " err.status = 404\n",
+ "lineNumber": 166,
+ "lineChange": "none"
+ },
+ {
+ "line": " res.status(404)\n",
+ "lineNumber": 167,
+ "lineChange": "none"
+ },
+ {
+ "line": " next(err)\n",
+ "lineNumber": 168,
+ "lineChange": "none"
+ },
+ {
+ "line": "})\n",
+ "lineNumber": 169,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 170,
+ "lineChange": "none"
+ },
+ {
+ "line": "// catch CSRF token errors\n",
+ "lineNumber": 171,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(function (err, req, res, next) {\n",
+ "lineNumber": 172,
+ "lineChange": "none"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/SOSML/SOSML/commit/7e27f8b78d458f8ca8a4313730af19de6dc948a2?diff=split#diff-4e0d36557976efd053a8a93638c538d9c6530933aceca263867cd67b5ed9e5baL-1",
+ "lines": [
+ {
+ "line": "var callDockerLimiter = new RateLimit({\n",
+ "lineNumber": 24,
+ "lineChange": "added"
+ },
+ {
+ "line": " windowMs: 10*60*1000, // 1 hour window\n",
+ "lineNumber": 25,
+ "lineChange": "added"
+ },
+ {
+ "line": " delayAfter: 10, // begin slowing down responses after the first 10 requests\n",
+ "lineNumber": 26,
+ "lineChange": "added"
+ },
+ {
+ "line": " delayMs: 100, // slow down subsequent responses by 100 milliseconds per request\n",
+ "lineNumber": 27,
+ "lineChange": "added"
+ },
+ {
+ "line": " max: 50, // start blocking after 50 requests\n",
+ "lineNumber": 28,
+ "lineChange": "added"
+ },
+ {
+ "line": " message: \"Too many requests made from this IP, please try again in a few minutes\"\n",
+ "lineNumber": 29,
+ "lineChange": "added"
+ },
+ {
+ "line": "});\n",
+ "lineNumber": 30,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 31,
+ "lineChange": "added"
+ },
+ {
+ "line": "function evalSMLCode(payload, response) {\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": " let dockerrunner = cmd.get(\n",
+ "lineNumber": 33,
+ "lineChange": "none"
+ },
+ {
+ "line": " 'docker run --cpus=1 --memory=128m --rm -i --read-only derjesko/mosmlfallback',\n",
+ "lineNumber": 34,
+ "lineChange": "none"
+ },
+ {
+ "line": " function (err, data, stderr) {\n",
+ "lineNumber": 35,
+ "lineChange": "none"
+ },
+ {
+ "line": " var last_line = data.split(/\\r?\\n/).pop();\n",
+ "lineNumber": 36,
+ "lineChange": "none"
+ },
+ {
+ "line": " var error_code = parseInt(last_line.substring(2));\n",
+ "lineNumber": 37,
+ "lineChange": "none"
+ },
+ {
+ "line": " error_text = '';\n",
+ "lineNumber": 38,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (error_code > 0) {\n",
+ "lineNumber": 39,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (error_code == 124) {\n",
+ "lineNumber": 40,
+ "lineChange": "none"
+ },
+ {
+ "line": " error_text = 'SML hit the time limit of 3 seconds.';\n",
+ "lineNumber": 41,
+ "lineChange": "none"
+ },
+ {
+ "line": " } else {\n",
+ "lineNumber": 42,
+ "lineChange": "none"
+ },
+ {
+ "line": " data = data.replace(last_line, 'SML exited with ' + error_code);\n",
+ "lineNumber": 43,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 44,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 45,
+ "lineChange": "none"
+ },
+ {
+ "line": " data = data.replace(last_line, error_text);\n",
+ "lineNumber": 46,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.set('Content-Type', 'text/plain');\n",
+ "lineNumber": 47,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.end(data);\n",
+ "lineNumber": 48,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 49,
+ "lineChange": "none"
+ },
+ {
+ "line": " );\n",
+ "lineNumber": 50,
+ "lineChange": "none"
+ },
+ {
+ "line": " dockerrunner.stdin.write(payload);\n",
+ "lineNumber": 51,
+ "lineChange": "none"
+ },
+ {
+ "line": " dockerrunner.stdin.destroy();\n",
+ "lineNumber": 52,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 53,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 54,
+ "lineChange": "none"
+ },
+ {
+ "line": "function readFile(name, callback) {\n",
+ "lineNumber": 55,
+ "lineChange": "none"
+ },
+ {
+ "line": " fs.readFile(name, 'utf8', function (err, data) {\n",
+ "lineNumber": 56,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (err) {\n",
+ "lineNumber": 57,
+ "lineChange": "none"
+ },
+ {
+ "line": " return console.log(err);\n",
+ "lineNumber": 58,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 59,
+ "lineChange": "none"
+ },
+ {
+ "line": " callback(data);\n",
+ "lineNumber": 60,
+ "lineChange": "none"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 61,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 62,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 63,
+ "lineChange": "none"
+ },
+ {
+ "line": "function outputFile(name, response) {\n",
+ "lineNumber": 64,
+ "lineChange": "none"
+ },
+ {
+ "line": " readFile(name, function (data) {\n",
+ "lineNumber": 65,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.set('Content-Type', 'text/plain');\n",
+ "lineNumber": 66,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.end(data);\n",
+ "lineNumber": 67,
+ "lineChange": "none"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 68,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 69,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 70,
+ "lineChange": "none"
+ },
+ {
+ "line": "function listDir(name, response) {\n",
+ "lineNumber": 71,
+ "lineChange": "none"
+ },
+ {
+ "line": " fs.readdir(name, function (err, items) {\n",
+ "lineNumber": 72,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.set('Content-Type', 'text/json');\n",
+ "lineNumber": 73,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.end(JSON.stringify({codes: items}));\n",
+ "lineNumber": 74,
+ "lineChange": "none"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 75,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 76,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 77,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.post('/api/fallback/',\n",
+ "lineNumber": 69,
+ "lineChange": "removed"
+ },
+ {
+ "line": "server.post('/api/fallback/', callDockerLimiter,\n",
+ "lineNumber": 78,
+ "lineChange": "added"
+ },
+ {
+ "line": " function (request, response) {\n",
+ "lineNumber": 79,
+ "lineChange": "none"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/SOSML/SOSML/commit/7e27f8b78d458f8ca8a4313730af19de6dc948a2?diff=split#diff-4e0d36557976efd053a8a93638c538d9c6530933aceca263867cd67b5ed9e5baL-1",
+ "lines": [
+ {
+ "line": "var callDockerLimiter = new RateLimit({\n",
+ "lineNumber": 24,
+ "lineChange": "added"
+ },
+ {
+ "line": " windowMs: 10*60*1000, // 1 hour window\n",
+ "lineNumber": 25,
+ "lineChange": "added"
+ },
+ {
+ "line": " delayAfter: 10, // begin slowing down responses after the first 10 requests\n",
+ "lineNumber": 26,
+ "lineChange": "added"
+ },
+ {
+ "line": " delayMs: 100, // slow down subsequent responses by 100 milliseconds per request\n",
+ "lineNumber": 27,
+ "lineChange": "added"
+ },
+ {
+ "line": " max: 50, // start blocking after 50 requests\n",
+ "lineNumber": 28,
+ "lineChange": "added"
+ },
+ {
+ "line": " message: \"Too many requests made from this IP, please try again in a few minutes\"\n",
+ "lineNumber": 29,
+ "lineChange": "added"
+ },
+ {
+ "line": "});\n",
+ "lineNumber": 30,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 31,
+ "lineChange": "added"
+ },
+ {
+ "line": "function evalSMLCode(payload, response) {\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": " let dockerrunner = cmd.get(\n",
+ "lineNumber": 33,
+ "lineChange": "none"
+ },
+ {
+ "line": " 'docker run --cpus=1 --memory=128m --rm -i --read-only derjesko/mosmlfallback',\n",
+ "lineNumber": 34,
+ "lineChange": "none"
+ },
+ {
+ "line": " function (err, data, stderr) {\n",
+ "lineNumber": 35,
+ "lineChange": "none"
+ },
+ {
+ "line": " var last_line = data.split(/\\r?\\n/).pop();\n",
+ "lineNumber": 36,
+ "lineChange": "none"
+ },
+ {
+ "line": " var error_code = parseInt(last_line.substring(2));\n",
+ "lineNumber": 37,
+ "lineChange": "none"
+ },
+ {
+ "line": " error_text = '';\n",
+ "lineNumber": 38,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (error_code > 0) {\n",
+ "lineNumber": 39,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (error_code == 124) {\n",
+ "lineNumber": 40,
+ "lineChange": "none"
+ },
+ {
+ "line": " error_text = 'SML hit the time limit of 3 seconds.';\n",
+ "lineNumber": 41,
+ "lineChange": "none"
+ },
+ {
+ "line": " } else {\n",
+ "lineNumber": 42,
+ "lineChange": "none"
+ },
+ {
+ "line": " data = data.replace(last_line, 'SML exited with ' + error_code);\n",
+ "lineNumber": 43,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 44,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 45,
+ "lineChange": "none"
+ },
+ {
+ "line": " data = data.replace(last_line, error_text);\n",
+ "lineNumber": 46,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.set('Content-Type', 'text/plain');\n",
+ "lineNumber": 47,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.end(data);\n",
+ "lineNumber": 48,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 49,
+ "lineChange": "none"
+ },
+ {
+ "line": " );\n",
+ "lineNumber": 50,
+ "lineChange": "none"
+ },
+ {
+ "line": " dockerrunner.stdin.write(payload);\n",
+ "lineNumber": 51,
+ "lineChange": "none"
+ },
+ {
+ "line": " dockerrunner.stdin.destroy();\n",
+ "lineNumber": 52,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 53,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 54,
+ "lineChange": "none"
+ },
+ {
+ "line": "function readFile(name, callback) {\n",
+ "lineNumber": 55,
+ "lineChange": "none"
+ },
+ {
+ "line": " fs.readFile(name, 'utf8', function (err, data) {\n",
+ "lineNumber": 56,
+ "lineChange": "none"
+ },
+ {
+ "line": " if (err) {\n",
+ "lineNumber": 57,
+ "lineChange": "none"
+ },
+ {
+ "line": " return console.log(err);\n",
+ "lineNumber": 58,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 59,
+ "lineChange": "none"
+ },
+ {
+ "line": " callback(data);\n",
+ "lineNumber": 60,
+ "lineChange": "none"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 61,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 62,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 63,
+ "lineChange": "none"
+ },
+ {
+ "line": "function outputFile(name, response) {\n",
+ "lineNumber": 64,
+ "lineChange": "none"
+ },
+ {
+ "line": " readFile(name, function (data) {\n",
+ "lineNumber": 65,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.set('Content-Type', 'text/plain');\n",
+ "lineNumber": 66,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.end(data);\n",
+ "lineNumber": 67,
+ "lineChange": "none"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 68,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 69,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 70,
+ "lineChange": "none"
+ },
+ {
+ "line": "function listDir(name, response) {\n",
+ "lineNumber": 71,
+ "lineChange": "none"
+ },
+ {
+ "line": " fs.readdir(name, function (err, items) {\n",
+ "lineNumber": 72,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.set('Content-Type', 'text/json');\n",
+ "lineNumber": 73,
+ "lineChange": "none"
+ },
+ {
+ "line": " response.end(JSON.stringify({codes: items}));\n",
+ "lineNumber": 74,
+ "lineChange": "none"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 75,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\n",
+ "lineNumber": 76,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 77,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.post('/api/fallback/',\n",
+ "lineNumber": 69,
+ "lineChange": "none"
+ },
+ {
+ "line": " function (request, response) {\n",
+ "lineNumber": 79,
+ "lineChange": "none"
+ },
+ {
+ "line": " var payload = request.body.code;\n",
+ "lineNumber": 80,
+ "lineChange": "none"
+ },
+ {
+ "line": " evalSMLCode(payload, response);\n",
+ "lineNumber": 81,
+ "lineChange": "none"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 82,
+ "lineChange": "none"
+ },
+ {
+ "line": ");\n",
+ "lineNumber": 83,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 84,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.post('/api/validate/',\n",
+ "lineNumber": 76,
+ "lineChange": "removed"
+ },
+ {
+ "line": "server.post('/api/validate/', callDockerLimiter,\n",
+ "lineNumber": 85,
+ "lineChange": "added"
+ },
+ {
+ "line": " function (request, response) {\n",
+ "lineNumber": 86,
+ "lineChange": "none"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 27,
+ "cwe": [
+ "CWE-770"
+ ]
+ }
+ },
+ {
+ "id": "javascript/Ssrf",
+ "name": "Ssrf",
+ "shortDescription": {
+ "text": "Server-Side Request Forgery (SSRF)"
+ },
+ "defaultConfiguration": {
+ "level": "error"
+ },
+ "help": {
+ "markdown": "\n## Details\nIn a server-side request forgery attack, a malicious user supplies a URL (an external URL or a network IP address such as 127.0.0.1) to the application's back end. The server then accesses the URL and shares its results, which may include sensitive information such as AWS metadata, internal configuration information, or database contents with the attacker. Because the request comes from the back end, it bypasses access controls, potentially exposing information the user does not have sufficient privileges to receive. The attacker can then exploit this information to gain access, modify the web application, or demand a ransom payment.\n\n## Best practices for prevention\n* Blacklists are problematic and attackers have numerous ways to bypass them; ideally, use a whitelist of all permitted domains and IP addresses.\n* Use authentication even within your own network to prevent exploitation of server-side requests.\n* Implement zero trust and sanitize and validate all URL and header data returning to the server from the user. Strip invalid or suspect characters, then inspect to be certain it contains a valid and expected value.\n* Ideally, avoid sending server requests based on user-provided data altogether.\n* Ensure that you are not sending raw response bodies from the server directly to the client. Only deliver expected responses.\n* Disable suspect and exploitable URL schemas. Common culprits include obscure and little-used schemas such as `file://`, `dict://`, `ftp://`, and `gopher://`.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "Ssrf",
+ "Security",
+ "SourceHttpBody",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/brislink/specter/commit/2b9c8046b4b1670e76011dad9c23dc67884f310a?diff=split#diff-b82186eeba82312da558b62cb554e48a69ad2768b38736aed0640d42fa7230a1L-1",
+ "lines": [
+ {
+ "line": "\n",
+ "lineNumber": 6,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\n",
+ "lineNumber": 12,
+ "lineChange": "none"
+ },
+ {
+ "line": "\trequest(headers,function(error,response,body){\t\t\n",
+ "lineNumber": 13,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\t\t\n",
+ "lineNumber": 14,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\n",
+ "lineNumber": 15,
+ "lineChange": "removed"
+ },
+ {
+ "line": " var resultCount = paginationSize - 1;\n",
+ "lineNumber": 16,
+ "lineChange": "removed"
+ },
+ {
+ "line": " var results = body.hits;\n",
+ "lineNumber": 17,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 18,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\tif(results.hits.length===0) return res.send(404);\n",
+ "lineNumber": 19,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\tvar total = body.hits.hits.length;\n",
+ "lineNumber": 20,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\tvar common = {\n",
+ "lineNumber": 21,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\t\n",
+ "lineNumber": 22,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\tdata : results.hits.slice(0,resultCount),\n",
+ "lineNumber": 23,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\tpageNo : pageNo,\n",
+ "lineNumber": 24,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\ttotal: total,\n",
+ "lineNumber": 25,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\tpreferences : preferences,\n",
+ "lineNumber": 26,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\tindex: preferences.tagIndex\n",
+ "lineNumber": 27,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t};\n",
+ "lineNumber": 28,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\n",
+ "lineNumber": 29,
+ "lineChange": "removed"
+ },
+ {
+ "line": " var dataToRender = helpers.buildResponse(common);\n",
+ "lineNumber": 30,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\tdataToRender.tag = tag;\n",
+ "lineNumber": 31,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\treturn res.render(constants.views.tagResults,dataToRender);\n",
+ "lineNumber": 32,
+ "lineChange": "removed"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 33,
+ "lineChange": "removed"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/IoTKETI/Mobius/commit/df05de87c5d8c6f5f8625558c02e57b3260cf361?diff=split#diff-9c349b5d37e276e7b4ed18ad832fbe3772d2135fbca2d6dde6861d8cebb7a842L-1",
+ "lines": [
+ {
+ "line": " else if(usesecure === 'enable') {\n",
+ "lineNumber": 230,
+ "lineChange": "none"
+ },
+ {
+ "line": " options = {\n",
+ "lineNumber": 229,
+ "lineChange": "removed"
+ },
+ {
+ "line": " hostname: usecoapcbhost,\n",
+ "lineNumber": 230,
+ "lineChange": "removed"
+ },
+ {
+ "line": " port: usecsebaseport,\n",
+ "lineNumber": 231,
+ "lineChange": "removed"
+ },
+ {
+ "line": " path: request.url,\n",
+ "lineNumber": 232,
+ "lineChange": "removed"
+ },
+ {
+ "line": " method: request.method,\n",
+ "lineNumber": 233,
+ "lineChange": "removed"
+ },
+ {
+ "line": " headers: headers,\n",
+ "lineNumber": 234,
+ "lineChange": "removed"
+ },
+ {
+ "line": " ca: fs.readFileSync('ca-crt.pem')\n",
+ "lineNumber": 235,
+ "lineChange": "removed"
+ },
+ {
+ "line": " };\n",
+ "lineNumber": 236,
+ "lineChange": "removed"
+ },
+ {
+ "line": " options.ca = fs.readFileSync('ca-crt.pem');\n",
+ "lineNumber": 231,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 237,
+ "lineChange": "none"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 2,
+ "cwe": [
+ "CWE-918"
+ ]
+ }
+ },
+ {
+ "id": "javascript/NoHardcodedPasswords",
+ "name": "NoHardcodedPasswords",
+ "shortDescription": {
+ "text": "Use of Hardcoded Credentials"
+ },
+ "defaultConfiguration": {
+ "level": "warning"
+ },
+ "help": {
+ "markdown": "\n## Details\n\nDevelopers may use hardcoded credentials for convenience when coding in order to simplify their workflow. While they are responsible for removing these before production, occasionally this task may fall through the cracks. This also becomes a maintenance challenge when credentials are re-used across multiple applications.\n\nOnce attackers gain access, they may take advantage of privilege level to remove or alter data, take down a site or app, or hold any of the above for ransom. The risk across multiple similar projects is even greater. If code containing the credentials is reused across multiple projects, they will all be compromised.\n\n## Best practices for prevention\n* Plan software architecture such that keys and passwords are always stored outside the code, wherever possible.\n* Plan encryption into software architecture for all credential information and ensure proper handling of keys, credentials, and passwords.\n* Prompt for a secure password on first login rather than hard-code a default password.\n* If a hardcoded password or credential must be used, limit its use, for example, to system console users rather than via the network.\n* Use strong hashes for inbound password authentication, ideally with randomly assigned salts to increase the difficulty level in case of brute-force attack.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "NoHardcodedPasswords",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/MosheWorld/Teacher-Student-Backend/commit/8578b6d9666996ebbfeffc058b22ef076bb856ba?diff=split#diff-0d543c6db9caf085d6e9f704ed0a1ec6baf47092768cfcb746a3e42266d83672L-1",
+ "lines": [
+ {
+ "line": "user: 'studyhubemail@gmail.com',\n",
+ "lineNumber": 23,
+ "lineChange": "removed"
+ },
+ {
+ "line": "pass: 'nuaheuvhpv'\n",
+ "lineNumber": 24,
+ "lineChange": "removed"
+ },
+ {
+ "line": "user: process.env.EMAIL_USERNAME,\n",
+ "lineNumber": 23,
+ "lineChange": "added"
+ },
+ {
+ "line": "pass: process.env.EMAIL_PASSWORD\n",
+ "lineNumber": 24,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/huluoyang/freecodecamp.cn/commit/277a09a3c3062263b61fb0bf02e17fd2be8ccb79?diff=split#diff-407d92ccd5a2b9275fe28f063fc49fbbedf9a87cfa6a1c3b8c72ce4b86858787L-1",
+ "lines": [
+ {
+ "line": "user: 'huluoyang@gmail.com',\n",
+ "lineNumber": 12,
+ "lineChange": "removed"
+ },
+ {
+ "line": "pass: 'nopainnogain'\n",
+ "lineNumber": 13,
+ "lineChange": "removed"
+ },
+ {
+ "line": "user: process.env.MANDRILL_USER || false,\n",
+ "lineNumber": 13,
+ "lineChange": "added"
+ },
+ {
+ "line": "pass: process.env.MANDRILL_PASSWORD\n",
+ "lineNumber": 14,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/tubackkhoa/tkframework/commit/0ac0f7964f71d71d3930e554cbaf928f39f4540f?diff=split#diff-ad73f37992e2c25b9ad0d945783289cbf65b92741918fabea31bfe5b9de96688L-1",
+ "lines": [
+ {
+ "line": "password: \"abc123ABC\",\n",
+ "lineNumber": 15,
+ "lineChange": "removed"
+ },
+ {
+ "line": "password: process.env.DB_PASS,\n",
+ "lineNumber": 15,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 44,
+ "cwe": [
+ "CWE-798",
+ "CWE-259"
+ ]
+ }
+ },
+ {
+ "id": "javascript/NoSqli",
+ "name": "NoSqli",
+ "shortDescription": {
+ "text": "NoSQL Injection"
+ },
+ "defaultConfiguration": {
+ "level": "error"
+ },
+ "help": {
+ "markdown": "## Details\n\nIn an NoSQL injection attack, the user can submit an NoSQL query directly to the database, gaining access without providing appropriate credentials. Attackers can then view, export, modify, and delete confidential information; change passwords and other authentication information; and possibly gain access to other systems within the network. This is one of the most commonly exploited categories of vulnerability, but can largely be avoided through good coding practices.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "NoSqli",
+ "Security",
+ "SourceServer",
+ "SourceHttpBody",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/txwkx/book-room/commit/07d49f6d24577b1cc1f7374cd8156aba894ab481?diff=split#diff-386f21d62bc9118d346e66a9ea781c22cb0570a51656f80313d829b3a47eaeefL-1",
+ "lines": [
+ {
+ "line": "const mongoose = require('mongoose');\n",
+ "lineNumber": 1,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 2,
+ "lineChange": "removed"
+ },
+ {
+ "line": "//Model\n",
+ "lineNumber": 3,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const roomSchema = new mongoose.Schema({ name: String, title: String });\n",
+ "lineNumber": 4,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const Room = mongoose.model('Room', roomSchema);\n",
+ "lineNumber": 5,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const mongoose = require('mongoose'),\n",
+ "lineNumber": 1,
+ "lineChange": "added"
+ },
+ {
+ "line": " ObjectId = mongoose.Types.ObjectId;\n",
+ "lineNumber": 2,
+ "lineChange": "added"
+ },
+ {
+ "line": "const room = require('./models/roomModel');\n",
+ "lineNumber": 3,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 6,
+ "lineChange": "none"
+ },
+ {
+ "line": "const roomRouter = express.Router();\n",
+ "lineNumber": 7,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 8,
+ "lineChange": "none"
+ },
+ {
+ "line": "roomRouter.get('/', (req, res) => {\n",
+ "lineNumber": 9,
+ "lineChange": "none"
+ },
+ {
+ "line": " let query = {};\n",
+ "lineNumber": 10,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 11,
+ "lineChange": "none"
+ },
+ {
+ "line": " Room.find(query, (err, rooms) => {\n",
+ "lineNumber": 12,
+ "lineChange": "none"
+ },
+ {
+ "line": " if(err) res.status(500).send(err);\n",
+ "lineNumber": 13,
+ "lineChange": "none"
+ },
+ {
+ "line": " else res.json(rooms);\n",
+ "lineNumber": 14,
+ "lineChange": "none"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 15,
+ "lineChange": "none"
+ },
+ {
+ "line": "});\n",
+ "lineNumber": 16,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 17,
+ "lineChange": "none"
+ },
+ {
+ "line": "roomRouter.get('/:id', (req, res) => {\n",
+ "lineNumber": 18,
+ "lineChange": "none"
+ },
+ {
+ "line": " Room.findById(req.params.id, (err, room) => {\n",
+ "lineNumber": 19,
+ "lineChange": "removed"
+ },
+ {
+ "line": " const roomId = ObjectId(req.params.id);\n",
+ "lineNumber": 17,
+ "lineChange": "added"
+ },
+ {
+ "line": " room.findById(roomId, (err, room) => {\n",
+ "lineNumber": 18,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/dnbard/brackets-extension-rating/commit/5005713d903d0f72e9166c852114ee2731b832b1?diff=split#diff-47f1ac8221ebff697d20f61a182c8c58ae0cfdb152ce1fa2f74e322f451d4ae6L-1",
+ "lines": [
+ {
+ "line": " Extension.findOne({_id: id}, function(err, extension){\n",
+ "lineNumber": 21,
+ "lineChange": "removed"
+ },
+ {
+ "line": " if (err){\n",
+ "lineNumber": 22,
+ "lineChange": "removed"
+ },
+ {
+ "line": " res.status(500).send(err);\n",
+ "lineNumber": 23,
+ "lineChange": "removed"
+ },
+ {
+ "line": " } else if (!extension){\n",
+ "lineNumber": 24,
+ "lineChange": "removed"
+ },
+ {
+ "line": " res.status(404).send(extension);\n",
+ "lineNumber": 25,
+ "lineChange": "removed"
+ },
+ {
+ "line": " } else {\n",
+ "lineNumber": 26,
+ "lineChange": "removed"
+ },
+ {
+ "line": " if (typeof id !== 'string'){\n",
+ "lineNumber": 23,
+ "lineChange": "added"
+ },
+ {
+ "line": " res.status(422).send();\n",
+ "lineNumber": 24,
+ "lineChange": "added"
+ },
+ {
+ "line": " return;\n",
+ "lineNumber": 25,
+ "lineChange": "added"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 26,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 27,
+ "lineChange": "added"
+ },
+ {
+ "line": " if (!registry){\n",
+ "lineNumber": 28,
+ "lineChange": "added"
+ },
+ {
+ "line": " res.status(500).send('Registry is not available');\n",
+ "lineNumber": 29,
+ "lineChange": "added"
+ },
+ {
+ "line": " return;\n",
+ "lineNumber": 30,
+ "lineChange": "added"
+ },
+ {
+ "line": " }\n",
+ "lineNumber": 31,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 32,
+ "lineChange": "added"
+ },
+ {
+ "line": " extension = _.filter(registry, function(el){\n",
+ "lineNumber": 33,
+ "lineChange": "added"
+ },
+ {
+ "line": " return el._id === id;\n",
+ "lineNumber": 34,
+ "lineChange": "added"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 35,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 36,
+ "lineChange": "added"
+ },
+ {
+ "line": " if (extension){\n",
+ "lineNumber": 37,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/lydiahallie/CodeBuddy/commit/833bc261d0ea3d8bc879aef9e56819907523eef0?diff=split#diff-7b34d6d0aa663ac1e8442aee4f25c59ced93612f5b90c5fe6279ad48c7df1001L-1",
+ "lines": [
+ {
+ "line": "const author = await User.findOne({ _id: currentUser._id });\n",
+ "lineNumber": 23,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const recipient = await User.findOne({ _id: user._id });\n",
+ "lineNumber": 24,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const author = await User.findOne({ _id: req.user._id });\n",
+ "lineNumber": 25,
+ "lineChange": "added"
+ },
+ {
+ "line": "const recipient = await User.findOne({ _id: id });\n",
+ "lineNumber": 26,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 9,
+ "cwe": [
+ "CWE-943"
+ ]
+ }
+ },
+ {
+ "id": "javascript/HardcodedSecret/test",
+ "name": "HardcodedSecret/test",
+ "shortDescription": {
+ "text": "Hardcoded Secret"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "## Details\n\nWhen constants are hardcoded into applications, this information could easily be reverse-engineered and become known to attackers. For example, if a breached authentication token is hardcoded in multiple places in the application, it may lead to components of the application remaining vulnerable if not all instances are changed.\nAnother negative effect of hard-coding constants is potential unpredictability in the application's performance if the development team fails to update every single instance of the hardcoded constant throughout the code. For these reasons, hard-coding security-relevant constants is considered bad coding practice and should be remedied if present and avoided in future.\n\n## Best practices for prevention\n- Never hard code security-related constants; use symbolic names or configuration lookup files.\n- As hard coding is often done by coders working alone on a small scale, examine all legacy code components and test carefully when scaling.\n- Adopt a \"future-proof code\" mindset: While use of constants may save a little time now and make development simpler in the short term, it could cost time and money adapting to scale or other unforeseen circumstances (such as new hardware) in the future.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "HardcodedSecret",
+ "Security",
+ "InTest"
+ ],
+ "categories": [
+ "Security",
+ "InTest"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/ridoy/Monk/commit/d702fedf42ebc197c9131a09918affb6adb396ad?diff=split#diff-d20e0c91f722f4a7eb0a8a7dfa4d7799aa292685d66aaeb37f3122ff3594fefdL-1",
+ "lines": [
+ {
+ "line": "}, 'SECRET');\n",
+ "lineNumber": 41,
+ "lineChange": "removed"
+ },
+ {
+ "line": "}, process.env.SECRET);\n",
+ "lineNumber": 41,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/xiaoshan5733/cms/commit/da6178e57541766a84406b42d526a18b72704180?diff=split#diff-a21b912911c328c339d5f819be1e95f0973d6fdf93c1e8f29ff9bb2fbe9933e4L-1",
+ "lines": [
+ {
+ "line": "data = jwt.verify(token, 'cms')\n",
+ "lineNumber": 54,
+ "lineChange": "removed"
+ },
+ {
+ "line": "data = jwt.verify(token, config.jwt.secret)\n",
+ "lineNumber": 54,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/sidewalklabs/commonspace/commit/32f2996ef0daad6eadab6ac8dacef8cd68048704?diff=split#diff-8a8ae07582c9d433ec8c2e5c4310ff8901e604f4965c5b90a49117ad46c47595L-1",
+ "lines": [
+ {
+ "line": "const token = jwt.sign(user, 'secret');\n",
+ "lineNumber": 50,
+ "lineChange": "removed"
+ },
+ {
+ "line": "return res.json({user, token});\n",
+ "lineNumber": 51,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const token = jwt.sign(user, process.env.jwt_secret);\n",
+ "lineNumber": 53,
+ "lineChange": "added"
+ },
+ {
+ "line": "return res.json({token});\n",
+ "lineNumber": 54,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 60,
+ "cwe": [
+ "CWE-547"
+ ]
+ }
+ },
+ {
+ "id": "javascript/JwtDecodeMethod",
+ "name": "JwtDecodeMethod",
+ "shortDescription": {
+ "text": "Insecure JWT Verification Method"
+ },
+ "defaultConfiguration": {
+ "level": "warning"
+ },
+ "help": {
+ "markdown": "## Details\n\nSome JSON Web Token (JWT) parse/decode methods do not enforce validation or integrity checks of the JWT. If an application relies on these methods to authenticate users, an attacker could create arbitrary JWTs that may be accepted by the application.\n\n### Best practices for prevention\n\n- Always enforce JWT signature verification by using safe verification methods to ensure the structure and integrity of the JWT is validated before processing.\n\n## Best practices for prevention\n* [JWT Validation](https://auth0.com/docs/secure/tokens/json-web-tokens/validate-json-web-tokens)",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "JwtDecodeMethod",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 0,
+ "cwe": [
+ "CWE-347"
+ ]
+ }
+ },
+ {
+ "id": "javascript/HardcodedNonCryptoSecret",
+ "name": "HardcodedNonCryptoSecret",
+ "shortDescription": {
+ "text": "Hardcoded Secret"
+ },
+ "defaultConfiguration": {
+ "level": "error"
+ },
+ "help": {
+ "markdown": "## Details\n\nWhen constants are hardcoded into applications, this information could easily be reverse-engineered and become known to attackers. For example, if a breached authentication token is hardcoded in multiple places in the application, it may lead to components of the application remaining vulnerable if not all instances are changed.\nAnother negative effect of hard-coding constants is potential unpredictability in the application's performance if the development team fails to update every single instance of the hardcoded constant throughout the code. For these reasons, hard-coding security-relevant constants is considered bad coding practice and should be remedied if present and avoided in future.\n\n## Best practices for prevention\n- Never hard code security-related constants; use symbolic names or configuration lookup files.\n- As hard coding is often done by coders working alone on a small scale, examine all legacy code components and test carefully when scaling.\n- Adopt a \"future-proof code\" mindset: While use of constants may save a little time now and make development simpler in the short term, it could cost time and money adapting to scale or other unforeseen circumstances (such as new hardware) in the future.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "HardcodedNonCryptoSecret",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/DanielMil/Authentication-Server/commit/310ce5500e9e751ee2fd9f3018bf772e9aae8364?diff=split#diff-dcdc3e0b3362edb8fec2a51d3fa51f8fb8af8f70247e06d9887fa934834c9122L-1",
+ "lines": [
+ {
+ "line": "// Set environment variables\n",
+ "lineNumber": 14,
+ "lineChange": "added"
+ },
+ {
+ "line": "const sessionSecret: any = process.env.SESSION_SECRET;\n",
+ "lineNumber": 15,
+ "lineChange": "added"
+ },
+ {
+ "line": "const dbConnection: any = process.env.MONGO_URI; \n",
+ "lineNumber": 16,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 17,
+ "lineChange": "added"
+ },
+ {
+ "line": "// Mongo config\n",
+ "lineNumber": 18,
+ "lineChange": "none"
+ },
+ {
+ "line": "const DB_CONNECTION: any = process.env.MONGO_URI; \n",
+ "lineNumber": 15,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.connect(DB_CONNECTION, { useNewUrlParser: true })\n",
+ "lineNumber": 16,
+ "lineChange": "none"
+ },
+ {
+ "line": " .then(() => console.log(\"Succesfully connected to MongoDB.\"))\n",
+ "lineNumber": 20,
+ "lineChange": "none"
+ },
+ {
+ "line": " .catch((err: mongoose.Error) => console.error(err));\n",
+ "lineNumber": 21,
+ "lineChange": "none"
+ },
+ {
+ "line": "const MongoStore = mongoStore(session); \n",
+ "lineNumber": 22,
+ "lineChange": "none"
+ },
+ {
+ "line": "const db: any = mongoose.connection;\n",
+ "lineNumber": 23,
+ "lineChange": "none"
+ },
+ {
+ "line": " \n",
+ "lineNumber": 24,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Fix mongo deprecation warnings\n",
+ "lineNumber": 25,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.set('useNewUrlParser', true);\n",
+ "lineNumber": 26,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.set('useFindAndModify', false);\n",
+ "lineNumber": 27,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.set('useCreateIndex', true);\n",
+ "lineNumber": 28,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 29,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Configure express session\n",
+ "lineNumber": 30,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(cookieParser());\n",
+ "lineNumber": 31,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(session({\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": " secret: \"secret\",\n",
+ "lineNumber": 30,
+ "lineChange": "removed"
+ },
+ {
+ "line": " secret: sessionSecret,\n",
+ "lineNumber": 33,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/virena-app/virena/commit/8058527e8ef71bfa81f0cb0fb35eb80d00e08fdb?diff=split#diff-186488e26aa960d29fec244ac086f15e024c5a84df47eeba233d9b8d2525de2dL-1",
+ "lines": [
+ {
+ "line": "client_id: '8fcf3e5c2d3d5dd78188',\n",
+ "lineNumber": 36,
+ "lineChange": "removed"
+ },
+ {
+ "line": "client_secret: '0e102c56021e1aa28005b469b3c83ef7cb7e5b0e'\n",
+ "lineNumber": 37,
+ "lineChange": "removed"
+ },
+ {
+ "line": "client_id: process.env.GITINIT,\n",
+ "lineNumber": 36,
+ "lineChange": "added"
+ },
+ {
+ "line": "client_secret: process.env.GITSEE\n",
+ "lineNumber": 37,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/nemtech/nem2-library-js/commit/dd101718759035849eeb9d4a388656acdb5bf6d9?diff=split#diff-59ccc41578f07869060f7aea9ceca193a407696cce3de9f7219f98187f65c5b7L-1",
+ "lines": [
+ {
+ "line": "const hash = sha3_512.create();\n",
+ "lineNumber": 29,
+ "lineChange": "removed"
+ },
+ {
+ "line": "hash.update('secret');\n",
+ "lineNumber": 30,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const hash = new Ripemd160().update(Buffer.from('Test Hash 160')).digest('Hex');\t\t\n",
+ "lineNumber": 31,
+ "lineChange": "added"
+ },
+ {
+ "line": "const secretLockTransaction = {\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tdeadline: deadline(),\n",
+ "lineNumber": 33,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tmosaicId: [3646934825, 3576016193],\n",
+ "lineNumber": 34,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tmosaicAmount: uint64.fromUint(10000000),\n",
+ "lineNumber": 35,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tduration: uint64.fromUint(100),\n",
+ "lineNumber": 36,
+ "lineChange": "none"
+ },
+ {
+ "line": "\thashAlgorithm: 0,\n",
+ "lineNumber": 36,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\tsecret: '225fe6d12b73a7d51f2992ce82951dbf8c173fa4',\n",
+ "lineNumber": 37,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\thashAlgorithm: HashAlgorithm.RIPEMD_160,\n",
+ "lineNumber": 37,
+ "lineChange": "added"
+ },
+ {
+ "line": "\tsecret: hash,\n",
+ "lineNumber": 38,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 68,
+ "cwe": [
+ "CWE-547"
+ ]
+ }
+ },
+ {
+ "id": "javascript/HardcodedSecret",
+ "name": "HardcodedSecret",
+ "shortDescription": {
+ "text": "Hardcoded Secret"
+ },
+ "defaultConfiguration": {
+ "level": "error"
+ },
+ "help": {
+ "markdown": "## Details\n\nWhen constants are hardcoded into applications, this information could easily be reverse-engineered and become known to attackers. For example, if a breached authentication token is hardcoded in multiple places in the application, it may lead to components of the application remaining vulnerable if not all instances are changed.\nAnother negative effect of hard-coding constants is potential unpredictability in the application's performance if the development team fails to update every single instance of the hardcoded constant throughout the code. For these reasons, hard-coding security-relevant constants is considered bad coding practice and should be remedied if present and avoided in future.\n\n## Best practices for prevention\n- Never hard code security-related constants; use symbolic names or configuration lookup files.\n- As hard coding is often done by coders working alone on a small scale, examine all legacy code components and test carefully when scaling.\n- Adopt a \"future-proof code\" mindset: While use of constants may save a little time now and make development simpler in the short term, it could cost time and money adapting to scale or other unforeseen circumstances (such as new hardware) in the future.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "HardcodedSecret",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/ridoy/Monk/commit/d702fedf42ebc197c9131a09918affb6adb396ad?diff=split#diff-d20e0c91f722f4a7eb0a8a7dfa4d7799aa292685d66aaeb37f3122ff3594fefdL-1",
+ "lines": [
+ {
+ "line": "}, 'SECRET');\n",
+ "lineNumber": 41,
+ "lineChange": "removed"
+ },
+ {
+ "line": "}, process.env.SECRET);\n",
+ "lineNumber": 41,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/xiaoshan5733/cms/commit/da6178e57541766a84406b42d526a18b72704180?diff=split#diff-a21b912911c328c339d5f819be1e95f0973d6fdf93c1e8f29ff9bb2fbe9933e4L-1",
+ "lines": [
+ {
+ "line": "data = jwt.verify(token, 'cms')\n",
+ "lineNumber": 54,
+ "lineChange": "removed"
+ },
+ {
+ "line": "data = jwt.verify(token, config.jwt.secret)\n",
+ "lineNumber": 54,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/sidewalklabs/commonspace/commit/32f2996ef0daad6eadab6ac8dacef8cd68048704?diff=split#diff-8a8ae07582c9d433ec8c2e5c4310ff8901e604f4965c5b90a49117ad46c47595L-1",
+ "lines": [
+ {
+ "line": "const token = jwt.sign(user, 'secret');\n",
+ "lineNumber": 50,
+ "lineChange": "removed"
+ },
+ {
+ "line": "return res.json({user, token});\n",
+ "lineNumber": 51,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const token = jwt.sign(user, process.env.jwt_secret);\n",
+ "lineNumber": 53,
+ "lineChange": "added"
+ },
+ {
+ "line": "return res.json({token});\n",
+ "lineNumber": 54,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 60,
+ "cwe": [
+ "CWE-547"
+ ]
+ }
+ },
+ {
+ "id": "javascript/HardcodedNonCryptoSecret/test",
+ "name": "HardcodedNonCryptoSecret/test",
+ "shortDescription": {
+ "text": "Hardcoded Secret"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "## Details\n\nWhen constants are hardcoded into applications, this information could easily be reverse-engineered and become known to attackers. For example, if a breached authentication token is hardcoded in multiple places in the application, it may lead to components of the application remaining vulnerable if not all instances are changed.\nAnother negative effect of hard-coding constants is potential unpredictability in the application's performance if the development team fails to update every single instance of the hardcoded constant throughout the code. For these reasons, hard-coding security-relevant constants is considered bad coding practice and should be remedied if present and avoided in future.\n\n## Best practices for prevention\n- Never hard code security-related constants; use symbolic names or configuration lookup files.\n- As hard coding is often done by coders working alone on a small scale, examine all legacy code components and test carefully when scaling.\n- Adopt a \"future-proof code\" mindset: While use of constants may save a little time now and make development simpler in the short term, it could cost time and money adapting to scale or other unforeseen circumstances (such as new hardware) in the future.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "HardcodedNonCryptoSecret",
+ "Security",
+ "InTest"
+ ],
+ "categories": [
+ "Security",
+ "InTest"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/DanielMil/Authentication-Server/commit/310ce5500e9e751ee2fd9f3018bf772e9aae8364?diff=split#diff-dcdc3e0b3362edb8fec2a51d3fa51f8fb8af8f70247e06d9887fa934834c9122L-1",
+ "lines": [
+ {
+ "line": "// Set environment variables\n",
+ "lineNumber": 14,
+ "lineChange": "added"
+ },
+ {
+ "line": "const sessionSecret: any = process.env.SESSION_SECRET;\n",
+ "lineNumber": 15,
+ "lineChange": "added"
+ },
+ {
+ "line": "const dbConnection: any = process.env.MONGO_URI; \n",
+ "lineNumber": 16,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 17,
+ "lineChange": "added"
+ },
+ {
+ "line": "// Mongo config\n",
+ "lineNumber": 18,
+ "lineChange": "none"
+ },
+ {
+ "line": "const DB_CONNECTION: any = process.env.MONGO_URI; \n",
+ "lineNumber": 15,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.connect(DB_CONNECTION, { useNewUrlParser: true })\n",
+ "lineNumber": 16,
+ "lineChange": "none"
+ },
+ {
+ "line": " .then(() => console.log(\"Succesfully connected to MongoDB.\"))\n",
+ "lineNumber": 20,
+ "lineChange": "none"
+ },
+ {
+ "line": " .catch((err: mongoose.Error) => console.error(err));\n",
+ "lineNumber": 21,
+ "lineChange": "none"
+ },
+ {
+ "line": "const MongoStore = mongoStore(session); \n",
+ "lineNumber": 22,
+ "lineChange": "none"
+ },
+ {
+ "line": "const db: any = mongoose.connection;\n",
+ "lineNumber": 23,
+ "lineChange": "none"
+ },
+ {
+ "line": " \n",
+ "lineNumber": 24,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Fix mongo deprecation warnings\n",
+ "lineNumber": 25,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.set('useNewUrlParser', true);\n",
+ "lineNumber": 26,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.set('useFindAndModify', false);\n",
+ "lineNumber": 27,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.set('useCreateIndex', true);\n",
+ "lineNumber": 28,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 29,
+ "lineChange": "none"
+ },
+ {
+ "line": "// Configure express session\n",
+ "lineNumber": 30,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(cookieParser());\n",
+ "lineNumber": 31,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(session({\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": " secret: \"secret\",\n",
+ "lineNumber": 30,
+ "lineChange": "removed"
+ },
+ {
+ "line": " secret: sessionSecret,\n",
+ "lineNumber": 33,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/virena-app/virena/commit/8058527e8ef71bfa81f0cb0fb35eb80d00e08fdb?diff=split#diff-186488e26aa960d29fec244ac086f15e024c5a84df47eeba233d9b8d2525de2dL-1",
+ "lines": [
+ {
+ "line": "client_id: '8fcf3e5c2d3d5dd78188',\n",
+ "lineNumber": 36,
+ "lineChange": "removed"
+ },
+ {
+ "line": "client_secret: '0e102c56021e1aa28005b469b3c83ef7cb7e5b0e'\n",
+ "lineNumber": 37,
+ "lineChange": "removed"
+ },
+ {
+ "line": "client_id: process.env.GITINIT,\n",
+ "lineNumber": 36,
+ "lineChange": "added"
+ },
+ {
+ "line": "client_secret: process.env.GITSEE\n",
+ "lineNumber": 37,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/nemtech/nem2-library-js/commit/dd101718759035849eeb9d4a388656acdb5bf6d9?diff=split#diff-59ccc41578f07869060f7aea9ceca193a407696cce3de9f7219f98187f65c5b7L-1",
+ "lines": [
+ {
+ "line": "const hash = sha3_512.create();\n",
+ "lineNumber": 29,
+ "lineChange": "removed"
+ },
+ {
+ "line": "hash.update('secret');\n",
+ "lineNumber": 30,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const hash = new Ripemd160().update(Buffer.from('Test Hash 160')).digest('Hex');\t\t\n",
+ "lineNumber": 31,
+ "lineChange": "added"
+ },
+ {
+ "line": "const secretLockTransaction = {\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tdeadline: deadline(),\n",
+ "lineNumber": 33,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tmosaicId: [3646934825, 3576016193],\n",
+ "lineNumber": 34,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tmosaicAmount: uint64.fromUint(10000000),\n",
+ "lineNumber": 35,
+ "lineChange": "none"
+ },
+ {
+ "line": "\tduration: uint64.fromUint(100),\n",
+ "lineNumber": 36,
+ "lineChange": "none"
+ },
+ {
+ "line": "\thashAlgorithm: 0,\n",
+ "lineNumber": 36,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\tsecret: '225fe6d12b73a7d51f2992ce82951dbf8c173fa4',\n",
+ "lineNumber": 37,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\thashAlgorithm: HashAlgorithm.RIPEMD_160,\n",
+ "lineNumber": 37,
+ "lineChange": "added"
+ },
+ {
+ "line": "\tsecret: hash,\n",
+ "lineNumber": 38,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 68,
+ "cwe": [
+ "CWE-547"
+ ]
+ }
+ },
+ {
+ "id": "javascript/NoHardcodedPasswords/test",
+ "name": "NoHardcodedPasswords/test",
+ "shortDescription": {
+ "text": "Use of Hardcoded Credentials"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "\n## Details\n\nDevelopers may use hardcoded credentials for convenience when coding in order to simplify their workflow. While they are responsible for removing these before production, occasionally this task may fall through the cracks. This also becomes a maintenance challenge when credentials are re-used across multiple applications.\n\nOnce attackers gain access, they may take advantage of privilege level to remove or alter data, take down a site or app, or hold any of the above for ransom. The risk across multiple similar projects is even greater. If code containing the credentials is reused across multiple projects, they will all be compromised.\n\n## Best practices for prevention\n* Plan software architecture such that keys and passwords are always stored outside the code, wherever possible.\n* Plan encryption into software architecture for all credential information and ensure proper handling of keys, credentials, and passwords.\n* Prompt for a secure password on first login rather than hard-code a default password.\n* If a hardcoded password or credential must be used, limit its use, for example, to system console users rather than via the network.\n* Use strong hashes for inbound password authentication, ideally with randomly assigned salts to increase the difficulty level in case of brute-force attack.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "NoHardcodedPasswords",
+ "Security",
+ "InTest"
+ ],
+ "categories": [
+ "Security",
+ "InTest"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/MosheWorld/Teacher-Student-Backend/commit/8578b6d9666996ebbfeffc058b22ef076bb856ba?diff=split#diff-0d543c6db9caf085d6e9f704ed0a1ec6baf47092768cfcb746a3e42266d83672L-1",
+ "lines": [
+ {
+ "line": "user: 'studyhubemail@gmail.com',\n",
+ "lineNumber": 23,
+ "lineChange": "removed"
+ },
+ {
+ "line": "pass: 'nuaheuvhpv'\n",
+ "lineNumber": 24,
+ "lineChange": "removed"
+ },
+ {
+ "line": "user: process.env.EMAIL_USERNAME,\n",
+ "lineNumber": 23,
+ "lineChange": "added"
+ },
+ {
+ "line": "pass: process.env.EMAIL_PASSWORD\n",
+ "lineNumber": 24,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/huluoyang/freecodecamp.cn/commit/277a09a3c3062263b61fb0bf02e17fd2be8ccb79?diff=split#diff-407d92ccd5a2b9275fe28f063fc49fbbedf9a87cfa6a1c3b8c72ce4b86858787L-1",
+ "lines": [
+ {
+ "line": "user: 'huluoyang@gmail.com',\n",
+ "lineNumber": 12,
+ "lineChange": "removed"
+ },
+ {
+ "line": "pass: 'nopainnogain'\n",
+ "lineNumber": 13,
+ "lineChange": "removed"
+ },
+ {
+ "line": "user: process.env.MANDRILL_USER || false,\n",
+ "lineNumber": 13,
+ "lineChange": "added"
+ },
+ {
+ "line": "pass: process.env.MANDRILL_PASSWORD\n",
+ "lineNumber": 14,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/tubackkhoa/tkframework/commit/0ac0f7964f71d71d3930e554cbaf928f39f4540f?diff=split#diff-ad73f37992e2c25b9ad0d945783289cbf65b92741918fabea31bfe5b9de96688L-1",
+ "lines": [
+ {
+ "line": "password: \"abc123ABC\",\n",
+ "lineNumber": 15,
+ "lineChange": "removed"
+ },
+ {
+ "line": "password: process.env.DB_PASS,\n",
+ "lineNumber": 15,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 44,
+ "cwe": [
+ "CWE-798",
+ "CWE-259"
+ ]
+ }
+ },
+ {
+ "id": "javascript/HTTPSourceWithUncheckedType",
+ "name": "HTTPSourceWithUncheckedType",
+ "shortDescription": {
+ "text": "Improper Type Validation"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "\n## Details\n\nWhen an object is coming from `req.body` or `req.query`, coming from the express framework. The value of this property can be controlled by the user. This could be abused by an attacker to craft the properties of the object to crash the application or bypass its logic. As such, consider checking the type of the object.\n\nIf this weakness is present, illegitimate input provided from the user's end could lead to unpredictable results such as the program crashing, unauthorized access to secure resources or command execution at the server side. In addition, if the server is overwhelmed by these types of malfunctions, it may lead to denial of service to legitimate users and tasks.\n\nExample:\n\n```\nmodule.exports = function(req, res) {\n var data = req.query;\n // type of value isnt checked before being used\n data.ids = data.ids.split(',');\n doStuff(data.ids);\n\n };\n```\n\n\n\n## Best practices for prevention\n* Adopt a zero-trust model in which all input is considered potentially suspect.\n* Check the type of the object.\n\nExample:\n\n```\nmodule.exports = function(req, res) {\n var data = req.query;\n if (data.ids && typeof data.ids == 'string') {\n\n // type of value is checked\n data.ids = data.ids.split(',');\n doStuff(data.ids);\n } else {}\n };\n```\n\n## References\n\n* [CWE-1287: Improper Validation of Specified Type of Input](https://cwe.mitre.org/data/definitions/1287.html)\n* [JavaScript type confusion: Bypassed input validation (and how to remediate)](https://snyk.io/blog/remediate-javascript-type-confusion-bypassed-input-validation/)\n* [req.query Documentation](https://expressjs.com/en/4x/api.html#req.query)",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "HTTPSourceWithUncheckedType",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/alexolivero/Obscurify/commit/e4833d36d4aa981b050caca88919784147fc8d95?diff=split#diff-7b56e6433cf96918ac3b03d1d103fc0286e593ad610f9419dfe3f99309ec33acL-1",
+ "lines": [
+ {
+ "line": "if( key < req.query.obscurifyScore.toString()){\r\n",
+ "lineNumber": 145,
+ "lineChange": "removed"
+ },
+ {
+ "line": "if( parseInt(key) < parseInt(req.query.obscurifyScore)){\r\n",
+ "lineNumber": 144,
+ "lineChange": "added"
+ },
+ {
+ "line": " usersBelow += value;\r\n",
+ "lineNumber": 146,
+ "lineChange": "none"
+ },
+ {
+ "line": "}\r\n",
+ "lineNumber": 147,
+ "lineChange": "none"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/ansible-semaphore/semaphore/commit/dc2dac98ad166701ed94f346d99dc2ff44b8a721?diff=split#diff-223cdc8b17a7eed4b42bce8401320629190defc2ac7bc7950b8a1563eb66c10dL-1",
+ "lines": [
+ {
+ "line": "if (req.body.identity && req.body.identity.length > 0) {\n",
+ "lineNumber": 51,
+ "lineChange": "removed"
+ },
+ {
+ "line": "if (typeof req.body.identity == 'string' && req.body.identity.length > 0) {\n",
+ "lineNumber": 51,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/Financial-Times/polyfill-service/commit/471ddf842dc4d672dbf3b09702d91b850d04e4b9?diff=split#diff-e4e457f4b65b990f84bd0649da30984786b38b197e0edcf3e01b168b682f5abeL-1",
+ "lines": [
+ {
+ "line": "excludes: (req.query.excludes && req.query.excludes.split(',')) || [],\n",
+ "lineNumber": 58,
+ "lineChange": "removed"
+ },
+ {
+ "line": "excludes: (typeof req.query.excludes === 'string' && req.query.excludes.split(',')) || [],\n",
+ "lineNumber": 58,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 39,
+ "cwe": [
+ "CWE-1287"
+ ]
+ }
+ },
+ {
+ "id": "python/UnsupportedLanguage/test",
+ "name": "UnsupportedLanguage/test",
+ "shortDescription": {
+ "text": "Python 2 source code"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "## Details\n\nThe Python 2 interpreter has been unsupported since January 2020 and does not receive security updates.\nThese source files appear to be in the Python 2 syntax, and therefore depend on unsupported 3rd party components for operation.\n\n## Best practices for prevention\n* If this code is still in use, port it to Python 3",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "python",
+ "UnsupportedLanguage",
+ "Security",
+ "InTest"
+ ],
+ "categories": [
+ "Security",
+ "InTest"
+ ],
+ "exampleCommitFixes": [],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 0,
+ "cwe": [
+ "CWE-1104"
+ ]
+ }
+ },
+ {
+ "id": "javascript/Sqli",
+ "name": "Sqli",
+ "shortDescription": {
+ "text": "SQL Injection"
+ },
+ "defaultConfiguration": {
+ "level": "error"
+ },
+ "help": {
+ "markdown": "## Details\n\nIn an SQL injection attack, the user can submit an SQL query directly to the database, gaining access without providing appropriate credentials. Attackers can then view, export, modify, and delete confidential information; change passwords and other authentication information; and possibly gain access to other systems within the network. This is one of the most commonly exploited categories of vulnerability, but can largely be avoided through good coding practices.\n\n## Best practices for prevention\n* Avoid passing user-entered parameters directly to the SQL server.\n* Avoid using string concatenation to build SQL queries from user-entered parameters.\n* When coding, define SQL code first, then pass in parameters. Use prepared statements with parameterized queries. Examples include `SqlCommand()` in .NET and `bindParam()` in PHP.\n* Use strong typing for all parameters so unexpected user data will be rejected.\n* Where direct user input cannot be avoided for performance reasons, validate input against a very strict allowlist of permitted characters, avoiding special characters such as `? & / < > ; - ' \" \\` and spaces. Use a vendor-supplied escaping routine if possible.\n* Develop your application in an environment and/or using libraries that provide protection against SQL injection.\n* Harden your entire environment around a least-privilege model, ideally with isolated accounts with privileges only for particular tasks.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "Sqli",
+ "Security",
+ "SourceHttpParam",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/Urigo/WhatsApp-Clone-Server/commit/088088847265c4ea29791cdbdc98d21b4b7b3e7d?diff=split#diff-64fc2a1d7ebf96939c4047a39fc850f244454c0f3eff44c48d8249e29a6269e1L-1",
+ "lines": [
+ {
+ "line": " const { rows } = await db.query(sql`\n",
+ "lineNumber": 134,
+ "lineChange": "removed"
+ },
+ {
+ "line": " INSERT INTO messages(chat_id, sender_user_id, content)\n",
+ "lineNumber": 135,
+ "lineChange": "removed"
+ },
+ {
+ "line": " VALUES(${chatId}, ${currentUser.id}, ${content})\n",
+ "lineNumber": 136,
+ "lineChange": "removed"
+ },
+ {
+ "line": " RETURNING *\n",
+ "lineNumber": 137,
+ "lineChange": "removed"
+ },
+ {
+ "line": " `);\n",
+ "lineNumber": 138,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 139,
+ "lineChange": "removed"
+ },
+ {
+ "line": " const messageAdded = rows[0];\n",
+ "lineNumber": 140,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 141,
+ "lineChange": "removed"
+ },
+ {
+ "line": " injector.get(PubSub).publish('messageAdded', {\n",
+ "lineNumber": 142,
+ "lineChange": "removed"
+ },
+ {
+ "line": " messageAdded,\n",
+ "lineNumber": 143,
+ "lineChange": "removed"
+ },
+ {
+ "line": " });\n",
+ "lineNumber": 144,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 145,
+ "lineChange": "removed"
+ },
+ {
+ "line": " return messageAdded;\n",
+ "lineNumber": 146,
+ "lineChange": "removed"
+ },
+ {
+ "line": " return injector\n",
+ "lineNumber": 134,
+ "lineChange": "added"
+ },
+ {
+ "line": " .get(Chats)\n",
+ "lineNumber": 135,
+ "lineChange": "added"
+ },
+ {
+ "line": " .addMessage({ chatId, content, userId: currentUser.id });\n",
+ "lineNumber": 136,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/vpdb/server/commit/25011eb029e72f51b0fc48259c8c0ea8b37b177d?diff=split#diff-dec1b2b754bba471fe0144e0960b50e5511aa6843c3fdd778a7e0e617938056bL-1",
+ "lines": [
+ {
+ "line": "\t\t\t\tquery.or([\r\n",
+ "lineNumber": 124,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\t\tquery.push({ $or: [\r\n",
+ "lineNumber": 124,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\t\t\t\t{ name: regex },\r\n",
+ "lineNumber": 125,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\t{ username: regex }\r\n",
+ "lineNumber": 126,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t]);\r\n",
+ "lineNumber": 127,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\t\t]});\r\n",
+ "lineNumber": 127,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\t\t}\r\n",
+ "lineNumber": 128,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t}\r\n",
+ "lineNumber": 129,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\tif (req.query.name) {\r\n",
+ "lineNumber": 130,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tquery.where('name').equals(req.query.name);\r\n",
+ "lineNumber": 131,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\tquery.push({ name: new RegExp('^' + _.escapeRegExp(req.query.name) + '$', 'i') });\r\n",
+ "lineNumber": 131,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\t}\r\n",
+ "lineNumber": 132,
+ "lineChange": "none"
+ },
+ {
+ "line": "\r\n",
+ "lineNumber": 133,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t// filter by role\r\n",
+ "lineNumber": 134,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\tif (canList && req.query.roles) {\r\n",
+ "lineNumber": 135,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t// sanitze and split\r\n",
+ "lineNumber": 136,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tlet roles = req.query.roles.trim().replace(/[^a-z0-9,-]+/gi, '').split(',');\r\n",
+ "lineNumber": 137,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tquery.where('roles').in(roles);\r\n",
+ "lineNumber": 138,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\tquery.push( { roles: { $in: roles }});\r\n",
+ "lineNumber": 138,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\t}\r\n",
+ "lineNumber": 139,
+ "lineChange": "none"
+ },
+ {
+ "line": "\r\n",
+ "lineNumber": 140,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\treturn query.exec();\r\n",
+ "lineNumber": 141,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\tconsole.log(api.searchQuery(query));\r\n",
+ "lineNumber": 141,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\treturn User.find(api.searchQuery(query)).exec();\r\n",
+ "lineNumber": 142,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/RedstoneDaedalus/verifybot/commit/b7d59d6b87e5eb4b5c8732969baca49466338c3d?diff=split#diff-913d641a0712b4b17eb483f777442426ecfc90bb4062492e9833586e5cbdea4aL-1",
+ "lines": [
+ {
+ "line": "const data = await client.query(`SELECT * FROM linked_accounts WHERE secret_key = '${req.query.key ? req.query.key.replace(/[^a-z\\d]/ig, \"\") : \"\"}';`);\n",
+ "lineNumber": 125,
+ "lineChange": "removed"
+ },
+ {
+ "line": "const data = await client.query(\"SELECT * FROM linked_accounts WHERE secret_key = ?;\", [cient.connection.escape(req.query.key || \"\")]);\n",
+ "lineNumber": 125,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 42,
+ "cwe": [
+ "CWE-89"
+ ]
+ }
+ },
+ {
+ "id": "javascript/HttpToHttps/test",
+ "name": "HttpToHttps/test",
+ "shortDescription": {
+ "text": "Cleartext Transmission of Sensitive Information"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "\n## Details\nThis weakness occurs when software transmits sensitive information, such as passwords or credit card numbers, in unencrypted form. This information may then be intercepted by threat actors using sniffer tools or interception techniques such as man-in-the-middle (MITM) attacks (often involving social engineering). Attackers can then use information gleaned to perform a variety of actions, depending on the information type. Possible actions include gaining unauthorized access, impersonating a user, moving laterally within the organization's network, or retrieving and potentially modifying files. This weakness is almost completely avoidable through intelligent architecture and design.\n\n## Best practices for prevention\n* Build web applications around a security mindset and the awareness that sniffers may be present at any time.\n* Ensure that all sensitive data transmission uses reliable encryption.\n* Implement security measures so that sensitive results are never returned in plain text.\n* Implement multiple-factor authentication methods to validate remote instances.\n* Use SSL not only at logon but throughout communications.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "HttpToHttps",
+ "Security",
+ "InTest"
+ ],
+ "categories": [
+ "Security",
+ "InTest"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/medic/couch2pg/commit/062eaa0f53d2cd2327232a695c60bf4c9fd589f6?diff=split#diff-e727e4bdf3657fd1d798edcd6b099d6e092f8573cba266154583a746bba0f346L-1",
+ "lines": [
+ {
+ "line": "var httplib = require('http');\n",
+ "lineNumber": 1,
+ "lineChange": "removed"
+ },
+ {
+ "line": "var httplib = require('https');\n",
+ "lineNumber": 1,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/dondi/GRNsight/commit/01e7d39d55ea9c18348a48aac5954183d825e834?diff=split#diff-65890f102baa526da3cc5d65e0528ea728fa9fa63659a7f2e1d523686240359cL-1",
+ "lines": [
+ {
+ "line": "var https = require(\"http\");\n",
+ "lineNumber": 2,
+ "lineChange": "removed"
+ },
+ {
+ "line": "var https = require(\"https\");\n",
+ "lineNumber": 2,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/watilde/npmbrew/commit/968a0cd04e732ede4552e60e86762ce77f7f0a5c?diff=split#diff-94469ba7812da76fe341041375403897426443f146321489331bb46bb45faf5bL-1",
+ "lines": [
+ {
+ "line": "var http = require(\"http\")\n",
+ "lineNumber": 2,
+ "lineChange": "removed"
+ },
+ {
+ "line": "var http = require(\"https\")\n",
+ "lineNumber": 2,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 4,
+ "cwe": [
+ "CWE-319"
+ ]
+ }
+ },
+ {
+ "id": "javascript/PT",
+ "name": "PT",
+ "shortDescription": {
+ "text": "Path Traversal"
+ },
+ "defaultConfiguration": {
+ "level": "error"
+ },
+ "help": {
+ "markdown": "## Details\n\nA Directory Traversal attack (also known as path traversal) aims to access files and directories that are stored outside the intended folder. By manipulating files with \"dot-dot-slash (../)\" sequences and its variations, or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system, including application source code, configuration, and other critical system files.\n\nBeing able to access and manipulate an arbitrary path leads to vulnerabilities when a program is being run with privileges that the user providing the path should not have. A website with a path traversal vulnerability would allow users access to sensitive files on the server hosting it. CLI programs may also be vulnerable to path traversal if they are being ran with elevated privileges (such as with the setuid or setgid flags in Unix systems).\n\nDirectory Traversal vulnerabilities can be generally divided into two types:\n\n- **Information Disclosure**: Allows the attacker to gain information about the folder structure or read the contents of sensitive files on the system.\n\n`st` is a module for serving static files on web pages, and contains a [vulnerability of this type](https://snyk.io/vuln/npm:st:20140206). In our example, we will serve files from the `public` route.\n\nIf an attacker requests the following URL from our server, it will in turn leak the sensitive private key of the root user.\n\n```\ncurl http://localhost:8080/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/root/.ssh/id_rsa\n```\n**Note** `%2e` is the URL encoded version of `.` (dot).\n\n- **Writing arbitrary files**: Allows the attacker to create or replace existing files. This type of vulnerability is also known as `Zip-Slip`.\n\nOne way to achieve this is by using a malicious `zip` archive that holds path traversal filenames. When each filename in the zip archive gets concatenated to the target extraction folder, without validation, the final path ends up outside of the target folder. If an executable or a configuration file is overwritten with a file containing malicious code, the problem can turn into an arbitrary code execution issue quite easily.\n\nThe following is an example of a `zip` archive with one benign file and one malicious file. Extracting the malicious file will result in traversing out of the target folder, ending up in `/root/.ssh/` overwriting the `authorized_keys` file:\n\n```\n2018-04-15 22:04:29 ..... 19 19 good.txt\n2018-04-15 22:04:42 ..... 20 20 ../../../../../../root/.ssh/authorized_keys\n```",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "PT",
+ "Security",
+ "SourceHttpParam",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/NodeBB/NodeBB/commit/cacc732015c64bba55a6ab45510086febccfb1b2?diff=split#diff-300f765b568b38163933bfcd40c75fe91709a35e9a7522bca2f8c5fe4b19195aL-1",
+ "lines": [
+ {
+ "line": "\t\t\t\t\tuploadUserPicture(req.user.uid, req.files.userPhoto.name, req.files.userPhoto.path, res);\n",
+ "lineNumber": 101,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\t\t\t\t\tuploadUserPicture(req.user.uid, path.extname(req.files.userPhoto.name), req.files.userPhoto.path, res);\n",
+ "lineNumber": 101,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\t\t\t\treturn;\n",
+ "lineNumber": 102,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t}\n",
+ "lineNumber": 103,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\n",
+ "lineNumber": 104,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\tvar absolutePath = path.join(global.configuration['ROOT_DIRECTORY'], global.nconf.get('upload_path'), path.basename(oldpicture));\n",
+ "lineNumber": 105,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\n",
+ "lineNumber": 106,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\tfs.unlink(absolutePath, function(err) {\n",
+ "lineNumber": 107,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\tif(err) {\t\t\t\t\n",
+ "lineNumber": 108,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\t\tconsole.error('[%d] %s', Date.now(), + err);\n",
+ "lineNumber": 109,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\t}\n",
+ "lineNumber": 110,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\t\n",
+ "lineNumber": 111,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\tuploadUserPicture(req.user.uid, path.extname(req.files.userPhoto.name), req.files.userPhoto.path, res);\n",
+ "lineNumber": 112,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\t\n",
+ "lineNumber": 113,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t});\n",
+ "lineNumber": 114,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t});\n",
+ "lineNumber": 115,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t});\n",
+ "lineNumber": 116,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\n",
+ "lineNumber": 117,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\tfunction uploadUserPicture(uid, extension, tempPath, res) {\n",
+ "lineNumber": 118,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tif(!extension) {\n",
+ "lineNumber": 119,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\tres.send({\n",
+ "lineNumber": 120,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t\terror: 'Error uploading file! Error : Invalid extension!'\n",
+ "lineNumber": 121,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\t});\n",
+ "lineNumber": 122,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\treturn;\n",
+ "lineNumber": 123,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t}\n",
+ "lineNumber": 124,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 125,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tvar filename = uid + '-profileimg' + extension;\n",
+ "lineNumber": 126,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tvar uploadPath = path.join(global.configuration['ROOT_DIRECTORY'], global.nconf.get('upload_path'), filename);\n",
+ "lineNumber": 127,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\n",
+ "lineNumber": 128,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t// @todo move to proper logging code - this should only be temporary\n",
+ "lineNumber": 129,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tconsole.log('Info: Attempting upload to: '+ uploadPath);\n",
+ "lineNumber": 130,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\t\n",
+ "lineNumber": 131,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tvar is = fs.createReadStream(tempPath);\n",
+ "lineNumber": 132,
+ "lineChange": "none"
+ },
+ {
+ "line": "\t\t\tvar os = fs.createWriteStream(uploadPath);\n",
+ "lineNumber": 133,
+ "lineChange": "none"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/vilmosioo/magma/commit/b13ae22e9cc3646444f949279c92dfa54fa2e882?diff=split#diff-e727e4bdf3657fd1d798edcd6b099d6e092f8573cba266154583a746bba0f346L-1",
+ "lines": [
+ {
+ "line": "\tres.render(req.params.path || 'home');\n",
+ "lineNumber": 41,
+ "lineChange": "removed"
+ },
+ {
+ "line": "\tconsole.log(req.params.path);\n",
+ "lineNumber": 42,
+ "lineChange": "added"
+ },
+ {
+ "line": "\tvar template = routes['/' + req.params.path] || routes['/'];\n",
+ "lineNumber": 43,
+ "lineChange": "added"
+ },
+ {
+ "line": "\ttemplate = template.templateUrl;\n",
+ "lineNumber": 44,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 45,
+ "lineChange": "added"
+ },
+ {
+ "line": "\tres.render(path.basename(template, path.extname(template)), {\n",
+ "lineNumber": 46,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\tconstants: {\n",
+ "lineNumber": 47,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\t\tROUTES: JSON.stringify(routes)\n",
+ "lineNumber": 48,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t\t}\n",
+ "lineNumber": 49,
+ "lineChange": "added"
+ },
+ {
+ "line": "\t});\n",
+ "lineNumber": 50,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/cube-js/cube.js/commit/256be019d9393daff7d8776be2c39bceafc49ce2?diff=split#diff-e3f9f2305d99d77628204eb1da6a6fd4695a3b3235274d4e7d8a65a150f0941fL-1",
+ "lines": [
+ {
+ "line": "await Promise.all(files.map(file => fs.writeFile(path.join(file.fileName), file.content)));\n",
+ "lineNumber": 143,
+ "lineChange": "removed"
+ },
+ {
+ "line": "await Promise.all(\n",
+ "lineNumber": 144,
+ "lineChange": "added"
+ },
+ {
+ "line": " files.map(file => path.join(...[dashboardAppPath].concat(file.fileName.split('/'))))\n",
+ "lineNumber": 145,
+ "lineChange": "added"
+ },
+ {
+ "line": ");\n",
+ "lineNumber": 146,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 42,
+ "cwe": [
+ "CWE-23"
+ ]
+ }
+ },
+ {
+ "id": "javascript/UseCsurfForExpress",
+ "name": "UseCsurfForExpress",
+ "shortDescription": {
+ "text": "Cross-Site Request Forgery (CSRF)"
+ },
+ "defaultConfiguration": {
+ "level": "warning"
+ },
+ "help": {
+ "markdown": "\n## Details\nCross-site request forgery is an attack in which a malicious third party takes advantage of a user's authenticated credentials (such as a browser cookie) to impersonate that trusted user and perform unauthorized actions. The web application server cannot tell the difference between legitimate and malicious requests. This type of attack generally begins by tricking the user with a social engineering attack, such as a link or popup that the user inadvertently clicks, causing an unauthorized request to be sent to the web server. Consequences vary: At a standard user level, attackers can change passwords, transfer funds, make purchases, or connect with contacts; from an administrator account, attackers can then make changes to or even take down the app itself.\n\n## Best practices for prevention\n* Use development frameworks that defend against CSRF, using a nonce, hash, or some other security device to the URL and/or to forms.\n* Implement secure, unique, hidden tokens that are checked by the server each time to validate state-change requests.\n* Never assume that authentication tokens and session identifiers mean a request is legitimate.\n* Understand and implement other safe-cookie techniques, such as double submit cookies.\n* Terminate user sessions when not in use, including automatic timeout.\n* Ensure rigorous coding practices and defenses against other commonly exploited CWEs, since cross-site scripting (XSS), for example, can be used to bypass defenses against CSRF.\n\n## References\n\n* [Express Documentation - Implement CSRF Protection](https://expressjs.com/en/resources/middleware/csurf.html)\n* [Node Security Checklist - CSRF](https://blog.risingstack.com/node-js-security-checklist/#csrf)",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "UseCsurfForExpress",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/xiaoshan5733/cms/commit/cfa979899ffc5d7a1305571923ba6ae70548675b?diff=split#diff-e07d531ac040ce3f40e0ce632ac2a059d7cd60f20e61f78268ac3be015b3b28fL-1",
+ "lines": [
+ {
+ "line": "var app = express();\n",
+ "lineNumber": 21,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 22,
+ "lineChange": "none"
+ },
+ {
+ "line": "//连接数据库\n",
+ "lineNumber": 23,
+ "lineChange": "none"
+ },
+ {
+ "line": "mongoose.connect(config.mongodb.uri);\n",
+ "lineNumber": 24,
+ "lineChange": "none"
+ },
+ {
+ "line": "var db = mongoose.connection;\n",
+ "lineNumber": 25,
+ "lineChange": "none"
+ },
+ {
+ "line": "db.on('error', console.error.bind(console, 'connection error:'));\n",
+ "lineNumber": 26,
+ "lineChange": "none"
+ },
+ {
+ "line": "db.once('open', function callback () {\n",
+ "lineNumber": 27,
+ "lineChange": "none"
+ },
+ {
+ "line": " console.log('连接mongodb成功');\n",
+ "lineNumber": 28,
+ "lineChange": "none"
+ },
+ {
+ "line": "});\n",
+ "lineNumber": 29,
+ "lineChange": "none"
+ },
+ {
+ "line": "//引入数据模型\n",
+ "lineNumber": 30,
+ "lineChange": "none"
+ },
+ {
+ "line": "util.walk(appPath + '/server/models', null, function(path) {\n",
+ "lineNumber": 31,
+ "lineChange": "none"
+ },
+ {
+ "line": " require(path);\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": "});\n",
+ "lineNumber": 33,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 34,
+ "lineChange": "none"
+ },
+ {
+ "line": "// view engine setup\n",
+ "lineNumber": 35,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.set('views', path.join(__dirname, 'views'));\n",
+ "lineNumber": 36,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.set('view engine', 'jade');\n",
+ "lineNumber": 37,
+ "lineChange": "none"
+ },
+ {
+ "line": "//定义全局字段\n",
+ "lineNumber": 38,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.locals = {\n",
+ "lineNumber": 39,
+ "lineChange": "none"
+ },
+ {
+ "line": " title: 'CMS',\n",
+ "lineNumber": 40,
+ "lineChange": "none"
+ },
+ {
+ "line": " pretty: true,\n",
+ "lineNumber": 41,
+ "lineChange": "none"
+ },
+ {
+ "line": " moment: moment,\n",
+ "lineNumber": 42,
+ "lineChange": "none"
+ },
+ {
+ "line": " _: underscore,\n",
+ "lineNumber": 43,
+ "lineChange": "none"
+ },
+ {
+ "line": " util: util,\n",
+ "lineNumber": 44,
+ "lineChange": "none"
+ },
+ {
+ "line": " config: config,\n",
+ "lineNumber": 45,
+ "lineChange": "none"
+ },
+ {
+ "line": " adminDir: config.admin.dir ? ('/' + config.admin.dir) : ''\n",
+ "lineNumber": 46,
+ "lineChange": "none"
+ },
+ {
+ "line": "};\n",
+ "lineNumber": 47,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.set('config', config);\n",
+ "lineNumber": 48,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 49,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(favicon());\n",
+ "lineNumber": 50,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(logger('dev'));\n",
+ "lineNumber": 51,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(bodyParser.json());\n",
+ "lineNumber": 54,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(bodyParser.urlencoded());\n",
+ "lineNumber": 55,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(cookieParser());\n",
+ "lineNumber": 56,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(session({\n",
+ "lineNumber": 57,
+ "lineChange": "none"
+ },
+ {
+ "line": " secret: 'ruoguan'/*,\n",
+ "lineNumber": 58,
+ "lineChange": "none"
+ },
+ {
+ "line": " store: new RedisStore*/\n",
+ "lineNumber": 59,
+ "lineChange": "none"
+ },
+ {
+ "line": "}));\n",
+ "lineNumber": 60,
+ "lineChange": "none"
+ },
+ {
+ "line": "//app.use(csrf());\n",
+ "lineNumber": 58,
+ "lineChange": "removed"
+ },
+ {
+ "line": "app.use(csrf());\n",
+ "lineNumber": 61,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/Detry322/redisred/commit/57aeed9563c1020ca70093310634000d795ae3b4?diff=split#diff-e07d531ac040ce3f40e0ce632ac2a059d7cd60f20e61f78268ac3be015b3b28fL-1",
+ "lines": [
+ {
+ "line": "var csrf = require('csurf');\n",
+ "lineNumber": 18,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 19,
+ "lineChange": "none"
+ },
+ {
+ "line": "//Initialize auth\n",
+ "lineNumber": 20,
+ "lineChange": "none"
+ },
+ {
+ "line": "authentication(passport, adminUsername, adminPassword);\n",
+ "lineNumber": 21,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 22,
+ "lineChange": "none"
+ },
+ {
+ "line": "//Initialize the app\n",
+ "lineNumber": 23,
+ "lineChange": "none"
+ },
+ {
+ "line": "var app = express();\n",
+ "lineNumber": 24,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.set('views', './views');\n",
+ "lineNumber": 25,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.set('view engine', 'jade');\n",
+ "lineNumber": 26,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(favicon('./public/assets/favicon.png'));\n",
+ "lineNumber": 27,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(bodyParser.urlencoded({ extended: false }));\n",
+ "lineNumber": 28,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(expressSession({ secret: sessionSecret, resave: true, saveUninitialized: true }));\n",
+ "lineNumber": 29,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(passport.initialize());\n",
+ "lineNumber": 30,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(passport.session());\n",
+ "lineNumber": 31,
+ "lineChange": "none"
+ },
+ {
+ "line": "app.use(csrf());\n",
+ "lineNumber": 32,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/slidewiki/slidewiki-platform/commit/3e1fd3ff647826a1321f4272924da9bfbcc91383?diff=split#diff-a4c65ede64197e1a112899a68bf994485b889c4b143198bac4af53425b38406fL-1",
+ "lines": [
+ {
+ "line": "import cookieParser from 'cookie-parser';\n",
+ "lineNumber": 10,
+ "lineChange": "added"
+ },
+ {
+ "line": "import csrf from 'csurf';\n",
+ "lineNumber": 11,
+ "lineChange": "added"
+ },
+ {
+ "line": "import compression from 'compression';\n",
+ "lineNumber": 12,
+ "lineChange": "added"
+ },
+ {
+ "line": "import debugLib from 'debug';\n",
+ "lineNumber": 13,
+ "lineChange": "added"
+ },
+ {
+ "line": "import path from 'path';\n",
+ "lineNumber": 14,
+ "lineChange": "none"
+ },
+ {
+ "line": "import serialize from 'serialize-javascript';\n",
+ "lineNumber": 10,
+ "lineChange": "none"
+ },
+ {
+ "line": "import {navigateAction} from 'fluxible-router';\n",
+ "lineNumber": 15,
+ "lineChange": "none"
+ },
+ {
+ "line": "import debugLib from 'debug';\n",
+ "lineNumber": 12,
+ "lineChange": "none"
+ },
+ {
+ "line": "import React from 'react';\n",
+ "lineNumber": 16,
+ "lineChange": "none"
+ },
+ {
+ "line": "import ReactDOM from 'react-dom/server';\n",
+ "lineNumber": 17,
+ "lineChange": "none"
+ },
+ {
+ "line": "import app from './app';\n",
+ "lineNumber": 18,
+ "lineChange": "none"
+ },
+ {
+ "line": "import HTMLComponent from './components/DefaultHTMLLayout';\n",
+ "lineNumber": 19,
+ "lineChange": "none"
+ },
+ {
+ "line": "import { createElementWithContext } from 'fluxible-addons-react';\n",
+ "lineNumber": 20,
+ "lineChange": "none"
+ },
+ {
+ "line": "import favicon from 'serve-favicon';\n",
+ "lineNumber": 18,
+ "lineChange": "none"
+ },
+ {
+ "line": "const env = process.env.NODE_ENV;\n",
+ "lineNumber": 22,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 23,
+ "lineChange": "none"
+ },
+ {
+ "line": "const debug = debugLib('slidewiki-platform');\n",
+ "lineNumber": 24,
+ "lineChange": "none"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 25,
+ "lineChange": "none"
+ },
+ {
+ "line": "const server = express();\n",
+ "lineNumber": 26,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use(favicon(path.join(__dirname, '/favicon.ico')));\n",
+ "lineNumber": 27,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use('/public', express['static'](path.join(__dirname, '/build')));\n",
+ "lineNumber": 28,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use('/bower_components', express['static'](path.join(__dirname, '/bower_components')));\n",
+ "lineNumber": 29,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use('/custom_modules', express['static'](path.join(__dirname, '/custom_modules')));\n",
+ "lineNumber": 30,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use('/assets', express['static'](path.join(__dirname, '/assets')));\n",
+ "lineNumber": 31,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use(compression());\n",
+ "lineNumber": 32,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use(bodyParser.json());\n",
+ "lineNumber": 34,
+ "lineChange": "none"
+ },
+ {
+ "line": "server.use(csrf({cookie: true}));\n",
+ "lineNumber": 35,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 66,
+ "cwe": [
+ "CWE-352"
+ ]
+ }
+ },
+ {
+ "id": "javascript/PrototypePollution",
+ "name": "PrototypePollution",
+ "shortDescription": {
+ "text": "Prototype Pollution"
+ },
+ "defaultConfiguration": {
+ "level": "warning"
+ },
+ "help": {
+ "markdown": "## Details\n\nPrototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. JavaScript allows all Object attributes to be altered, including their magical attributes such as `_proto_`, `constructor` and `prototype`. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. Properties on the `Object.prototype` are then inherited by all the JavaScript objects through the prototype chain. When that happens, this leads to either denial of service by triggering JavaScript exceptions, or it tampers with the application source code to force the code path that the attacker injects, thereby leading to remote code execution.\n\nThere are two main ways in which the pollution of prototypes occurs:\n\n- Unsafe `Object` recursive merge\n\n- Property definition by path\n\n\n### Unsafe Object recursive merge\n\nThe logic of a vulnerable recursive merge function follows the following high-level model:\n```\nmerge (target, source)\n\n foreach property of source\n\n if property exists and is an object on both the target and the source\n\n merge(target[property], source[property])\n\n else\n\n target[property] = source[property]\n```\n
\n\nWhen the source object contains a property named `_proto_` defined with `Object.defineProperty()` , the condition that checks if the property exists and is an object on both the target and the source passes and the merge recurses with the target, being the prototype of `Object` and the source of `Object` as defined by the attacker. Properties are then copied on the `Object` prototype.\n\nClone operations are a special sub-class of unsafe recursive merges, which occur when a recursive merge is conducted on an empty object: `merge({},source)`.\n\n`lodash` and `Hoek` are examples of libraries susceptible to recursive merge attacks.\n\n### Property definition by path\n\nThere are a few JavaScript libraries that use an API to define property values on an object based on a given path. The function that is generally affected contains this signature: `theFunction(object, path, value)`\n\nIf the attacker can control the value of \"path\", they can set this value to `_proto_.myValue`. `myValue` is then assigned to the prototype of the class of the object.\n\n## Types of attacks\n\nThere are a few methods by which Prototype Pollution can be manipulated:\n\n| Type |Origin |Short description |\n|--|--|--|\n| **Denial of service (DoS)**|Client |This is the most likely attack.
DoS occurs when `Object` holds generic functions that are implicitly called for various operations (for example, `toString` and `valueOf`).
The attacker pollutes `Object.prototype.someattr` and alters its state to an unexpected value such as `Int` or `Object`. In this case, the code fails and is likely to cause a denial of service.
**For example:** if an attacker pollutes `Object.prototype.toString` by defining it as an integer, if the codebase at any point was reliant on `someobject.toString()` it would fail. |\n |**Remote Code Execution**|Client|Remote code execution is generally only possible in cases where the codebase evaluates a specific attribute of an object, and then executes that evaluation.
**For example:** `eval(someobject.someattr)`. In this case, if the attacker pollutes `Object.prototype.someattr` they are likely to be able to leverage this in order to execute code.|\n|**Property Injection**|Client|The attacker pollutes properties that the codebase relies on for their informative value, including security properties such as cookies or tokens.
**For example:** if a codebase checks privileges for `someuser.isAdmin`, then when the attacker pollutes `Object.prototype.isAdmin` and sets it to equal `true`, they can then achieve admin privileges.|\n\n## Affected environments\n\nThe following environments are susceptible to a Prototype Pollution attack:\n\n- Application server\n\n- Web server\n\n\n## Best practices for prevention\n\n1. Freeze the prototype - use `Object.freeze (Object.prototype)`.\n\n2. Require schema validation of JSON input.\n\n3. Avoid using unsafe recursive merge functions.\n\n4. Consider using objects without prototypes (for example, `Object.create(null)`), breaking the prototype chain and preventing pollution.\n\n5. As a best practice use `Map` instead of `Object`.\n\n### For more information on this vulnerability type:\n\n[Arteau, Oliver. \"JavaScript prototype pollution attack in NodeJS application.\" GitHub, 26 May 2018](https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf)",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "PrototypePollution",
+ "Security",
+ "SourceServer",
+ "SourceHttpParam",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/VincentLoy/tweetParser.js/commit/31ccbf365abbb6398fb78705074c11458421cec6?diff=split#diff-343e9403c50c367c18f841170513c764a80c01c26a0d9c2746a5fd632febe770L-1",
+ "lines": [
+ {
+ "line": " for (var i in datas) {\n",
+ "lineNumber": 18,
+ "lineChange": "removed"
+ },
+ {
+ "line": " var i;\n",
+ "lineNumber": 18,
+ "lineChange": "added"
+ },
+ {
+ "line": "\n",
+ "lineNumber": 19,
+ "lineChange": "added"
+ },
+ {
+ "line": " for (i = 0; i < datas.length; i += 1) {\n",
+ "lineNumber": 20,
+ "lineChange": "added"
+ },
+ {
+ "line": " if (datas[i].contributions > 1) {\n",
+ "lineNumber": 21,
+ "lineChange": "none"
+ },
+ {
+ "line": " datas[i].wording = \"contributions\";\n",
+ "lineNumber": 22,
+ "lineChange": "none"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/wachunga/omega/commit/0ea594b103c957680b02e5b3d3e6763cf49d2c3a?diff=split#diff-a4c65ede64197e1a112899a68bf994485b889c4b143198bac4af53425b38406fL-1",
+ "lines": [
+ {
+ "line": "issues[id].assignee = assignee; \n",
+ "lineNumber": 47,
+ "lineChange": "removed"
+ },
+ {
+ "line": "issues[id-1].assignee = assignee; \n",
+ "lineNumber": 47,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/vampd/vampd/commit/edc7005b68e3e42f461249f8257ba16664983a79?diff=split#diff-8832eceed707e9acd023cc8a42587cb109d860d7272ff10950e3a01bb6f9be94L-1",
+ "lines": [
+ {
+ "line": "site.override_attributes.drupal.sites[site_name].actions = actions;\n",
+ "lineNumber": 53,
+ "lineChange": "removed"
+ },
+ {
+ "line": "site.override_attributes.drupal.sites[site_name].deploy.action = actions;\n",
+ "lineNumber": 54,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 8,
+ "cwe": [
+ "CWE-1321"
+ ]
+ }
+ },
+ {
+ "id": "javascript/DOMXSS",
+ "name": "DOMXSS",
+ "shortDescription": {
+ "text": "Cross-site Scripting (XSS)"
+ },
+ "defaultConfiguration": {
+ "level": "warning"
+ },
+ "help": {
+ "markdown": "## Details\n\nA cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.\n\nThis is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser's Same Origin Policy.\n\nInjecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.\n\nEscaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, `<` can be coded as `<`; and `>` can be coded as `>`; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses `<` and `>` as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they've been correctly escaped in the application code and in this way the attempted attack is diverted.\n\nThe most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.\n\n### Types of attacks\nThere are a few methods by which XSS can be manipulated:\n\n|Type|Origin|Description|\n|--|--|--|\n|**Stored**|Server|The malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.|\n|**Reflected**|Server|The attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user's browser.|\n|**DOM-based**|Client|The attacker forces the user's browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.|\n|**Mutated**| |The attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.|\n\n### Affected environments\nThe following environments are susceptible to an XSS attack:\n\n* Web servers\n* Application servers\n* Web application environments\n\n## Best practices for prevention\nThis section describes the top best practices designed to specifically protect your code:\n\n* Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.\n* Convert special characters such as `?`, `&`, `/`, `<`, `>` and spaces to their respective HTML or URL encoded equivalents.\n* Give users the option to disable client-side scripts.\n* Redirect invalid requests.\n* Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.\n* Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.\n* Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "DOMXSS",
+ "Security",
+ "SourceResourceAccess",
+ "SourceNetworkRequest",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/quilime/dynamic-site/commit/0e64e840355d79a879f7eeab00d3b0f1bc33b484?diff=split#diff-3803a4142e90f0f59977727226f37112d7b946ccfeca5b47455aee1ae6dee97bL-1",
+ "lines": [
+ {
+ "line": "codePre.innerHTML = prettyPrintOne(code);\n",
+ "lineNumber": 108,
+ "lineChange": "removed"
+ },
+ {
+ "line": "codePre.innerText = code;\n",
+ "lineNumber": 111,
+ "lineChange": "added"
+ },
+ {
+ "line": "prettyPrint();\n",
+ "lineNumber": 112,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/10up/distributor/commit/059a661149ceadc49f1093631cb4099f3ba4f2ac?diff=split#diff-d2e585d5738b595b24a722e974f1933e4ff11ee961254e6334a654d8927d7103L-1",
+ "lines": [
+ {
+ "line": "endpointResult.innerHTML = dt.limited_connection;\n",
+ "lineNumber": 95,
+ "lineChange": "removed"
+ },
+ {
+ "line": "endpointResult.innerText = dt.limited_connection;\n",
+ "lineNumber": 101,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/minj/foxtrick/commit/ada03f2d4d5e4ae9f7b2f4cfeb2eceaa5b4322d6?diff=split#diff-6e9376b3e13b333f7778db725b2e2b6ec79943d3752cb5e7104c47969c4bbd63L-1",
+ "lines": [
+ {
+ "line": "a.innerHTML = Foxtrickl10n.getString('foxtrick.LeagueAndMatchChat.CupChat');\n",
+ "lineNumber": 96,
+ "lineChange": "removed"
+ },
+ {
+ "line": "a.textContent = Foxtrickl10n.getString('foxtrick.LeagueAndMatchChat.CupChat');\n",
+ "lineNumber": 92,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 116,
+ "cwe": [
+ "CWE-79"
+ ]
+ }
+ },
+ {
+ "id": "javascript/InsecureHash",
+ "name": "InsecureHash",
+ "shortDescription": {
+ "text": "Use of Password Hash With Insufficient Computational Effort"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "\n## Details\n\nSensitive information should never be stored in plain text, since this makes it very easy for unauthorized users, whether malicious insiders or outside attackers, to access. Hashing methods are used to make stored passwords and other sensitive data unreadable to users. For example, when a password is defined for the first time, it is hashed and then stored. The next time that user attempts to log on, the password they enter is hashed following the same procedure and compared with the stored value. In this way, the original password never needs to be stored in the system.\n\nHashing is a one-way scheme, meaning a hashed password cannot be reverse engineered. However, if an outdated or custom programmed hashing scheme is used, it becomes simple for an attacker with powerful modern computing power to gain access to the hashes used. This opens up access to all stored password information, leading to breached security. Therefore, it is essential for developers to understand modern, secure password hashing techniques.\n\n## Best practices for prevention\n* Use strong standard algorithms for hashing rather than simpler but outdated methods or DIY hashing schemes, which may have inherent weaknesses.\n* Use modular design for all code dealing with hashing so it can be swapped out as security standards change over time.\n* Use salting in combination with hashing (While this places more demands on resources, it is an essential step for tighter security.).\n* Implement zero-trust architecture to ensure that access to password data is granted only for legitimate business purposes.\n* Increase developer awareness of current standards in data security and cryptography.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "InsecureHash",
+ "Security"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/emgram769/livechan-js/commit/99ecea722f7fc204ce3293ff2b0e315d0e61ccad?diff=split#diff-fdbfe737b6f8eaccddd46f57a79b5532942e1667c38ca880c32d89723af39857L-1",
+ "lines": [
+ {
+ "line": "var hash_pass = crypto.createHash('sha1').update(password).digest('base64');\n",
+ "lineNumber": 88,
+ "lineChange": "removed"
+ },
+ {
+ "line": "var hash_pass = crypto.createHash('sha512').update(config.admin_pw_salt, 'base64').update(password, 'utf8').digest('base64');\n",
+ "lineNumber": 88,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/Synzvato/decentraleyes/commit/8855358381cff8156fe7a801d9201371034373a2?diff=split#diff-8e3adc8af301344e44c7efc3f4a24d375d02d285c617793db6d2eabe367b9d92L-1",
+ "lines": [
+ {
+ "line": "hash = crypto.createHash('md5');\n",
+ "lineNumber": 139,
+ "lineChange": "removed"
+ },
+ {
+ "line": "hash = crypto.createHash('sha512');\n",
+ "lineNumber": 139,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/openmrs/openmrs-contrib-id/commit/877c9a874b349a330b806414bfad82d03de39eb1?diff=split#diff-629444d01512e7f8fd688f67bf412d620053325ed416c34f940ffd52bb4420e2L-1",
+ "lines": [
+ {
+ "line": "hash = crypto.createHash('md5');\n",
+ "lineNumber": 109,
+ "lineChange": "removed"
+ },
+ {
+ "line": "hash = crypto.createHash('sha512');\n",
+ "lineNumber": 109,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 52,
+ "cwe": [
+ "CWE-916"
+ ]
+ }
+ },
+ {
+ "id": "javascript/ZipSlip",
+ "name": "ZipSlip",
+ "shortDescription": {
+ "text": "Arbitrary File Write via Archive Extraction (Zip Slip)"
+ },
+ "defaultConfiguration": {
+ "level": "error"
+ },
+ "help": {
+ "markdown": "## Details\n\nZip Slip is a form of directory traversal that can be exploited by extracting files from an archive. The premise of the directory traversal vulnerability is that an attacker can gain access to parts of the file system outside of the target folder in which they should reside. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine. The vulnerability can also cause damage by overwriting configuration files or other sensitive resources, and can be exploited on both client (user) machines and servers.\n\n## Example\n\nThe following is an example of a `zip` archive with one benign file and one malicious file. Extracting the malicious file will result in traversing out of the target folder, ending up in `/root/.ssh/` overwriting the `authorized_keys` file:\n\n```\n2018-04-15 22:04:29 ..... 19 19 good.txt\n2018-04-15 22:04:42 ..... 20 20 ../../../../../../root/.ssh/authorized_keys\n```",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "ZipSlip",
+ "Security",
+ "SourceArchive",
+ "",
+ "Taint"
+ ],
+ "categories": [
+ "Security"
+ ],
+ "exampleCommitFixes": [],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 0,
+ "cwe": [
+ "CWE-22"
+ ]
+ }
+ },
+ {
+ "id": "javascript/NoHardcodedCredentials/test",
+ "name": "NoHardcodedCredentials/test",
+ "shortDescription": {
+ "text": "Use of Hardcoded Credentials"
+ },
+ "defaultConfiguration": {
+ "level": "note"
+ },
+ "help": {
+ "markdown": "\n## Details\n\nDevelopers may use hardcoded credentials for convenience when coding in order to simplify their workflow. While they are responsible for removing these before production, occasionally this task may fall through the cracks. This also becomes a maintenance challenge when credentials are re-used across multiple applications.\n\nOnce attackers gain access, they may take advantage of privilege level to remove or alter data, take down a site or app, or hold any of the above for ransom. The risk across multiple similar projects is even greater. If code containing the credentials is reused across multiple projects, they will all be compromised.\n\n## Best practices for prevention\n* Plan software architecture such that keys and passwords are always stored outside the code, wherever possible.\n* Plan encryption into software architecture for all credential information and ensure proper handling of keys, credentials, and passwords.\n* Prompt for a secure password on first login rather than hard-code a default password.\n* If a hardcoded password or credential must be used, limit its use, for example, to system console users rather than via the network.\n* Use strong hashes for inbound password authentication, ideally with randomly assigned salts to increase the difficulty level in case of brute-force attack.",
+ "text": ""
+ },
+ "properties": {
+ "tags": [
+ "javascript",
+ "NoHardcodedCredentials",
+ "Security",
+ "InTest"
+ ],
+ "categories": [
+ "Security",
+ "InTest"
+ ],
+ "exampleCommitFixes": [
+ {
+ "commitURL": "https://github.com/thallium205/BitcoinVisualizer/commit/3fd03f5ec7236a0602ea2960dc786b156601efc6?diff=split#diff-a0f6e6d9c44dcd75d4a33b841594a196ff2e74137919f62ac68935a991378528L-1",
+ "lines": [
+ {
+ "line": "host : '10.0.0.1',\r\n",
+ "lineNumber": 2,
+ "lineChange": "removed"
+ },
+ {
+ "line": "user : 'root',\r\n",
+ "lineNumber": 3,
+ "lineChange": "removed"
+ },
+ {
+ "line": "password : 'webster',\r\n",
+ "lineNumber": 4,
+ "lineChange": "removed"
+ },
+ {
+ "line": "database : 'blockviewer'\r\n",
+ "lineNumber": 5,
+ "lineChange": "removed"
+ },
+ {
+ "line": "host : process.env.sqlhost,\r\n",
+ "lineNumber": 7,
+ "lineChange": "added"
+ },
+ {
+ "line": "user : process.env.sqluser,\r\n",
+ "lineNumber": 8,
+ "lineChange": "added"
+ },
+ {
+ "line": "password : process.env.sqlpass,\r\n",
+ "lineNumber": 9,
+ "lineChange": "added"
+ },
+ {
+ "line": "database : process.env.sqldatabase\r\n",
+ "lineNumber": 10,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/azukiapp/azk/commit/f032902cd00ad2ed6dfb8d9f7d9f31e9db10b210?diff=split#diff-14c376258425dc4f37d3c24807f4b5ba8b060f4dd75d5e90f8d88396acacbf3bL-1",
+ "lines": [
+ {
+ "line": "username: 'docker',\n",
+ "lineNumber": 298,
+ "lineChange": "removed"
+ },
+ {
+ "line": "username: azk.cst.VM_USER,\n",
+ "lineNumber": 298,
+ "lineChange": "added"
+ }
+ ]
+ },
+ {
+ "commitURL": "https://github.com/jedireza/aqua/commit/5c35c79f56ada04f4d2c565954ccf63f55b1f706?diff=split#diff-c85bcf94d1b915dac9d6da178bf7648fa1a910cbcdc14a82fef8a90cf9f62e21L-1",
+ "lines": [
+ {
+ "line": "password : 'test',\n",
+ "lineNumber": 203,
+ "lineChange": "removed"
+ },
+ {
+ "line": "email : 'test@test.com'\n",
+ "lineNumber": 204,
+ "lineChange": "removed"
+ },
+ {
+ "line": "password : results.rootPassword,\n",
+ "lineNumber": 203,
+ "lineChange": "added"
+ },
+ {
+ "line": "email : results.rootEmail\n",
+ "lineNumber": 204,
+ "lineChange": "added"
+ }
+ ]
+ }
+ ],
+ "exampleCommitDescriptions": [],
+ "precision": "very-high",
+ "repoDatasetSize": 30,
+ "cwe": [
+ "CWE-798"
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "results": [
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "warning",
+ "message": {
+ "text": "Unsanitized input from data from a remote resource flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[data from a remote resource](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16)",
+ "[bypassSecurityTrustHtml](17)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 216,
+ "endLine": 216,
+ "startColumn": 44,
+ "endColumn": 67
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "041274fc0869f892f98d45c0bd6903f2cfad48bc93a806c69ccfdb2c86f32781",
+ "1": "7921a677.4773f344.607187b5.a517c54b.ef9f7d82.8020cfdf.df7e59ba.cde67692.72e8bf12.664e3b30.21371afe.dee12555.fbac9e17.787328db.83265159.de97a755"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 65,
+ "endColumn": 78
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 83,
+ "endColumn": 91
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 83,
+ "endColumn": 96
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 60,
+ "endColumn": 63
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 55,
+ "endColumn": 59
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/challenge.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 12,
+ "endColumn": 59
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 117,
+ "endLine": 117,
+ "startColumn": 29,
+ "endColumn": 33
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 117,
+ "endLine": 117,
+ "startColumn": 63,
+ "endColumn": 73
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 119,
+ "endLine": 119,
+ "startColumn": 29,
+ "endColumn": 39
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 120,
+ "endLine": 120,
+ "startColumn": 31,
+ "endColumn": 46
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 12,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 121,
+ "endLine": 121,
+ "startColumn": 34,
+ "endColumn": 49
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 13,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 122,
+ "endLine": 122,
+ "startColumn": 39,
+ "endColumn": 54
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 14,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 215,
+ "endLine": 215,
+ "startColumn": 25,
+ "endColumn": 45
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 15,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 216,
+ "endLine": 216,
+ "startColumn": 68,
+ "endColumn": 77
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 16,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 216,
+ "endLine": 216,
+ "startColumn": 68,
+ "endColumn": 99
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 17,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/score-board/score-board.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 216,
+ "endLine": 216,
+ "startColumn": 44,
+ "endColumn": 67
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "warning",
+ "message": {
+ "text": "Unsanitized input from data from a remote resource flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[data from a remote resource](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8)",
+ "[bypassSecurityTrustHtml](9)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/data-export/data-export.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 45,
+ "endLine": 45,
+ "startColumn": 37,
+ "endColumn": 60
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "1ea030f297935ab7db59fe215a71ce9c51aacfc72938e77d615d828f87adc0e0",
+ "1": "3df95e84.4773f344.607187b5.74eb2808.ef9f7d82.8020cfdf.83265159.428468b6.a6348f37.70b638aa.8b3a84e3.c559ebce.4463c21f.51429c53.83265159.7f547f77"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/image-captcha.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 20,
+ "endLine": 20,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/image-captcha.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 20,
+ "endLine": 20,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/image-captcha.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 20,
+ "endLine": 20,
+ "startColumn": 12,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/image-captcha.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 20,
+ "endLine": 20,
+ "startColumn": 68,
+ "endColumn": 72
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/image-captcha.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 20,
+ "endLine": 20,
+ "startColumn": 12,
+ "endColumn": 72
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/data-export/data-export.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 44,
+ "endLine": 44,
+ "startColumn": 30,
+ "endColumn": 40
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/data-export/data-export.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 44,
+ "endLine": 44,
+ "startColumn": 54,
+ "endColumn": 63
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/data-export/data-export.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 45,
+ "endLine": 45,
+ "startColumn": 61,
+ "endColumn": 65
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/data-export/data-export.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 45,
+ "endLine": 45,
+ "startColumn": 61,
+ "endColumn": 71
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/data-export/data-export.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 45,
+ "endLine": 45,
+ "startColumn": 37,
+ "endColumn": 60
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "warning",
+ "message": {
+ "text": "Unsanitized input from data from a remote resource flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[data from a remote resource](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13)",
+ "[bypassSecurityTrustHtml](14)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 50,
+ "endLine": 50,
+ "startColumn": 37,
+ "endColumn": 60
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "145bb7c088f3191c1b0d55120ac56ba0cbb22ea4b26198b225aee2f2b777e4ba",
+ "1": "839b1d0f.4773f344.607187b5.824d2503.ef9f7d82.8020cfdf.0b4f0b50.ae94f388.46b7c801.6b0b4bb5.81f55990.72a8f743.4463c21f.7312b3d3.83265159.a83217da"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 29,
+ "endLine": 29,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 29,
+ "endLine": 29,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 29,
+ "endLine": 29,
+ "startColumn": 104,
+ "endColumn": 117
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 30,
+ "endLine": 30,
+ "startColumn": 7,
+ "endColumn": 15
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 30,
+ "endLine": 30,
+ "startColumn": 7,
+ "endColumn": 20
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 29,
+ "endLine": 29,
+ "startColumn": 99,
+ "endColumn": 102
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 29,
+ "endLine": 29,
+ "startColumn": 94,
+ "endColumn": 98
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/user.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 29,
+ "endLine": 29,
+ "startColumn": 12,
+ "endColumn": 98
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 45,
+ "endLine": 45,
+ "startColumn": 22,
+ "endColumn": 26
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 45,
+ "endLine": 45,
+ "startColumn": 40,
+ "endColumn": 45
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 48,
+ "endLine": 48,
+ "startColumn": 18,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 50,
+ "endLine": 50,
+ "startColumn": 77,
+ "endColumn": 81
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 12,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 50,
+ "endLine": 50,
+ "startColumn": 119,
+ "endColumn": 123
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 13,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 50,
+ "endLine": 50,
+ "startColumn": 61,
+ "endColumn": 138
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 14,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 50,
+ "endLine": 50,
+ "startColumn": 37,
+ "endColumn": 60
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "warning",
+ "message": {
+ "text": "Unsanitized input from data from a remote resource flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[data from a remote resource](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12)",
+ "[bypassSecurityTrustHtml](13)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 43,
+ "endColumn": 66
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "0b74757bb31439faf25f1dcf6062dd282cc8090d43b9d1b69fc44ac6b0c8a0fd",
+ "1": "7921a677.4773f344.607187b5.d7919eeb.ef9f7d82.81760a8a.566b8f28.cde67692.a6348f37.70b638aa.8b18f948.4a954e56.4463c21f.7312b3d3.83265159.a83217da"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 21,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 21,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 18,
+ "endColumn": 31
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 36,
+ "endColumn": 44
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 36,
+ "endColumn": 49
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 13,
+ "endColumn": 16
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 8,
+ "endColumn": 12
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 23,
+ "startColumn": 12,
+ "endColumn": 12
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 62,
+ "endLine": 62,
+ "startColumn": 26,
+ "endColumn": 30
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 62,
+ "endLine": 62,
+ "startColumn": 44,
+ "endColumn": 53
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 64,
+ "endLine": 64,
+ "startColumn": 18,
+ "endColumn": 26
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 67,
+ "endColumn": 75
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 12,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 67,
+ "endColumn": 83
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 13,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/administration/administration.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 43,
+ "endColumn": 66
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "warning",
+ "message": {
+ "text": "Unsanitized input from data from a remote resource flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[data from a remote resource](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12)",
+ "[bypassSecurityTrustHtml](13)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 45,
+ "endColumn": 68
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "33df10f2aa9f160fc2b96996c33d9012491b8540f9ca56f7fdf4557d9edd621d",
+ "1": "cf7733e4.4773f344.ed5da594.a517c54b.ef9f7d82.32f843a3.0b4f0b50.116a0c7b.cf7733e4.eb7d1438.0a3df746.c8688b2b.ab9128a4.32f843a3.83265159.116a0c7b"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/track-order.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/track-order.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/track-order.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 62,
+ "endColumn": 75
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/track-order.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 80,
+ "endColumn": 88
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/track-order.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 57,
+ "endColumn": 60
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/track-order.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 52,
+ "endColumn": 56
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/track-order.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 12,
+ "endColumn": 56
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 39,
+ "endLine": 39,
+ "startColumn": 28,
+ "endColumn": 32
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 39,
+ "endLine": 39,
+ "startColumn": 58,
+ "endColumn": 65
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 78,
+ "endColumn": 85
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 78,
+ "endColumn": 90
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 78,
+ "endColumn": 93
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 12,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 69,
+ "endColumn": 110
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 13,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/track-result/track-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 45,
+ "endColumn": 68
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "warning",
+ "message": {
+ "text": "Unsanitized input from data from a remote resource flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[data from a remote resource](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16)",
+ "[bypassSecurityTrustHtml](17)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 84,
+ "endLine": 84,
+ "startColumn": 47,
+ "endColumn": 70
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "abd4e0bd5997a9d87e6687d628a4a73eccda02a164cbb4bcc2dfc5d0fb62b2ea",
+ "1": "7921a677.4773f344.607187b5.a517c54b.ef9f7d82.81760a8a.566b8f28.cde67692.cf7733e4.3635f48a.d7512ab0.e6336d2f.4463c21f.7312b3d3.83265159.9b5cefb9"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 21,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 21,
+ "startColumn": 22,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 18,
+ "endColumn": 31
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 36,
+ "endColumn": 44
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 36,
+ "endColumn": 49
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 13,
+ "endColumn": 16
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 8,
+ "endColumn": 12
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/feedback.service.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 23,
+ "startColumn": 12,
+ "endColumn": 12
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 80,
+ "endLine": 80,
+ "startColumn": 26,
+ "endColumn": 30
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 80,
+ "endLine": 80,
+ "startColumn": 44,
+ "endColumn": 53
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 81,
+ "endLine": 81,
+ "startColumn": 27,
+ "endColumn": 36
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 83,
+ "endLine": 83,
+ "startColumn": 76,
+ "endColumn": 85
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 12,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 83,
+ "endLine": 83,
+ "startColumn": 117,
+ "endColumn": 126
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 13,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 83,
+ "endLine": 83,
+ "startColumn": 9,
+ "endColumn": 18
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 14,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 84,
+ "endLine": 84,
+ "startColumn": 71,
+ "endColumn": 80
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 15,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 84,
+ "endLine": 84,
+ "startColumn": 71,
+ "endColumn": 83
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 16,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 84,
+ "endLine": 84,
+ "startColumn": 71,
+ "endColumn": 91
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 17,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/about/about.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 84,
+ "endLine": 84,
+ "startColumn": 47,
+ "endColumn": 70
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "warning",
+ "message": {
+ "text": "Unsanitized input from browser storage flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[browser storage](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8)",
+ "[bypassSecurityTrustHtml](9)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 36,
+ "endLine": 36,
+ "startColumn": 43,
+ "endColumn": 66
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "046e16ab4dbfb48a4781c00cff82e58e29672069dc0a150e72aed4b8da04427a",
+ "1": "cf7733e4.4773f344.607187b5.400fd3fd.90100e46.8020cfdf.0b4f0b50.66506c4e.46b7c801.706318d0.86aa5c73.400fd3fd.4463c21f.8020cfdf.cebf5fac.5691ba88"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 32,
+ "endColumn": 39
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 32,
+ "endColumn": 39
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 11,
+ "endColumn": 16
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 32,
+ "endLine": 32,
+ "startColumn": 9,
+ "endColumn": 14
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 33,
+ "endLine": 33,
+ "startColumn": 27,
+ "endColumn": 32
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 33,
+ "endLine": 33,
+ "startColumn": 17,
+ "endColumn": 26
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 34,
+ "endLine": 34,
+ "startColumn": 11,
+ "endColumn": 18
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 34,
+ "endLine": 34,
+ "startColumn": 11,
+ "endColumn": 23
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 36,
+ "endLine": 36,
+ "startColumn": 67,
+ "endColumn": 111
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/last-login-ip/last-login-ip.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 36,
+ "endLine": 36,
+ "startColumn": 43,
+ "endColumn": 66
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from cookies flows into send, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[cookies](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15)",
+ "[send](16)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 15,
+ "endColumn": 19
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "00ca59a0355087ec9f0affdc8fd90a7dbbdf6f4a31f3c55a053e5028fc1fc577",
+ "1": "839b1d0f.4773f344.a32ed1a1.d7919eeb.ef9f7d82.8020cfdf.cd61fc56.2f05c567.dca15045.6b0b4bb5.81f55990.4ee3cf31.cca38dbc.34a4d81a.0334236c.2f05c567"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 24,
+ "endLine": 24,
+ "startColumn": 64,
+ "endColumn": 71
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 24,
+ "endLine": 24,
+ "startColumn": 64,
+ "endColumn": 71
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 24,
+ "endLine": 24,
+ "startColumn": 60,
+ "endColumn": 71
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 24,
+ "endLine": 24,
+ "startColumn": 56,
+ "endColumn": 59
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 24,
+ "endLine": 24,
+ "startColumn": 13,
+ "endColumn": 25
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 11,
+ "endColumn": 23
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 26,
+ "endLine": 26,
+ "startColumn": 28,
+ "endColumn": 40
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 26,
+ "endLine": 26,
+ "startColumn": 28,
+ "endColumn": 45
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 26,
+ "endLine": 26,
+ "startColumn": 19,
+ "endColumn": 27
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 26,
+ "endLine": 26,
+ "startColumn": 56,
+ "endColumn": 78
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 28,
+ "endLine": 28,
+ "startColumn": 26,
+ "endColumn": 30
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 47,
+ "endLine": 47,
+ "startColumn": 69,
+ "endColumn": 73
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 12,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 57,
+ "endLine": 57,
+ "startColumn": 41,
+ "endColumn": 45
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 13,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 59,
+ "endLine": 59,
+ "startColumn": 82,
+ "endColumn": 86
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 14,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 23,
+ "endColumn": 27
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 15,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 20,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 16,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 65,
+ "endLine": 65,
+ "startColumn": 15,
+ "endColumn": 19
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 804,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from an HTTP parameter flows into send, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[an HTTP parameter](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10)",
+ "[send](11)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 16,
+ "endColumn": 20
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "ca83cad0f9e3992c2cdcd287969b4fe89bf3906a312dc6b114fcfaead4419687",
+ "1": "716f11c4.4773f344.cae2544c.289fcdd5.d3562abd.8020cfdf.83265159.2f05c567.9dc2a0d3.706318d0.cae2544c.289fcdd5.79a7d027.f8890b3c.0334236c.e6930396"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 14,
+ "endLine": 14,
+ "startColumn": 26,
+ "endColumn": 32
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 14,
+ "endLine": 14,
+ "startColumn": 26,
+ "endColumn": 32
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 14,
+ "endLine": 14,
+ "startColumn": 22,
+ "endColumn": 32
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 14,
+ "endLine": 14,
+ "startColumn": 16,
+ "endColumn": 21
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 14,
+ "endLine": 14,
+ "startColumn": 7,
+ "endColumn": 9
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 13,
+ "endLine": 13,
+ "startColumn": 5,
+ "endColumn": 10
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 12,
+ "endLine": 12,
+ "startColumn": 16,
+ "endColumn": 23
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 12,
+ "endColumn": 19
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 45,
+ "endColumn": 52
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 27,
+ "endColumn": 44
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 21,
+ "endColumn": 44
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/recycles.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 16,
+ "endColumn": 20
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 754,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/XSS",
+ "ruleIndex": 0,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from an HTTP parameter flows into bypassSecurityTrustHtml, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS).",
+ "arguments": [
+ "[an HTTP parameter](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8)",
+ "[bypassSecurityTrustHtml](9)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 151,
+ "endLine": 151,
+ "startColumn": 41,
+ "endColumn": 64
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "22e73eee0efe2f75ab91d1b6197fcb36ca60a94dd923daf4398205d4bd5ac2f4",
+ "1": "b7602041.4773f344.607187b5.c484ae4b.ef9f7d82.8020cfdf.ea235696.cde67692.1f17e802.b6e32c83.72aa1700.c484ae4b.4463c21f.33e93315.ca2eca62.5b5a306a"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 144,
+ "endLine": 144,
+ "startColumn": 62,
+ "endColumn": 63
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 144,
+ "endLine": 144,
+ "startColumn": 62,
+ "endColumn": 63
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 144,
+ "endLine": 144,
+ "startColumn": 9,
+ "endColumn": 27
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 145,
+ "endLine": 145,
+ "startColumn": 9,
+ "endColumn": 19
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 146,
+ "endLine": 146,
+ "startColumn": 20,
+ "endColumn": 30
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 146,
+ "endLine": 146,
+ "startColumn": 31,
+ "endColumn": 35
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 148,
+ "endLine": 148,
+ "startColumn": 58,
+ "endColumn": 68
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 150,
+ "endLine": 150,
+ "startColumn": 32,
+ "endColumn": 42
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 151,
+ "endLine": 151,
+ "startColumn": 65,
+ "endColumn": 75
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/search-result/search-result.component.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 151,
+ "endLine": 151,
+ "startColumn": 41,
+ "endColumn": 64
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 754,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 73,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "05062c87dc99cecece6ca2e0dcc2ca2534249be1f78e70af6121ef577079ec8c",
+ "1": "4923bf76.4773f344.8b8d7a0c.c559ebce.fd1fa73f.5eabb05b.83265159.3cee0341.c3f8dfad.b6e32c83.4937536e.4f83689a.fd1fa73f.cb9c4e89.83265159.b325124d"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 21,
+ "endLine": 73,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/userProfile.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 8,
+ "endColumn": 16
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/videoHandler.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 19,
+ "endLine": 47,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "625211daf741757913e91df57456e491e76d32baae2aa31b7324a621e8720991",
+ "1": "4923bf76.9c6e2949.8b18f948.c559ebce.fd1fa73f.5eabb05b.83265159.be9bb487.1db69a21.b6e32c83.8b18f948.c559ebce.c2cde80a.2da1a176.83265159.041df0b3"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/videoHandler.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 19,
+ "endLine": 47,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/videoHandler.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 29,
+ "endLine": 29,
+ "startColumn": 23,
+ "endColumn": 39
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/videoHandler.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 51,
+ "endLine": 72,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "9754d33d2c25b45e7b1d70df4c2aa0dac731bdf5e9908e2a58e5b5c245eb4d2d",
+ "1": "4923bf76.4773f344.8b8d7a0c.c559ebce.fd1fa73f.5eabb05b.83265159.3cee0341.c3f8dfad.b6e32c83.a32ed1a1.4f83689a.fd1fa73f.cb9c4e89.83265159.b325124d"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/videoHandler.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 51,
+ "endLine": 72,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/videoHandler.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 52,
+ "endLine": 52,
+ "startColumn": 8,
+ "endColumn": 16
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/easterEgg.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 13,
+ "endLine": 16,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "b2a03956040ab16ee56bbb15c3048b7527a6ed4334dec2935c6ecff64499a1d1",
+ "1": "4923bf76.4773f344.8b8d7a0c.c559ebce.fd1fa73f.5eabb05b.83265159.3cee0341.87ba341e.b6e32c83.4937536e.c559ebce.fd1fa73f.cb9c4e89.83265159.041df0b3"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/easterEgg.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 13,
+ "endLine": 16,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/easterEgg.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 15,
+ "endLine": 15,
+ "startColumn": 9,
+ "endColumn": 17
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/dataErasure.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 45,
+ "startColumn": 17,
+ "endColumn": 2
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "fa2757c8d403548a54f45a6bdca7867a0a28107f4bd2a9fcb9ecf18200f9053b",
+ "1": "92e26ef2.4773f344.8b18f948.c559ebce.fd1fa73f.5fce695c.83265159.89d75565.92e26ef2.b6e32c83.8b18f948.c559ebce.fd1fa73f.5fce695c.83265159.89d75565"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/dataErasure.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 45,
+ "startColumn": 17,
+ "endColumn": 2
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/dataErasure.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 9,
+ "endColumn": 15
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/dataErasure.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 54,
+ "endLine": 94,
+ "startColumn": 18,
+ "endColumn": 2
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "d99bbb6f4fb9f46875c66e28d01504c628074d304504c645efae8ae129582793",
+ "1": "92e26ef2.4773f344.aa4dda5f.c559ebce.fd1fa73f.5fce695c.83265159.89d75565.92e26ef2.4773f344.782a8fc0.c559ebce.fd1fa73f.5fce695c.83265159.29e8dc3a"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/dataErasure.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 54,
+ "endLine": 94,
+ "startColumn": 18,
+ "endColumn": 2
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/dataErasure.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 87,
+ "endLine": 87,
+ "startColumn": 11,
+ "endColumn": 17
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/privacyPolicyProof.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 13,
+ "endLine": 16,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "520b030a888a2b60aae83aed160b919d30cba715196707e27f44902cde0ce139",
+ "1": "4923bf76.4773f344.8b8d7a0c.c559ebce.fd1fa73f.5eabb05b.83265159.3cee0341.87ba341e.b6e32c83.4937536e.c559ebce.0cc54b27.cb9c4e89.83265159.041df0b3"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/privacyPolicyProof.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 13,
+ "endLine": 16,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/privacyPolicyProof.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 15,
+ "endLine": 15,
+ "startColumn": 9,
+ "endColumn": 17
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/languages.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 11,
+ "endLine": 73,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "a915535c27c481c411594f05b4cc1789b3c7fd1aab9eb6ed7f5481f5f09819aa",
+ "1": "099c30d7.9c6e2949.8b18f948.c559ebce.fd1fa73f.5eabb05b.83265159.be9bb487.c3f8dfad.b6e32c83.eff3b32f.4f83689a.fd1fa73f.becd9ff1.83265159.b325124d"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/languages.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 11,
+ "endLine": 73,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/languages.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 8,
+ "endColumn": 16
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/vulnCodeSnippet.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 74,
+ "endLine": 120,
+ "startColumn": 32,
+ "endColumn": 2
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "1ebeb3f1c81c0895045bb35313f554f9bb3a4e401174286d3cea92b114b61390",
+ "1": "e7d2421a.9c6e2949.8b18f948.c559ebce.fd1fa73f.8020cfdf.83265159.33454e9d.e7d2421a.b6e32c83.7b031cb3.c559ebce.474b452e.becd9ff1.7b7de394.33454e9d"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/vulnCodeSnippet.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 74,
+ "endLine": 120,
+ "startColumn": 32,
+ "endColumn": 2
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/vulnCodeSnippet.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 94,
+ "endLine": 94,
+ "startColumn": 47,
+ "endColumn": 59
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/vulnCodeFixes.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 69,
+ "endLine": 98,
+ "startColumn": 38,
+ "endColumn": 2
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "3dd9cd9cc4132d9c049a111fb70a9078126d4563e444f1183c14c11e44b6457d",
+ "1": "a5aeea87.9c6e2949.8b18f948.c559ebce.fd1fa73f.5eabb05b.83265159.67311e43.a05cdd83.b6e32c83.7b031cb3.c559ebce.3a08f0d2.becd9ff1.7b7de394.6de01bb2"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/vulnCodeFixes.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 69,
+ "endLine": 98,
+ "startColumn": 38,
+ "endColumn": 2
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/vulnCodeFixes.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 80,
+ "endLine": 80,
+ "startColumn": 46,
+ "endColumn": 61
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 554,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoRateLimitingForExpensiveWebOperation",
+ "ruleIndex": 1,
+ "level": "warning",
+ "message": {
+ "text": "This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "markdown": "This {0} performs {1} and does not use a rate-limiting mechanism. It may enable the attackers to perform Denial-of-service attacks. Consider using a rate-limiting middleware such as express-limit.",
+ "arguments": [
+ "[endpoint handler](0)",
+ "[a file system operation](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/premiumReward.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 13,
+ "endLine": 16,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "7c5bd04663f7f2d99a5b4a2306e5c5879f1dbb72ab7f55bd60d48380ef3b7d88",
+ "1": "4923bf76.4773f344.8b8d7a0c.c559ebce.fd1fa73f.5eabb05b.83265159.3cee0341.40bc0bae.b6e32c83.4937536e.c559ebce.fd1fa73f.cb9c4e89.83265159.041df0b3"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/premiumReward.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 13,
+ "endLine": 16,
+ "startColumn": 10,
+ "endColumn": 4
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/premiumReward.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 15,
+ "endLine": 15,
+ "startColumn": 9,
+ "endColumn": 17
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 504,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/Ssrf",
+ "ruleIndex": 2,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from the HTTP request body flows into request.get, where it is used as an URL to perform a request. This may result in a Server-Side Request Forgery vulnerability.",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used as an URL to perform a request. This may result in a Server-Side Request Forgery vulnerability.",
+ "arguments": [
+ "[the HTTP request body](0)",
+ "[flows](1),(2),(3),(4),(5)",
+ "[request.get](6)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 23,
+ "startColumn": 30,
+ "endColumn": 15
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "aac46065ef2da0fd582140907a91ceb700478885678eb2514bd6be88f423f1a6",
+ "1": "dca15045.70dd3b3b.568208f0.d7919eeb.79a7d027.98c7c24d.df7e59ba.377cd288.6849fe68.b6e32c83.568208f0.08906714.79a7d027.98c7c24d.83265159.a41fb358"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 13,
+ "endColumn": 17
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 13,
+ "endColumn": 17
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 9,
+ "endColumn": 17
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 13,
+ "endColumn": 16
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 19,
+ "endLine": 19,
+ "startColumn": 11,
+ "endColumn": 14
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 16,
+ "endColumn": 19
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/profileImageUrlUpload.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 23,
+ "startColumn": 30,
+ "endColumn": 15
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 801,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoHardcodedPasswords",
+ "ruleIndex": 3,
+ "level": "warning",
+ "message": {
+ "text": "Do not hardcode passwords in code. Found hardcoded password used in password.",
+ "markdown": "Do not hardcode passwords in code. Found hardcoded password used in {0}.",
+ "arguments": [
+ "[password](0)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/oauth/oauth.component.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 85,
+ "endLine": 85,
+ "startColumn": 77,
+ "endColumn": 85
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "16d5be7628d45f333c93c4c34719773cffc76c5cabb20bb1b6d24012894f7656",
+ "1": "12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.8030ba4b.12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.8030ba4b"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/oauth/oauth.component.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 85,
+ "endLine": 85,
+ "startColumn": 77,
+ "endColumn": 85
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 552,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoHardcodedPasswords",
+ "ruleIndex": 3,
+ "level": "warning",
+ "message": {
+ "text": "Do not hardcode passwords in code. Found hardcoded password used in password.",
+ "markdown": "Do not hardcode passwords in code. Found hardcoded password used in {0}.",
+ "arguments": [
+ "[password](0)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/oauth/oauth.component.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 92,
+ "endLine": 92,
+ "startColumn": 78,
+ "endColumn": 86
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "b203dbff1fae69efd59c7816d07b9e61017893371f623e6d5194e53e6182022a",
+ "1": "12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.8030ba4b.12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.8030ba4b"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/oauth/oauth.component.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 92,
+ "endLine": 92,
+ "startColumn": 78,
+ "endColumn": 86
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 552,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoHardcodedPasswords",
+ "ruleIndex": 3,
+ "level": "warning",
+ "message": {
+ "text": "Do not hardcode passwords in code. Found hardcoded password used in password.",
+ "markdown": "Do not hardcode passwords in code. Found hardcoded password used in {0}.",
+ "arguments": [
+ "[password](0)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/two-factor-auth-service.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 64,
+ "endLine": 64,
+ "startColumn": 42,
+ "endColumn": 50
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "053124f7de915c72b62680448fa0dae1376075b94155babf06de21d09e516311",
+ "1": "12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.1a479e39.12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.1a479e39"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/two-factor-auth-service.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 64,
+ "endLine": 64,
+ "startColumn": 42,
+ "endColumn": 50
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 552,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoHardcodedPasswords",
+ "ruleIndex": 3,
+ "level": "warning",
+ "message": {
+ "text": "Do not hardcode passwords in code. Found hardcoded password used in password.",
+ "markdown": "Do not hardcode passwords in code. Found hardcoded password used in {0}.",
+ "arguments": [
+ "[password](0)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/two-factor-auth-service.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 80,
+ "endLine": 80,
+ "startColumn": 42,
+ "endColumn": 50
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "0ae497be512b556e109e19c0440dda3c97f83bc158078bfb8ffa858e573ce203",
+ "1": "12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.1a479e39.12567ef6.4773f344.bd65d204.e052b9a9.79a7d027.fcf3002d.ce4a9d89.1a479e39"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/Services/two-factor-auth-service.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 80,
+ "endLine": 80,
+ "startColumn": 42,
+ "endColumn": 50
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 552,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoHardcodedPasswords",
+ "ruleIndex": 3,
+ "level": "warning",
+ "message": {
+ "text": "Do not hardcode passwords in code. Found hardcoded password used in passwordRepeat.",
+ "markdown": "Do not hardcode passwords in code. Found hardcoded password used in {0}.",
+ "arguments": [
+ "[passwordRepeat](0)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/oauth/oauth.component.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 85,
+ "endLine": 85,
+ "startColumn": 111,
+ "endColumn": 125
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "16d5be7628d45f333c93c4c34719773cffc76c5cabb20bb1b6d24012894f7656",
+ "1": "12567ef6.4773f344.607187b5.e052b9a9.79a7d027.fcf3002d.52789fac.8030ba4b.12567ef6.4773f344.607187b5.e052b9a9.79a7d027.fcf3002d.52789fac.8030ba4b"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "frontend/src/app/oauth/oauth.component.spec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 85,
+ "endLine": 85,
+ "startColumn": 111,
+ "endColumn": 125
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 552,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoSqli",
+ "ruleIndex": 4,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from the HTTP request body flows into findOne, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "arguments": [
+ "[the HTTP request body](0)",
+ "[flows](1),(2),(3),(4),(5),(6)",
+ "[findOne](7)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 16,
+ "endColumn": 23
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "d3e6d95802bfa65cdee1cc840eda6a7b8422f24962e436dd01730e6116e317ec",
+ "1": "93652555.4773f344.07efaa4d.9163ada2.ef9f7d82.34a4d81a.df7e59ba.d66579bf.f759b1f9.b6e32c83.07efaa4d.08906714.79a7d027.34a4d81a.0334236c.2151aa9e"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 16,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 11,
+ "endColumn": 13
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 31,
+ "endColumn": 33
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 26,
+ "endColumn": 29
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 24,
+ "endColumn": 35
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 16,
+ "endColumn": 23
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 802,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoSqli",
+ "ruleIndex": 4,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from the HTTP request body flows into findOne, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "arguments": [
+ "[the HTTP request body](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10)",
+ "[findOne](11)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 28,
+ "endColumn": 35
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "508ff7c452d0f0a821d3efbddf9c8ead6c964f813b9ead52ee2ebfe4882ee5f0",
+ "1": "93652555.4773f344.07efaa4d.9163ada2.ef9f7d82.34a4d81a.df7e59ba.d66579bf.f759b1f9.b6e32c83.07efaa4d.08906714.79a7d027.34a4d81a.0334236c.2151aa9e"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 16,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 11,
+ "endColumn": 13
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 31,
+ "endColumn": 33
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 26,
+ "endColumn": 29
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 20,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 15,
+ "endColumn": 18
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 43,
+ "endColumn": 45
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 38,
+ "endColumn": 41
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 36,
+ "endColumn": 47
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 28,
+ "endColumn": 35
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 802,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoSqli",
+ "ruleIndex": 4,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from the HTTP request body flows into update, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "arguments": [
+ "[the HTTP request body](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8)",
+ "[update](9)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 24,
+ "endLine": 24,
+ "startColumn": 22,
+ "endColumn": 28
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "98c5e37129708b191ac56a1b1984e16a6f40c2e8df534ee7935629794fa5db85",
+ "1": "12567ef6.4773f344.607187b5.9163ada2.ef9f7d82.34a4d81a.df7e59ba.d66579bf.f759b1f9.b6e32c83.07efaa4d.08906714.79a7d027.34a4d81a.0334236c.2151aa9e"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 16,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 11,
+ "endColumn": 13
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 31,
+ "endColumn": 33
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 26,
+ "endColumn": 29
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 20,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 15,
+ "endColumn": 18
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 13,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 24,
+ "endLine": 24,
+ "startColumn": 22,
+ "endColumn": 28
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 802,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoSqli",
+ "ruleIndex": 4,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from the HTTP request body flows into update, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "arguments": [
+ "[the HTTP request body](0)",
+ "[flows](1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12)",
+ "[update](13)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 30,
+ "endColumn": 36
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "cd257a65b7a12c252af31b0293deb39e45738a460da8fd9dbaba89db52b4a305",
+ "1": "12567ef6.4773f344.607187b5.9163ada2.ef9f7d82.34a4d81a.df7e59ba.d66579bf.f759b1f9.b6e32c83.07efaa4d.08906714.79a7d027.34a4d81a.0334236c.2151aa9e"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 20,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 16,
+ "endColumn": 24
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 16,
+ "endLine": 16,
+ "startColumn": 11,
+ "endColumn": 13
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 31,
+ "endColumn": 33
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 26,
+ "endColumn": 29
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 6,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 20,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 7,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 25,
+ "endLine": 25,
+ "startColumn": 15,
+ "endColumn": 18
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 8,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 43,
+ "endColumn": 45
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 9,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 31,
+ "endLine": 31,
+ "startColumn": 38,
+ "endColumn": 41
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 10,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 42,
+ "endLine": 42,
+ "startColumn": 28,
+ "endColumn": 30
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 11,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 42,
+ "endLine": 42,
+ "startColumn": 23,
+ "endColumn": 26
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 12,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 42,
+ "endLine": 42,
+ "startColumn": 21,
+ "endColumn": 32
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 13,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/likeProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 41,
+ "endLine": 41,
+ "startColumn": 30,
+ "endColumn": 36
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 802,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoSqli",
+ "ruleIndex": 4,
+ "level": "error",
+ "message": {
+ "text": "Unsanitized input from the HTTP request body flows into update, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "markdown": "Unsanitized input from {0} {1} into {2}, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.",
+ "arguments": [
+ "[the HTTP request body](0)",
+ "[flows](1),(2),(3),(4)",
+ "[update](5)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/updateProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 16,
+ "endColumn": 22
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "403a9b0a3b2d6ed8a1f613645a03631613f8380c2f8e8a86d83422a2f70b66bf",
+ "1": "12567ef6.4773f344.607187b5.9163ada2.ef9f7d82.34a4d81a.df7e59ba.d66579bf.f759b1f9.b6e32c83.2d2c7aff.08906714.79a7d027.34a4d81a.0334236c.2151aa9e"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/updateProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 18,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/updateProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 18,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 2,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/updateProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 14,
+ "endColumn": 22
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 3,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/updateProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 9,
+ "endColumn": 12
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 4,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/updateProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 18,
+ "endLine": 18,
+ "startColumn": 7,
+ "endColumn": 27
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 5,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/updateProductReviews.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 17,
+ "endLine": 17,
+ "startColumn": 16,
+ "endColumn": 22
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 752,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/HardcodedSecret/test",
+ "ruleIndex": 5,
+ "level": "note",
+ "message": {
+ "text": "Hardcoded value is used as a cipher key (in jsonwebtoken.#default.sign). Generate the value with a cryptographically strong random number generator and do not hardcode it in source code.",
+ "markdown": "Hardcoded {0} is used as a {1}. Generate the value with a cryptographically strong random number generator and do not hardcode it in source code.",
+ "arguments": [
+ "[value](0)",
+ "[cipher key (in jsonwebtoken.#default.sign)](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "test/api/2faSpec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 149,
+ "endLine": 149,
+ "startColumn": 8,
+ "endColumn": 39
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "8927f4670c679414a5cdfb3bd6bff6b363ce47acae79bd92803aa7e46f9f21a7",
+ "1": "20326186.4773f344.8b18f948.d7919eeb.79a7d027.8020cfdf.df938d4d.45cbaa21.20326186.4773f344.8b18f948.d7919eeb.79a7d027.8020cfdf.df938d4d.45cbaa21"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "test/api/2faSpec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 149,
+ "endLine": 149,
+ "startColumn": 8,
+ "endColumn": 39
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "test/api/2faSpec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 146,
+ "endLine": 146,
+ "startColumn": 35,
+ "endColumn": 39
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 401,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/JwtDecodeMethod",
+ "ruleIndex": 6,
+ "level": "warning",
+ "message": {
+ "text": "A JWT decode() method is used that decodes the token but does not check its validity or integrity. If the JWT has originated from an untrusted source, decoded data could be crafted by an attacker and should not be considered safe to use or process within the application. Always use JWT verification methods to validate the structure and integrity of a token.",
+ "markdown": "A JWT decode() method is used that decodes the token but does not check its validity or integrity. If the JWT has originated from an untrusted source, decoded data could be crafted by an attacker and should not be considered safe to use or process within the application. Always use JWT verification methods to validate the structure and integrity of a token.",
+ "arguments": []
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/verify.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 113,
+ "endLine": 113,
+ "startColumn": 41,
+ "endColumn": 51
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "ba26f4ebc04a19051e00a5ec819e920845ad080a17d8b484b364ecce02b640bf",
+ "1": "46b7c801.4773f344.0f22609d.72a8f743.ef9f7d82.8020cfdf.ea4b1c47.ae94f388.46b7c801.4773f344.0f22609d.72a8f743.ef9f7d82.8020cfdf.ea4b1c47.ae94f388"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "routes/verify.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 113,
+ "endLine": 113,
+ "startColumn": 41,
+ "endColumn": 51
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 301,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "hotFileCodeFlow"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/HardcodedNonCryptoSecret",
+ "ruleIndex": 7,
+ "level": "error",
+ "message": {
+ "text": "Avoid hardcoding values that are meant to be secret. Found a hardcoded string used in here.",
+ "markdown": "Avoid hardcoding values that are meant to be secret. Found {0} used in {1}.",
+ "arguments": [
+ "[a hardcoded string](0)",
+ "[here](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 54,
+ "endLine": 54,
+ "startColumn": 49,
+ "endColumn": 55
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "ce76473d8a0de12d7deba29848fec2332cc17798cae52436f64242dd341b6ba2",
+ "1": "46b7c801.4773f344.607187b5.72a8f743.79a7d027.a47a18e2.dd02ad61.ae94f388.46b7c801.dd1130f5.8b18f948.61d81d8d.79a7d027.a47a18e2.468bb5d4.ae94f388"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 83,
+ "endColumn": 107
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 54,
+ "endLine": 54,
+ "startColumn": 49,
+ "endColumn": 55
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 801,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/HardcodedSecret",
+ "ruleIndex": 8,
+ "level": "error",
+ "message": {
+ "text": "Hardcoded value is used as a cipher key (in jsonwebtoken.#default.verify). Generate the value with a cryptographically strong random number generator and do not hardcode it in source code.",
+ "markdown": "Hardcoded {0} is used as a {1}. Generate the value with a cryptographically strong random number generator and do not hardcode it in source code.",
+ "arguments": [
+ "[value](0)",
+ "[cipher key (in jsonwebtoken.#default.verify)](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 83,
+ "endColumn": 107
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "bd0cbcaad32d2a689a2b613cc191c8bd05eed93dbb3584632c7192475e3b7c61",
+ "1": "fc3065be.4773f344.8b18f948.61d81d8d.ef9f7d82.a47a18e2.468bb5d4.ae94f388.46b7c801.4773f344.8b18f948.61d81d8d.4c40509c.f30cf624.468bb5d4.ae94f388"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 22,
+ "endLine": 22,
+ "startColumn": 83,
+ "endColumn": 107
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 197,
+ "endLine": 197,
+ "startColumn": 9,
+ "endColumn": 15
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 802,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/HardcodedSecret",
+ "ruleIndex": 8,
+ "level": "error",
+ "message": {
+ "text": "Hardcoded value is used as a cipher key (in crypto.#default.createHmac). Generate the value with a cryptographically strong random number generator and do not hardcode it in source code.",
+ "markdown": "Hardcoded {0} is used as a {1}. Generate the value with a cryptographically strong random number generator and do not hardcode it in source code.",
+ "arguments": [
+ "[value](0)",
+ "[cipher key (in crypto.#default.createHmac)](1)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 20,
+ "endColumn": 902
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "505b93a244fdf2552034cc5341be6bf71983ed87f9dc70780fe2589154471256",
+ "1": "ae77ea27.4773f344.8b18f948.d7919eeb.feee7bcb.5fce695c.c8cd882a.89d75565.839b1d0f.4773f344.191eaf2b.3b7658bb.ac82cb7b.5fce695c.c8cd882a.71520ffe"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 23,
+ "endLine": 23,
+ "startColumn": 20,
+ "endColumn": 902
+ }
+ }
+ }
+ },
+ {
+ "location": {
+ "id": 1,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "lib/insecurity.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 158,
+ "endLine": 158,
+ "startColumn": 23,
+ "endColumn": 33
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 802,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoHardcodedCredentials/test",
+ "ruleIndex": 21,
+ "level": "note",
+ "message": {
+ "text": "Do not hardcode credentials in code. Found hardcoded credential used in register.",
+ "markdown": "Do not hardcode credentials in code. Found hardcoded credential used in {0}.",
+ "arguments": [
+ "[register](0)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "test/api/2faSpec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 396,
+ "endLine": 396,
+ "startColumn": 22,
+ "endColumn": 27
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "0df952e0c180c52854d6919b014e50ddb8fb548cc6cc101fcee86385a5618e7b",
+ "1": "306348b3.4773f344.607187b5.d7919eeb.79a7d027.f7edcf51.d79c4c07.382555c6.6bb676bb.4773f344.c9330245.d7919eeb.ff08c1e7.5fce695c.d79c4c07.d85bc50f"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "test/api/2faSpec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 396,
+ "endLine": 396,
+ "startColumn": 11,
+ "endColumn": 19
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 417,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ },
+ {
+ "ruleId": "javascript/NoHardcodedCredentials/test",
+ "ruleIndex": 21,
+ "level": "note",
+ "message": {
+ "text": "Do not hardcode credentials in code. Found hardcoded credential used in register.",
+ "markdown": "Do not hardcode credentials in code. Found hardcoded credential used in {0}.",
+ "arguments": [
+ "[register](0)"
+ ]
+ },
+ "locations": [
+ {
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "test/api/2faSpec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 433,
+ "endLine": 433,
+ "startColumn": 22,
+ "endColumn": 27
+ }
+ }
+ }
+ ],
+ "fingerprints": {
+ "0": "406af9b904e9b91700eb515b87979a86e7495640b3957ab2b0782b44aa4fbc0e",
+ "1": "306348b3.4773f344.607187b5.d7919eeb.79a7d027.f7edcf51.d79c4c07.382555c6.6bb676bb.4773f344.c9330245.d7919eeb.ff08c1e7.5fce695c.d79c4c07.d85bc50f"
+ },
+ "codeFlows": [
+ {
+ "threadFlows": [
+ {
+ "locations": [
+ {
+ "location": {
+ "id": 0,
+ "physicalLocation": {
+ "artifactLocation": {
+ "uri": "test/api/2faSpec.ts",
+ "uriBaseId": "%SRCROOT%"
+ },
+ "region": {
+ "startLine": 433,
+ "endLine": 433,
+ "startColumn": 11,
+ "endColumn": 19
+ }
+ }
+ }
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "properties": {
+ "priorityScore": 417,
+ "priorityScoreFactors": [
+ {
+ "label": true,
+ "type": "multipleOccurrence"
+ },
+ {
+ "label": true,
+ "type": "hotFileSource"
+ },
+ {
+ "label": true,
+ "type": "fixExamples"
+ }
+ ],
+ "isAutofixable": false
+ }
+ }
+ ],
+ "properties": {
+ "coverage": [
+ {
+ "isSupported": true,
+ "lang": "JavaScript",
+ "files": 15,
+ "type": "SUPPORTED"
+ },
+ {
+ "isSupported": true,
+ "lang": "TypeScript",
+ "files": 536,
+ "type": "SUPPORTED"
+ },
+ {
+ "isSupported": true,
+ "lang": "XML",
+ "files": 5,
+ "type": "SUPPORTED"
+ },
+ {
+ "isSupported": true,
+ "lang": "HTML",
+ "files": 75,
+ "type": "SUPPORTED"
+ },
+ {
+ "isSupported": true,
+ "lang": "Python",
+ "files": 3,
+ "type": "SUPPORTED"
+ },
+ {
+ "isSupported": false,
+ "lang": "TypeScript",
+ "files": 35,
+ "type": "FAILED_PARSING"
+ },
+ {
+ "isSupported": false,
+ "lang": "XML",
+ "files": 2,
+ "type": "FAILED_PARSING"
+ }
+ ]
+ }
+ }
+ ]
+ }
+
\ No newline at end of file
diff --git a/unittests/scans/snyk/snykcontainer_issue_9270.json b/unittests/scans/snyk/snykcontainer_issue_9270.json
new file mode 100644
index 00000000000..0cc8316fbab
--- /dev/null
+++ b/unittests/scans/snyk/snykcontainer_issue_9270.json
@@ -0,0 +1,4041 @@
+{
+ "vulnerabilities": [
+ {
+ "id": "SNYK-DEBIAN11-GCC10-5901313",
+ "cpes": [],
+ "title": "CVE-2023-4039",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 4.8,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4039",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4039"
+ },
+ {
+ "url": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64",
+ "title": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64"
+ },
+ {
+ "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf",
+ "title": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "SUSE",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 8.1,
+ "modificationTime": "2023-09-20T11:09:16.812999Z"
+ },
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-09-15T01:10:52.576715Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-11-08T09:43:38.403520Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `gcc-10` package and not the `gcc-10` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\n\n\nA failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.\n\n\n\n\n\n\n## Remediation\nThere is no fixed version for `Debian:11` `gcc-10`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4039)\n- [arm-security@arm.com](https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64)\n- [arm-security@arm.com](https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf)\n",
+ "epssDetails": {
+ "percentile": "0.14414",
+ "probability": "0.00046",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4039"
+ ],
+ "CWE": [],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "gcc-10",
+ "creationTime": "2023-09-14T00:55:43.720861Z",
+ "disclosureTime": "2023-09-13T09:15:15.690000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-14T00:54:21.518198Z",
+ "modificationTime": "2023-11-08T09:43:38.403520Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "gcc-10/libgcc-s1@10.2.1-6"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "gcc-10/libgcc-s1",
+ "version": "10.2.1-6"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GCC10-5901313",
+ "cpes": [],
+ "title": "CVE-2023-4039",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 4.8,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4039",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4039"
+ },
+ {
+ "url": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64",
+ "title": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64"
+ },
+ {
+ "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf",
+ "title": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "SUSE",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 8.1,
+ "modificationTime": "2023-09-20T11:09:16.812999Z"
+ },
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-09-15T01:10:52.576715Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-11-08T09:43:38.403520Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `gcc-10` package and not the `gcc-10` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\n\n\nA failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.\n\n\n\n\n\n\n## Remediation\nThere is no fixed version for `Debian:11` `gcc-10`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4039)\n- [arm-security@arm.com](https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64)\n- [arm-security@arm.com](https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf)\n",
+ "epssDetails": {
+ "percentile": "0.14414",
+ "probability": "0.00046",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4039"
+ ],
+ "CWE": [],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "gcc-10",
+ "creationTime": "2023-09-14T00:55:43.720861Z",
+ "disclosureTime": "2023-09-13T09:15:15.690000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-14T00:54:21.518198Z",
+ "modificationTime": "2023-11-08T09:43:38.403520Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "gcc-10/libstdc++6@10.2.1-6",
+ "gcc-10/libgcc-s1@10.2.1-6"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "gcc-10/libgcc-s1",
+ "version": "10.2.1-6"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GCC10-5901313",
+ "cpes": [],
+ "title": "CVE-2023-4039",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 4.8,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4039",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4039"
+ },
+ {
+ "url": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64",
+ "title": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64"
+ },
+ {
+ "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf",
+ "title": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "SUSE",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 8.1,
+ "modificationTime": "2023-09-20T11:09:16.812999Z"
+ },
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-09-15T01:10:52.576715Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-11-08T09:43:38.403520Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `gcc-10` package and not the `gcc-10` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\n\n\nA failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.\n\n\n\n\n\n\n## Remediation\nThere is no fixed version for `Debian:11` `gcc-10`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4039)\n- [arm-security@arm.com](https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64)\n- [arm-security@arm.com](https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf)\n",
+ "epssDetails": {
+ "percentile": "0.14414",
+ "probability": "0.00046",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4039"
+ ],
+ "CWE": [],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "gcc-10",
+ "creationTime": "2023-09-14T00:55:43.720861Z",
+ "disclosureTime": "2023-09-13T09:15:15.690000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-14T00:54:21.518198Z",
+ "modificationTime": "2023-11-08T09:43:38.403520Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "gcc-10/libgomp1@10.2.1-6"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "gcc-10/libgomp1",
+ "version": "10.2.1-6"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GCC10-5901313",
+ "cpes": [],
+ "title": "CVE-2023-4039",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 4.8,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4039",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4039"
+ },
+ {
+ "url": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64",
+ "title": "https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64"
+ },
+ {
+ "url": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf",
+ "title": "https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "SUSE",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 8.1,
+ "modificationTime": "2023-09-20T11:09:16.812999Z"
+ },
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-09-15T01:10:52.576715Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 4.8,
+ "modificationTime": "2023-11-08T09:43:38.403520Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `gcc-10` package and not the `gcc-10` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\n\n\nA failure in the -fstack-protector feature in GCC-based toolchains \nthat target AArch64 allows an attacker to exploit an existing buffer \noverflow in dynamically-sized local variables in your application \nwithout this being detected. This stack-protector failure only applies \nto C99-style dynamically-sized local variables or those created using \nalloca(). The stack-protector operates as intended for statically-sized \nlocal variables.\n\nThe default behavior when the stack-protector \ndetects an overflow is to terminate your application, resulting in \ncontrolled loss of availability. An attacker who can exploit a buffer \noverflow without triggering the stack-protector might be able to change \nprogram flow control to cause an uncontrolled loss of availability or to\n go further and affect confidentiality or integrity.\n\n\n\n\n\n\n## Remediation\nThere is no fixed version for `Debian:11` `gcc-10`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4039)\n- [arm-security@arm.com](https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64)\n- [arm-security@arm.com](https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-x7ch-h5rf-w2mf)\n",
+ "epssDetails": {
+ "percentile": "0.14414",
+ "probability": "0.00046",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4039"
+ ],
+ "CWE": [],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "gcc-10",
+ "creationTime": "2023-09-14T00:55:43.720861Z",
+ "disclosureTime": "2023-09-13T09:15:15.690000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-14T00:54:21.518198Z",
+ "modificationTime": "2023-11-08T09:43:38.403520Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "gcc-10/libstdc++6@10.2.1-6"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "gcc-10/libstdc++6",
+ "version": "10.2.1-6"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-532215",
+ "cpes": [],
+ "title": "Resource Management Errors",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 4.3,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2010-4756",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2010-4756"
+ },
+ {
+ "url": "http://cxib.net/stuff/glob-0day.c",
+ "title": "http://cxib.net/stuff/glob-0day.c"
+ },
+ {
+ "url": "http://securityreason.com/achievement_securityalert/89",
+ "title": "http://securityreason.com/achievement_securityalert/89"
+ },
+ {
+ "url": "http://securityreason.com/exploitalert/9223",
+ "title": "http://securityreason.com/exploitalert/9223"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681681",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=681681"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 4.3,
+ "modificationTime": "2023-02-09T11:23:31.120244Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T09:41:21.515733Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nThe glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2010-4756)\n- [http://cxib.net/stuff/glob-0day.c](http://cxib.net/stuff/glob-0day.c)\n- [http://securityreason.com/achievement_securityalert/89](http://securityreason.com/achievement_securityalert/89)\n- [http://securityreason.com/exploitalert/9223](http://securityreason.com/exploitalert/9223)\n- [MISC](https://bugzilla.redhat.com/show_bug.cgi?id=681681)\n- [MISC](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756)\n",
+ "epssDetails": {
+ "percentile": "0.79904",
+ "probability": "0.00824",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2010-4756"
+ ],
+ "CWE": [
+ "CWE-399"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:32:45.970155Z",
+ "disclosureTime": "2011-03-02T20:00:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2011-03-02T20:00:00Z",
+ "modificationTime": "2023-11-08T09:41:21.515733Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-5894105",
+ "cpes": [],
+ "title": "Use After Free",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.9,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4806",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4806"
+ },
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2023-4806",
+ "title": "https://access.redhat.com/security/cve/CVE-2023-4806"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/4",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/4"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/5",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/5"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/6",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/6"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/8",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/202310-03",
+ "title": "https://security.gentoo.org/glsa/202310-03"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/",
+ "title": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/",
+ "title": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/",
+ "title": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5453",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5453"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5455",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5455"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:7409",
+ "title": "https://access.redhat.com/errata/RHSA-2023:7409"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-09-27T01:10:58.963846Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-11-08T09:44:04.286569Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nA flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4806)\n- [secalert@redhat.com](https://access.redhat.com/security/cve/CVE-2023-4806)\n- [secalert@redhat.com](https://bugzilla.redhat.com/show_bug.cgi?id=2237782)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/4)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/5)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/6)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/8)\n- [secalert@redhat.com](https://security.gentoo.org/glsa/202310-03)\n- [secalert@redhat.com](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/)\n- [secalert@redhat.com](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/)\n- [secalert@redhat.com](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5453)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5455)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:7409)\n",
+ "epssDetails": {
+ "percentile": "0.40141",
+ "probability": "0.00097",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4806"
+ ],
+ "CWE": [
+ "CWE-416"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2023-09-13T13:01:01.946655Z",
+ "disclosureTime": "2023-09-18T17:15:55.813000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-13T13:01:01.926030Z",
+ "modificationTime": "2023-11-08T09:44:04.286569Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-5894112",
+ "cpes": [],
+ "title": "Use After Free",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.9,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4813",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4813"
+ },
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2023-4813",
+ "title": "https://access.redhat.com/security/cve/CVE-2023-4813"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/8",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5453",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5453"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5455",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5455"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20231110-0003/",
+ "title": "https://security.netapp.com/advisory/ntap-20231110-0003/"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:7409",
+ "title": "https://access.redhat.com/errata/RHSA-2023:7409"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-09-21T01:10:58.024645Z"
+ },
+ {
+ "assigner": "SUSE",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-10-12T11:02:48.940818Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-11-08T09:44:04.286614Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nA flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4813)\n- [secalert@redhat.com](https://access.redhat.com/security/cve/CVE-2023-4813)\n- [secalert@redhat.com](https://bugzilla.redhat.com/show_bug.cgi?id=2237798)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/8)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5453)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5455)\n- [secalert@redhat.com](https://security.netapp.com/advisory/ntap-20231110-0003/)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:7409)\n",
+ "epssDetails": {
+ "percentile": "0.41335",
+ "probability": "0.00102",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4813"
+ ],
+ "CWE": [
+ "CWE-416"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2023-09-13T13:01:46.841726Z",
+ "disclosureTime": "2023-09-12T22:15:08.277000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-13T13:01:32.099229Z",
+ "modificationTime": "2023-11-08T09:44:04.286614Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-521063",
+ "cpes": [],
+ "title": "Out-of-Bounds",
+ "CVSSv3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 9.8,
+ "malicious": false,
+ "isDisputed": true,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"
+ },
+ {
+ "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850",
+ "title": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
+ },
+ {
+ "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850%23c3",
+ "title": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850%23c3"
+ },
+ {
+ "url": "https://ubuntu.com/security/CVE-2019-1010022",
+ "title": "https://ubuntu.com/security/CVE-2019-1010022"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "critical",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 9.8,
+ "modificationTime": "2022-01-03T17:53:20.558676Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\n** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat."\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2019-1010022)\n- [MISC](https://sourceware.org/bugzilla/show_bug.cgi?id=22850)\n- [MISC](https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3)\n- [UBUNTU](https://ubuntu.com/security/CVE-2019-1010022)\n",
+ "epssDetails": {
+ "percentile": "0.68021",
+ "probability": "0.00335",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2019-1010022"
+ ],
+ "CWE": [
+ "CWE-119"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "critical",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:35:26.761208Z",
+ "disclosureTime": "2019-07-15T04:15:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2019-07-24T09:33:32.251091Z",
+ "modificationTime": "2022-10-26T02:04:58.132579Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-521199",
+ "cpes": [],
+ "title": "Uncontrolled Recursion",
+ "CVSSv3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 7.5,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2019-9192",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2019-9192"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS"
+ },
+ {
+ "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269",
+ "title": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
+ },
+ {
+ "url": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192",
+ "title": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 7.5,
+ "modificationTime": "2022-01-03T18:01:31.673539Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nIn the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2019-9192)\n- [CONFIRM](https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS)\n- [MISC](https://sourceware.org/bugzilla/show_bug.cgi?id=24269)\n- [Ubuntu CVE Tracker](http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192)\n- [cve@mitre.org](https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS)\n",
+ "epssDetails": {
+ "percentile": "0.43326",
+ "probability": "0.00108",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2019-9192"
+ ],
+ "CWE": [
+ "CWE-674"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "high",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:34:51.325920Z",
+ "disclosureTime": "2019-02-26T18:29:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2019-02-26T18:29:00Z",
+ "modificationTime": "2022-10-26T02:05:07.667771Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-522385",
+ "cpes": [],
+ "title": "Use of Insufficiently Random Values",
+ "CVSSv3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.3,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2019-1010025"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K06046097",
+ "title": "https://support.f5.com/csp/article/K06046097"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS"
+ },
+ {
+ "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853",
+ "title": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853"
+ },
+ {
+ "url": "https://ubuntu.com/security/CVE-2019-1010025",
+ "title": "https://ubuntu.com/security/CVE-2019-1010025"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2022-01-03T17:53:25.533412Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "low",
+ "cvssV3Vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
+ "cvssV3BaseScore": 2.9,
+ "modificationTime": "2023-11-08T09:41:53.285202Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nGNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2019-1010025)\n- [CONFIRM](https://support.f5.com/csp/article/K06046097)\n- [CONFIRM](https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS)\n- [MISC](https://sourceware.org/bugzilla/show_bug.cgi?id=22853)\n- [UBUNTU](https://ubuntu.com/security/CVE-2019-1010025)\n- [josh@bress.net](https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS)\n",
+ "epssDetails": {
+ "percentile": "0.63157",
+ "probability": "0.00255",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2019-1010025"
+ ],
+ "CWE": [
+ "CWE-330"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:35:27.035439Z",
+ "disclosureTime": "2019-07-15T04:15:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2019-07-24T09:33:59.230537Z",
+ "modificationTime": "2023-11-08T09:41:53.285202Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-529848",
+ "cpes": [],
+ "title": "Information Exposure",
+ "CVSSv3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.3,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2019-1010024"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K06046097",
+ "title": "https://support.f5.com/csp/article/K06046097"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS"
+ },
+ {
+ "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852",
+ "title": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/109162",
+ "title": "http://www.securityfocus.com/bid/109162"
+ },
+ {
+ "url": "https://ubuntu.com/security/CVE-2019-1010024",
+ "title": "https://ubuntu.com/security/CVE-2019-1010024"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2022-01-03T17:53:36.633029Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T09:41:53.283850Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nGNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2019-1010024)\n- [CONFIRM](https://support.f5.com/csp/article/K06046097)\n- [CONFIRM](https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS)\n- [MISC](https://sourceware.org/bugzilla/show_bug.cgi?id=22852)\n- [Security Focus](http://www.securityfocus.com/bid/109162)\n- [UBUNTU](https://ubuntu.com/security/CVE-2019-1010024)\n- [josh@bress.net](https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS)\n",
+ "epssDetails": {
+ "percentile": "0.88369",
+ "probability": "0.02258",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2019-1010024"
+ ],
+ "CWE": [
+ "CWE-200"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:35:29.535158Z",
+ "disclosureTime": "2019-07-15T04:15:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2019-07-24T09:44:44.882448Z",
+ "modificationTime": "2023-11-08T09:41:53.283850Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-531451",
+ "cpes": [],
+ "title": "CVE-2019-1010023",
+ "CVSSv3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 8.8,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS"
+ },
+ {
+ "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851",
+ "title": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/109167",
+ "title": "http://www.securityfocus.com/bid/109167"
+ },
+ {
+ "url": "https://ubuntu.com/security/CVE-2019-1010023",
+ "title": "https://ubuntu.com/security/CVE-2019-1010023"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 8.8,
+ "modificationTime": "2022-01-03T17:53:36.820375Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 7.8,
+ "modificationTime": "2023-11-08T09:41:53.271238Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nGNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2019-1010023)\n- [CONFIRM](https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS)\n- [MISC](https://sourceware.org/bugzilla/show_bug.cgi?id=22851)\n- [Security Focus](http://www.securityfocus.com/bid/109167)\n- [UBUNTU](https://ubuntu.com/security/CVE-2019-1010023)\n- [josh@bress.net](https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS)\n",
+ "epssDetails": {
+ "percentile": "0.82602",
+ "probability": "0.01081",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2019-1010023"
+ ],
+ "CWE": [],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "high",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:35:27.642271Z",
+ "disclosureTime": "2019-07-15T04:15:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2019-07-24T09:36:38.241516Z",
+ "modificationTime": "2023-11-08T09:41:53.271238Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-531492",
+ "cpes": [],
+ "title": "Uncontrolled Recursion",
+ "CVSSv3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 7.5,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2018-20796",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2018-20796"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS"
+ },
+ {
+ "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141",
+ "title": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141"
+ },
+ {
+ "url": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html",
+ "title": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20190315-0002/",
+ "title": "https://security.netapp.com/advisory/ntap-20190315-0002/"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/107160",
+ "title": "http://www.securityfocus.com/bid/107160"
+ },
+ {
+ "url": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796",
+ "title": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796"
+ },
+ {
+ "url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS",
+ "title": "https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 7.5,
+ "modificationTime": "2022-01-03T16:26:27.939810Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T09:41:53.328123Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nIn the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2018-20796)\n- [CONFIRM](https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS)\n- [MISC](https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141)\n- [MISC](https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html)\n- [Netapp Security Advisory](https://security.netapp.com/advisory/ntap-20190315-0002/)\n- [Security Focus](http://www.securityfocus.com/bid/107160)\n- [Ubuntu CVE Tracker](http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796)\n- [cve@mitre.org](https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS)\n",
+ "epssDetails": {
+ "percentile": "0.77618",
+ "probability": "0.00678",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2018-20796"
+ ],
+ "CWE": [
+ "CWE-674"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "high",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:34:51.493703Z",
+ "disclosureTime": "2019-02-26T02:29:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2019-02-26T02:29:00Z",
+ "modificationTime": "2023-11-08T09:41:53.328123Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-532215",
+ "cpes": [],
+ "title": "Resource Management Errors",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 4.3,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2010-4756",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2010-4756"
+ },
+ {
+ "url": "http://cxib.net/stuff/glob-0day.c",
+ "title": "http://cxib.net/stuff/glob-0day.c"
+ },
+ {
+ "url": "http://securityreason.com/achievement_securityalert/89",
+ "title": "http://securityreason.com/achievement_securityalert/89"
+ },
+ {
+ "url": "http://securityreason.com/exploitalert/9223",
+ "title": "http://securityreason.com/exploitalert/9223"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681681",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=681681"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 4.3,
+ "modificationTime": "2023-02-09T11:23:31.120244Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T09:41:21.515733Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nThe glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2010-4756)\n- [http://cxib.net/stuff/glob-0day.c](http://cxib.net/stuff/glob-0day.c)\n- [http://securityreason.com/achievement_securityalert/89](http://securityreason.com/achievement_securityalert/89)\n- [http://securityreason.com/exploitalert/9223](http://securityreason.com/exploitalert/9223)\n- [MISC](https://bugzilla.redhat.com/show_bug.cgi?id=681681)\n- [MISC](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756)\n",
+ "epssDetails": {
+ "percentile": "0.79904",
+ "probability": "0.00824",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2010-4756"
+ ],
+ "CWE": [
+ "CWE-399"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2020-08-19T09:32:45.970155Z",
+ "disclosureTime": "2011-03-02T20:00:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2011-03-02T20:00:00Z",
+ "modificationTime": "2023-11-08T09:41:21.515733Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-5894105",
+ "cpes": [],
+ "title": "Use After Free",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.9,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4806",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4806"
+ },
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2023-4806",
+ "title": "https://access.redhat.com/security/cve/CVE-2023-4806"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/4",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/4"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/5",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/5"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/6",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/6"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/8",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/202310-03",
+ "title": "https://security.gentoo.org/glsa/202310-03"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/",
+ "title": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/",
+ "title": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/",
+ "title": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5453",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5453"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5455",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5455"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:7409",
+ "title": "https://access.redhat.com/errata/RHSA-2023:7409"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-09-27T01:10:58.963846Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-11-08T09:44:04.286569Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nA flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4806)\n- [secalert@redhat.com](https://access.redhat.com/security/cve/CVE-2023-4806)\n- [secalert@redhat.com](https://bugzilla.redhat.com/show_bug.cgi?id=2237782)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/4)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/5)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/6)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/8)\n- [secalert@redhat.com](https://security.gentoo.org/glsa/202310-03)\n- [secalert@redhat.com](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/)\n- [secalert@redhat.com](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/)\n- [secalert@redhat.com](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5453)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5455)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:7409)\n",
+ "epssDetails": {
+ "percentile": "0.40141",
+ "probability": "0.00097",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4806"
+ ],
+ "CWE": [
+ "CWE-416"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2023-09-13T13:01:01.946655Z",
+ "disclosureTime": "2023-09-18T17:15:55.813000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-13T13:01:01.926030Z",
+ "modificationTime": "2023-11-08T09:44:04.286569Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-GLIBC-5894112",
+ "cpes": [],
+ "title": "Use After Free",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.9,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-4813",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-4813"
+ },
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2023-4813",
+ "title": "https://access.redhat.com/security/cve/CVE-2023-4813"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798",
+ "title": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/10/03/8",
+ "title": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5453",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5453"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:5455",
+ "title": "https://access.redhat.com/errata/RHSA-2023:5455"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20231110-0003/",
+ "title": "https://security.netapp.com/advisory/ntap-20231110-0003/"
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2023:7409",
+ "title": "https://access.redhat.com/errata/RHSA-2023:7409"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-09-21T01:10:58.024645Z"
+ },
+ {
+ "assigner": "SUSE",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-10-12T11:02:48.940818Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 5.9,
+ "modificationTime": "2023-11-08T09:44:04.286614Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `glibc` package and not the `glibc` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nA flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.\n## Remediation\nThere is no fixed version for `Debian:11` `glibc`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-4813)\n- [secalert@redhat.com](https://access.redhat.com/security/cve/CVE-2023-4813)\n- [secalert@redhat.com](https://bugzilla.redhat.com/show_bug.cgi?id=2237798)\n- [secalert@redhat.com](http://www.openwall.com/lists/oss-security/2023/10/03/8)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5453)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:5455)\n- [secalert@redhat.com](https://security.netapp.com/advisory/ntap-20231110-0003/)\n- [secalert@redhat.com](https://access.redhat.com/errata/RHSA-2023:7409)\n",
+ "epssDetails": {
+ "percentile": "0.41335",
+ "probability": "0.00102",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-4813"
+ ],
+ "CWE": [
+ "CWE-416"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "glibc",
+ "creationTime": "2023-09-13T13:01:46.841726Z",
+ "disclosureTime": "2023-09-12T22:15:08.277000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-09-13T13:01:32.099229Z",
+ "modificationTime": "2023-11-08T09:44:04.286614Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1",
+ "glibc/libc6@2.31-13+deb11u7"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "glibc/libc6",
+ "version": "2.31-13+deb11u7"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-518334",
+ "cpes": [],
+ "title": "Cryptographic Issues",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.4,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2007-6755",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2007-6755"
+ },
+ {
+ "url": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/",
+ "title": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/"
+ },
+ {
+ "url": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html",
+ "title": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html"
+ },
+ {
+ "url": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html",
+ "title": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html"
+ },
+ {
+ "url": "http://rump2007.cr.yp.to/15-shumow.pdf",
+ "title": "http://rump2007.cr.yp.to/15-shumow.pdf"
+ },
+ {
+ "url": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/",
+ "title": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/"
+ },
+ {
+ "url": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html",
+ "title": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html"
+ },
+ {
+ "url": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect",
+ "title": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/63657",
+ "title": "http://www.securityfocus.com/bid/63657"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 5.4,
+ "modificationTime": "2023-02-09T11:25:00.865086Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 5.4,
+ "modificationTime": "2023-11-08T09:41:50.005364Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nThe NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2007-6755)\n- [http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/](http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/)\n- [http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html](http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html)\n- [http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html](http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html)\n- [http://rump2007.cr.yp.to/15-shumow.pdf](http://rump2007.cr.yp.to/15-shumow.pdf)\n- [http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/](http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/)\n- [https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html](https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html)\n- [http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect](http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect)\n- [Security Focus](http://www.securityfocus.com/bid/63657)\n",
+ "epssDetails": {
+ "percentile": "0.76307",
+ "probability": "0.00614",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2007-6755"
+ ],
+ "CWE": [
+ "CWE-310"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2020-08-19T09:23:31.735743Z",
+ "disclosureTime": "2013-10-11T22:55:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2013-10-11T22:55:00Z",
+ "modificationTime": "2023-11-08T09:41:50.005364Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl/libssl1.1",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-525332",
+ "cpes": [],
+ "title": "Cryptographic Issues",
+ "CVSSv3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.1,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2010-0928",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2010-0928"
+ },
+ {
+ "url": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/",
+ "title": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/"
+ },
+ {
+ "url": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf",
+ "title": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf"
+ },
+ {
+ "url": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html",
+ "title": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html"
+ },
+ {
+ "url": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/",
+ "title": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/"
+ },
+ {
+ "url": "http://xforce.iss.net/xforce/xfdb/56750",
+ "title": "http://xforce.iss.net/xforce/xfdb/56750"
+ },
+ {
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750",
+ "title": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750"
+ },
+ {
+ "url": "http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf",
+ "title": "http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "cvssV3BaseScore": 5.1,
+ "modificationTime": "2023-02-09T11:22:59.868606Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nOpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2010-0928)\n- [http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/](http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/)\n- [http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf](http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf)\n- [http://www.networkworld.com/news/2010/030410-rsa-security-attack.html](http://www.networkworld.com/news/2010/030410-rsa-security-attack.html)\n- [http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/](http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/)\n- [http://xforce.iss.net/xforce/xfdb/56750](http://xforce.iss.net/xforce/xfdb/56750)\n- [X-force Vulnerability Report](https://exchange.xforce.ibmcloud.com/vulnerabilities/56750)\n- [cve@mitre.org](http://www.osvdb.org/62808)\n- [cve@mitre.org](http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf)\n",
+ "epssDetails": {
+ "percentile": "0.27307",
+ "probability": "0.00066",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2010-0928"
+ ],
+ "CWE": [
+ "CWE-310"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2020-08-19T09:30:53.411236Z",
+ "disclosureTime": "2010-03-05T19:30:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2010-03-05T19:30:00Z",
+ "modificationTime": "2023-02-10T13:11:38.644692Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl/libssl1.1",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-6048819",
+ "cpes": [],
+ "title": "Improper Check for Unusual or Exceptional Conditions",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.3,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-5678"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=34efaef6c103d636ab507a0cc34dca4d3aecc055",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=34efaef6c103d636ab507a0cc34dca4d3aecc055"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=710fee740904b6290fef0dd5536fbcedbc38ff0c",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=710fee740904b6290fef0dd5536fbcedbc38ff0c"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=db925ae2e65d0d925adef429afc37f75bd1c2017",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=db925ae2e65d0d925adef429afc37f75bd1c2017"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6"
+ },
+ {
+ "url": "https://www.openssl.org/news/secadv/20231106.txt",
+ "title": "https://www.openssl.org/news/secadv/20231106.txt"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/11/06/2",
+ "title": "http://www.openwall.com/lists/oss-security/2023/11/06/2"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20231130-0010/",
+ "title": "https://security.netapp.com/advisory/ntap-20231130-0010/"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T13:48:19.543999Z"
+ },
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-22T01:10:47.412869Z"
+ },
+ {
+ "assigner": "SUSE",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 7.5,
+ "modificationTime": "2023-11-22T11:02:51.571843Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nIssue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays. Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() doesn't make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it doesn't check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions. An application calling any of those other\nfunctions may similarly be affected. The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n"-pubcheck" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.\n\n\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-5678)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6)\n- [openssl-security@openssl.org](https://www.openssl.org/news/secadv/20231106.txt)\n- [openssl-security@openssl.org](http://www.openwall.com/lists/oss-security/2023/11/06/2)\n- [openssl-security@openssl.org](https://security.netapp.com/advisory/ntap-20231130-0010/)\n",
+ "epssDetails": {
+ "percentile": "0.33119",
+ "probability": "0.00079",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-5678"
+ ],
+ "CWE": [
+ "CWE-754"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2023-11-07T02:36:49.140701Z",
+ "disclosureTime": "2023-11-06T16:15:42.670000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-11-07T02:33:36.224937Z",
+ "modificationTime": "2023-11-22T11:02:51.571843Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl/libssl1.1",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-518334",
+ "cpes": [],
+ "title": "Cryptographic Issues",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.4,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2007-6755",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2007-6755"
+ },
+ {
+ "url": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/",
+ "title": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/"
+ },
+ {
+ "url": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html",
+ "title": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html"
+ },
+ {
+ "url": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html",
+ "title": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html"
+ },
+ {
+ "url": "http://rump2007.cr.yp.to/15-shumow.pdf",
+ "title": "http://rump2007.cr.yp.to/15-shumow.pdf"
+ },
+ {
+ "url": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/",
+ "title": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/"
+ },
+ {
+ "url": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html",
+ "title": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html"
+ },
+ {
+ "url": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect",
+ "title": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/63657",
+ "title": "http://www.securityfocus.com/bid/63657"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 5.4,
+ "modificationTime": "2023-02-09T11:25:00.865086Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 5.4,
+ "modificationTime": "2023-11-08T09:41:50.005364Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nThe NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2007-6755)\n- [http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/](http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/)\n- [http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html](http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html)\n- [http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html](http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html)\n- [http://rump2007.cr.yp.to/15-shumow.pdf](http://rump2007.cr.yp.to/15-shumow.pdf)\n- [http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/](http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/)\n- [https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html](https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html)\n- [http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect](http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect)\n- [Security Focus](http://www.securityfocus.com/bid/63657)\n",
+ "epssDetails": {
+ "percentile": "0.76307",
+ "probability": "0.00614",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2007-6755"
+ ],
+ "CWE": [
+ "CWE-310"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2020-08-19T09:23:31.735743Z",
+ "disclosureTime": "2013-10-11T22:55:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2013-10-11T22:55:00Z",
+ "modificationTime": "2023-11-08T09:41:50.005364Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl/libssl1.1",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-525332",
+ "cpes": [],
+ "title": "Cryptographic Issues",
+ "CVSSv3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.1,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2010-0928",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2010-0928"
+ },
+ {
+ "url": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/",
+ "title": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/"
+ },
+ {
+ "url": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf",
+ "title": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf"
+ },
+ {
+ "url": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html",
+ "title": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html"
+ },
+ {
+ "url": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/",
+ "title": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/"
+ },
+ {
+ "url": "http://xforce.iss.net/xforce/xfdb/56750",
+ "title": "http://xforce.iss.net/xforce/xfdb/56750"
+ },
+ {
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750",
+ "title": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750"
+ },
+ {
+ "url": "http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf",
+ "title": "http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "cvssV3BaseScore": 5.1,
+ "modificationTime": "2023-02-09T11:22:59.868606Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nOpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2010-0928)\n- [http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/](http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/)\n- [http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf](http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf)\n- [http://www.networkworld.com/news/2010/030410-rsa-security-attack.html](http://www.networkworld.com/news/2010/030410-rsa-security-attack.html)\n- [http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/](http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/)\n- [http://xforce.iss.net/xforce/xfdb/56750](http://xforce.iss.net/xforce/xfdb/56750)\n- [X-force Vulnerability Report](https://exchange.xforce.ibmcloud.com/vulnerabilities/56750)\n- [cve@mitre.org](http://www.osvdb.org/62808)\n- [cve@mitre.org](http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf)\n",
+ "epssDetails": {
+ "percentile": "0.27307",
+ "probability": "0.00066",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2010-0928"
+ ],
+ "CWE": [
+ "CWE-310"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2020-08-19T09:30:53.411236Z",
+ "disclosureTime": "2010-03-05T19:30:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2010-03-05T19:30:00Z",
+ "modificationTime": "2023-02-10T13:11:38.644692Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl/libssl1.1",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-6048819",
+ "cpes": [],
+ "title": "Improper Check for Unusual or Exceptional Conditions",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.3,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-5678"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=34efaef6c103d636ab507a0cc34dca4d3aecc055",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=34efaef6c103d636ab507a0cc34dca4d3aecc055"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=710fee740904b6290fef0dd5536fbcedbc38ff0c",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=710fee740904b6290fef0dd5536fbcedbc38ff0c"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=db925ae2e65d0d925adef429afc37f75bd1c2017",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=db925ae2e65d0d925adef429afc37f75bd1c2017"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6"
+ },
+ {
+ "url": "https://www.openssl.org/news/secadv/20231106.txt",
+ "title": "https://www.openssl.org/news/secadv/20231106.txt"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/11/06/2",
+ "title": "http://www.openwall.com/lists/oss-security/2023/11/06/2"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20231130-0010/",
+ "title": "https://security.netapp.com/advisory/ntap-20231130-0010/"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T13:48:19.543999Z"
+ },
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-22T01:10:47.412869Z"
+ },
+ {
+ "assigner": "SUSE",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 7.5,
+ "modificationTime": "2023-11-22T11:02:51.571843Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nIssue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays. Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() doesn't make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it doesn't check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions. An application calling any of those other\nfunctions may similarly be affected. The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n"-pubcheck" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.\n\n\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-5678)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6)\n- [openssl-security@openssl.org](https://www.openssl.org/news/secadv/20231106.txt)\n- [openssl-security@openssl.org](http://www.openwall.com/lists/oss-security/2023/11/06/2)\n- [openssl-security@openssl.org](https://security.netapp.com/advisory/ntap-20231130-0010/)\n",
+ "epssDetails": {
+ "percentile": "0.33119",
+ "probability": "0.00079",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-5678"
+ ],
+ "CWE": [
+ "CWE-754"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2023-11-07T02:36:49.140701Z",
+ "disclosureTime": "2023-11-06T16:15:42.670000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-11-07T02:33:36.224937Z",
+ "modificationTime": "2023-11-22T11:02:51.571843Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1",
+ "openssl/libssl1.1@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl/libssl1.1",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-518334",
+ "cpes": [],
+ "title": "Cryptographic Issues",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.4,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2007-6755",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2007-6755"
+ },
+ {
+ "url": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/",
+ "title": "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/"
+ },
+ {
+ "url": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html",
+ "title": "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html"
+ },
+ {
+ "url": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html",
+ "title": "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html"
+ },
+ {
+ "url": "http://rump2007.cr.yp.to/15-shumow.pdf",
+ "title": "http://rump2007.cr.yp.to/15-shumow.pdf"
+ },
+ {
+ "url": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/",
+ "title": "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/"
+ },
+ {
+ "url": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html",
+ "title": "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html"
+ },
+ {
+ "url": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect",
+ "title": "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/63657",
+ "title": "http://www.securityfocus.com/bid/63657"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 5.4,
+ "modificationTime": "2023-02-09T11:25:00.865086Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+ "cvssV3BaseScore": 5.4,
+ "modificationTime": "2023-11-08T09:41:50.005364Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nThe NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2007-6755)\n- [http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/](http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/)\n- [http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html](http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html)\n- [http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html](http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html)\n- [http://rump2007.cr.yp.to/15-shumow.pdf](http://rump2007.cr.yp.to/15-shumow.pdf)\n- [http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/](http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/)\n- [https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html](https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html)\n- [http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect](http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect)\n- [Security Focus](http://www.securityfocus.com/bid/63657)\n",
+ "epssDetails": {
+ "percentile": "0.76307",
+ "probability": "0.00614",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2007-6755"
+ ],
+ "CWE": [
+ "CWE-310"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2020-08-19T09:23:31.735743Z",
+ "disclosureTime": "2013-10-11T22:55:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2013-10-11T22:55:00Z",
+ "modificationTime": "2023-11-08T09:41:50.005364Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-525332",
+ "cpes": [],
+ "title": "Cryptographic Issues",
+ "CVSSv3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.1,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2010-0928",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2010-0928"
+ },
+ {
+ "url": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/",
+ "title": "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/"
+ },
+ {
+ "url": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf",
+ "title": "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf"
+ },
+ {
+ "url": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html",
+ "title": "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html"
+ },
+ {
+ "url": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/",
+ "title": "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/"
+ },
+ {
+ "url": "http://xforce.iss.net/xforce/xfdb/56750",
+ "title": "http://xforce.iss.net/xforce/xfdb/56750"
+ },
+ {
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750",
+ "title": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750"
+ },
+ {
+ "url": "http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf",
+ "title": "http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "cvssV3BaseScore": 5.1,
+ "modificationTime": "2023-02-09T11:22:59.868606Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nOpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2010-0928)\n- [http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/](http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/)\n- [http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf](http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf)\n- [http://www.networkworld.com/news/2010/030410-rsa-security-attack.html](http://www.networkworld.com/news/2010/030410-rsa-security-attack.html)\n- [http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/](http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/)\n- [http://xforce.iss.net/xforce/xfdb/56750](http://xforce.iss.net/xforce/xfdb/56750)\n- [X-force Vulnerability Report](https://exchange.xforce.ibmcloud.com/vulnerabilities/56750)\n- [cve@mitre.org](http://www.osvdb.org/62808)\n- [cve@mitre.org](http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf)\n",
+ "epssDetails": {
+ "percentile": "0.27307",
+ "probability": "0.00066",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2010-0928"
+ ],
+ "CWE": [
+ "CWE-310"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2020-08-19T09:30:53.411236Z",
+ "disclosureTime": "2010-03-05T19:30:00Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2010-03-05T19:30:00Z",
+ "modificationTime": "2023-02-10T13:11:38.644692Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "unimportant",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl",
+ "version": "1.1.1w-0+deb11u1"
+ },
+ {
+ "id": "SNYK-DEBIAN11-OPENSSL-6048819",
+ "cpes": [],
+ "title": "Improper Check for Unusual or Exceptional Conditions",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "credit": [
+ ""
+ ],
+ "semver": {
+ "vulnerable": [
+ "*"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "linux",
+ "severity": "low",
+ "cvssScore": 5.3,
+ "malicious": false,
+ "isDisputed": false,
+ "references": [
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2023-5678",
+ "title": "https://security-tracker.debian.org/tracker/CVE-2023-5678"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=34efaef6c103d636ab507a0cc34dca4d3aecc055",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=34efaef6c103d636ab507a0cc34dca4d3aecc055"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=710fee740904b6290fef0dd5536fbcedbc38ff0c",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=710fee740904b6290fef0dd5536fbcedbc38ff0c"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=db925ae2e65d0d925adef429afc37f75bd1c2017",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=db925ae2e65d0d925adef429afc37f75bd1c2017"
+ },
+ {
+ "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6",
+ "title": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6"
+ },
+ {
+ "url": "https://www.openssl.org/news/secadv/20231106.txt",
+ "title": "https://www.openssl.org/news/secadv/20231106.txt"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2023/11/06/2",
+ "title": "http://www.openwall.com/lists/oss-security/2023/11/06/2"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20231130-0010/",
+ "title": "https://security.netapp.com/advisory/ntap-20231130-0010/"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T13:48:19.543999Z"
+ },
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-22T01:10:47.412869Z"
+ },
+ {
+ "assigner": "SUSE",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 7.5,
+ "modificationTime": "2023-11-22T11:02:51.571843Z"
+ }
+ ],
+ "description": "## NVD Description\n**_Note:_** _Versions mentioned in the description apply only to the upstream `openssl` package and not the `openssl` package as distributed by `Debian`._\n_See `How to fix?` for `Debian:11` relevant fixed versions and status._\n\nIssue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays. Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() doesn't make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it doesn't check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions. An application calling any of those other\nfunctions may similarly be affected. The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n"-pubcheck" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.\n\n\n## Remediation\nThere is no fixed version for `Debian:11` `openssl`.\n## References\n- [ADVISORY](https://security-tracker.debian.org/tracker/CVE-2023-5678)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017)\n- [openssl-security@openssl.org](https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6)\n- [openssl-security@openssl.org](https://www.openssl.org/news/secadv/20231106.txt)\n- [openssl-security@openssl.org](http://www.openwall.com/lists/oss-security/2023/11/06/2)\n- [openssl-security@openssl.org](https://security.netapp.com/advisory/ntap-20231130-0010/)\n",
+ "epssDetails": {
+ "percentile": "0.33119",
+ "probability": "0.00079",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2023-5678"
+ ],
+ "CWE": [
+ "CWE-754"
+ ],
+ "ALTERNATIVE": []
+ },
+ "nvdSeverity": "medium",
+ "packageName": "openssl",
+ "creationTime": "2023-11-07T02:36:49.140701Z",
+ "disclosureTime": "2023-11-06T16:15:42.670000Z",
+ "packageManager": "debian:11",
+ "publicationTime": "2023-11-07T02:33:36.224937Z",
+ "modificationTime": "2023-11-22T11:02:51.571843Z",
+ "socialTrendAlert": false,
+ "relativeImportance": "minor issue",
+ "severityWithCritical": "low",
+ "from": [
+ "docker-image|sarim04/juiceshop@latest",
+ "openssl@1.1.1w-0+deb11u1"
+ ],
+ "upgradePath": [],
+ "isUpgradable": false,
+ "isPatchable": false,
+ "name": "openssl",
+ "version": "1.1.1w-0+deb11u1"
+ }
+ ],
+ "ok": false,
+ "dependencyCount": 9,
+ "org": "sarim04",
+ "policy": "# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.\nversion: v1.25.1\nignore: {}\npatch: {}\n",
+ "isPrivate": true,
+ "licensesPolicy": {
+ "severities": {},
+ "orgLicenseRules": {
+ "AGPL-1.0": {
+ "licenseType": "AGPL-1.0",
+ "severity": "high",
+ "instructions": ""
+ },
+ "AGPL-3.0": {
+ "licenseType": "AGPL-3.0",
+ "severity": "high",
+ "instructions": ""
+ },
+ "Artistic-1.0": {
+ "licenseType": "Artistic-1.0",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "Artistic-2.0": {
+ "licenseType": "Artistic-2.0",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "CDDL-1.0": {
+ "licenseType": "CDDL-1.0",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "CPOL-1.02": {
+ "licenseType": "CPOL-1.02",
+ "severity": "high",
+ "instructions": ""
+ },
+ "EPL-1.0": {
+ "licenseType": "EPL-1.0",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "GPL-2.0": {
+ "licenseType": "GPL-2.0",
+ "severity": "high",
+ "instructions": ""
+ },
+ "GPL-3.0": {
+ "licenseType": "GPL-3.0",
+ "severity": "high",
+ "instructions": ""
+ },
+ "LGPL-2.0": {
+ "licenseType": "LGPL-2.0",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "LGPL-2.1": {
+ "licenseType": "LGPL-2.1",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "LGPL-3.0": {
+ "licenseType": "LGPL-3.0",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "MPL-1.1": {
+ "licenseType": "MPL-1.1",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "MPL-2.0": {
+ "licenseType": "MPL-2.0",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "MS-RL": {
+ "licenseType": "MS-RL",
+ "severity": "medium",
+ "instructions": ""
+ },
+ "SimPL-2.0": {
+ "licenseType": "SimPL-2.0",
+ "severity": "high",
+ "instructions": ""
+ }
+ }
+ },
+ "packageManager": "deb",
+ "ignoreSettings": {
+ "adminOnly": false,
+ "reasonRequired": false,
+ "disregardFilesystemIgnores": false
+ },
+ "docker": {
+ "binariesVulns": {
+ "issuesData": {},
+ "affectedPkgs": {}
+ }
+ },
+ "summary": "67 vulnerable dependency paths",
+ "filesystemPolicy": false,
+ "filtered": {
+ "ignore": [],
+ "patch": []
+ },
+ "uniqueCount": 13,
+ "projectName": "docker-image|sarim04/juiceshop",
+ "platform": "linux/amd64",
+ "hasUnknownVersions": false,
+ "path": "sarim04/juiceshop:latest/juiceshop",
+ "applications": [
+ {
+ "vulnerabilities": [
+ {
+ "id": "SNYK-JS-EXPRESSJWT-575022",
+ "title": "Authorization Bypass",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
+ "credit": [
+ "IST Group"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<6.0.0"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "6.0.0"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "high",
+ "cvssScore": 7.4,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "express-jwt",
+ "references": [
+ {
+ "url": "https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef",
+ "title": "GitHub Commit"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "critical",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+ "cvssV3BaseScore": 9.1,
+ "modificationTime": "2022-10-22T01:10:30.246806Z"
+ }
+ ],
+ "description": "## Overview\n[express-jwt](https://www.npmjs.com/package/express-jwt) is a JWT authentication middleware.\n\nAffected versions of this package are vulnerable to Authorization Bypass. The `algorithms` entry to be specified in the configuration is not being enforced. When `algorithms` is not specified in the configuration, with the combination of `jwks-rsa`, it may lead to authorization bypass.\n## Remediation\nUpgrade `express-jwt` to version 6.0.0 or higher.\n## References\n- [GitHub Commit](https://github.com/auth0/express-jwt/commit/7ecab5f8f0cab5297c2b863596566eb0c019cdef)\n",
+ "epssDetails": {
+ "percentile": "0.57214",
+ "probability": "0.00197",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2020-15084"
+ ],
+ "CWE": [
+ "CWE-285"
+ ],
+ "GHSA": [
+ "GHSA-6g6m-m6h5-w9gf"
+ ]
+ },
+ "packageName": "express-jwt",
+ "proprietary": false,
+ "creationTime": "2020-07-01T09:33:11.790635Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2020-07-01T09:30:03Z",
+ "packageManager": "npm",
+ "publicationTime": "2020-07-01T15:32:36Z",
+ "modificationTime": "2022-10-22T01:10:30.246806Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "high",
+ "from": [
+ "juice-shop@15.3.0",
+ "express-jwt@0.1.3"
+ ],
+ "upgradePath": [
+ false,
+ "express-jwt@6.0.0"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "express-jwt",
+ "version": "0.1.3"
+ },
+ {
+ "id": "SNYK-JS-JSONWEBTOKEN-3180022",
+ "title": "Improper Authentication",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L",
+ "credit": [
+ "Unknown"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<9.0.0"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "9.0.0"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 6.4,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "jsonwebtoken",
+ "references": [
+ {
+ "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0",
+ "title": "GitHub Release"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
+ "cvssV3BaseScore": 7.6,
+ "modificationTime": "2023-02-28T01:10:17.504751Z"
+ }
+ ],
+ "description": "## Overview\n[jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) is a JSON Web Token implementation (symmetric and asymmetric)\n\nAffected versions of this package are vulnerable to Improper Authentication such that the lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. \r\n\r\n## Exploitability\r\nUsers are affected only if all of the following conditions are true for the `jwt.verify()` function:\r\n\r\n1) A token with no signature is received.\r\n\r\n2) No algorithms are specified.\r\n\r\n3) A falsy (e.g., `null`, `false`, `undefined`) secret or key is passed.\n## Remediation\nUpgrade `jsonwebtoken` to version 9.0.0 or higher.\n## References\n- [GitHub Commit](https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3)\n- [GitHub Release](https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0)\n",
+ "epssDetails": {
+ "percentile": "0.13102",
+ "probability": "0.00046",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2022-23540"
+ ],
+ "CWE": [
+ "CWE-287"
+ ],
+ "GHSA": [
+ "GHSA-qwph-4952-7xr6"
+ ]
+ },
+ "packageName": "jsonwebtoken",
+ "proprietary": false,
+ "creationTime": "2022-12-22T09:09:36.072853Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2022-12-22T03:32:59Z",
+ "packageManager": "npm",
+ "publicationTime": "2022-12-22T09:13:25.290846Z",
+ "modificationTime": "2023-02-28T01:10:17.504751Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "jsonwebtoken@0.4.0"
+ ],
+ "upgradePath": [
+ false,
+ "jsonwebtoken@9.0.0"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "jsonwebtoken",
+ "version": "0.4.0"
+ },
+ {
+ "id": "SNYK-JS-JSONWEBTOKEN-3180024",
+ "title": "Improper Restriction of Security Token Assignment",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "credit": [
+ "Unknown"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<9.0.0"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "9.0.0"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 6.5,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "jsonwebtoken",
+ "references": [
+ {
+ "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0",
+ "title": "GitHub Release"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "cvssV3BaseScore": 6.3,
+ "modificationTime": "2023-02-28T01:10:17.572355Z"
+ }
+ ],
+ "description": "## Overview\n[jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) is a JSON Web Token implementation (symmetric and asymmetric)\n\nAffected versions of this package are vulnerable to Improper Restriction of Security Token Assignment via the `secretOrPublicKey ` argument due to misconfigurations of the key retrieval function `jwt.verify()`. Exploiting this vulnerability might result in incorrect verification of forged tokens when tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm.\r\n\r\n**Note:**\r\nThis vulnerability affects your application if it supports the usage of both symmetric and asymmetric keys in `jwt.verify()` implementation with the same key retrieval function.\n## Remediation\nUpgrade `jsonwebtoken` to version 9.0.0 or higher.\n## References\n- [GitHub Commit](https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3)\n- [GitHub Release](https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0)\n",
+ "epssDetails": {
+ "percentile": "0.19014",
+ "probability": "0.00053",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2022-23541"
+ ],
+ "CWE": [
+ "CWE-1259"
+ ],
+ "GHSA": [
+ "GHSA-hjrf-2m68-5959"
+ ]
+ },
+ "packageName": "jsonwebtoken",
+ "proprietary": false,
+ "creationTime": "2022-12-22T09:14:27.155728Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2022-12-22T03:33:19Z",
+ "packageManager": "npm",
+ "publicationTime": "2022-12-22T09:16:03.621406Z",
+ "modificationTime": "2023-02-28T01:10:17.572355Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "jsonwebtoken@0.4.0"
+ ],
+ "upgradePath": [
+ false,
+ "jsonwebtoken@9.0.0"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "jsonwebtoken",
+ "version": "0.4.0"
+ },
+ {
+ "id": "SNYK-JS-JSONWEBTOKEN-3180026",
+ "title": "Use of a Broken or Risky Cryptographic Algorithm",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
+ "credit": [
+ "Unknown"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<9.0.0"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "9.0.0"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 6.8,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "jsonwebtoken",
+ "references": [
+ {
+ "url": "https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0",
+ "title": "GitHub Release"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
+ "cvssV3BaseScore": 8.1,
+ "modificationTime": "2022-12-31T01:11:45.823807Z"
+ }
+ ],
+ "description": "## Overview\n[jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) is a JSON Web Token implementation (symmetric and asymmetric)\n\nAffected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm such that the library can be misconfigured to use legacy, insecure key types for signature verification. For example, DSA keys could be used with the RS256 algorithm. \r\n\r\n## Exploitability\r\n\r\nUsers are affected when using an algorithm and a key type _other_ than the combinations mentioned below:\r\n\r\nEC: ES256, ES384, ES512\r\n \r\nRSA: RS256, RS384, RS512, PS256, PS384, PS512 \r\n\r\nRSA-PSS: PS256, PS384, PS512 \r\n\r\nAnd for Elliptic Curve algorithms:\r\n\r\nES256: prime256v1\r\n\r\nES384: secp384r1\r\n\r\nES512: secp521r1 \r\n\r\n## Workaround \r\n\r\nUsers who are unable to upgrade to the fixed version can use the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and `verify()` functions to continue usage of invalid key type/algorithm combination in 9.0.0 for legacy compatibility.\n## Remediation\nUpgrade `jsonwebtoken` to version 9.0.0 or higher.\n## References\n- [GitHub Commit](https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1b30cf7016e3)\n- [GitHub Release](https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0)\n",
+ "epssDetails": {
+ "percentile": "0.17011",
+ "probability": "0.00050",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2022-23539"
+ ],
+ "CWE": [
+ "CWE-327"
+ ],
+ "GHSA": [
+ "GHSA-8cf7-32gw-wr33"
+ ]
+ },
+ "packageName": "jsonwebtoken",
+ "proprietary": false,
+ "creationTime": "2022-12-22T09:19:03.430735Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2022-12-22T03:32:22Z",
+ "packageManager": "npm",
+ "publicationTime": "2022-12-22T10:32:50.173080Z",
+ "modificationTime": "2023-01-01T13:30:43.098324Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "jsonwebtoken@0.4.0"
+ ],
+ "upgradePath": [
+ false,
+ "jsonwebtoken@9.0.0"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "jsonwebtoken",
+ "version": "0.4.0"
+ },
+ {
+ "id": "npm:jsonwebtoken:20150331",
+ "title": "Authentication Bypass",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P",
+ "credit": [
+ "Tim McLean"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<4.2.2"
+ ]
+ },
+ "exploit": "Proof of Concept",
+ "fixedIn": [
+ "4.2.2"
+ ],
+ "patches": [
+ {
+ "id": "patch:npm:jsonwebtoken:20150331:0",
+ "urls": [
+ "https://snyk-patches.s3.amazonaws.com/npm/jsonwebtoken/20150331/jsonwebtoken_20150331_0_0_1bb584bc382295eeb7ee8c4452a673a77a68b687_snyk.patch"
+ ],
+ "version": "=4.0.0 || =4.1.0 || =4.2.1",
+ "comments": [],
+ "modificationTime": "2019-12-03T11:40:45.753281Z"
+ }
+ ],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "high",
+ "cvssScore": 7.5,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "jsonwebtoken",
+ "references": [
+ {
+ "url": "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/",
+ "title": "Auth0 Blog"
+ },
+ {
+ "url": "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/WinDyAlphA/CVE-2015-9235_JWT_key_confusion",
+ "title": "PoC"
+ },
+ {
+ "url": "https://www.timmclean.net/2015/02/25/jwt-alg-none.html",
+ "title": "Tim McLean Blog"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "critical",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "cvssV3BaseScore": 9.8,
+ "modificationTime": "2022-01-03T17:48:53.018995Z"
+ }
+ ],
+ "description": "## Overview\r\n[`jsonwebtoken`](https://www.npmjs.com/package/jsonwebtoken) is a JSON Web token implementation for symmetric and asymmetric keys.\r\nAffected versions of this package are vulnerable to an Authentication Bypass attack, due to the \"algorithm\" not being enforced. Attackers are given the opportunity to choose the algorithm sent to the server and generate signatures with arbitrary contents. The server expects an asymmetric key (RSA) but is sent a symmetric key (HMAC-SHA) with RSA's public key, so instead of going through a key validation process, the server will think the public key is actually an HMAC private key.\r\n\r\n## Remediation\r\nUpgrade `jsonwebtoken` to version 4.2.2 or greater.\r\n\r\n## References\r\n- [GitHub Commit](https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687)\r\n- [Tim McLean Blog](https://www.timmclean.net/2015/02/25/jwt-alg-none.html)\r\n- [Auth0 Blog](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/)",
+ "epssDetails": {
+ "percentile": "0.75071",
+ "probability": "0.00559",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2015-9235"
+ ],
+ "CWE": [
+ "CWE-592"
+ ],
+ "NSP": [
+ "17"
+ ],
+ "GHSA": [
+ "GHSA-c7hr-j4mj-j2w6"
+ ],
+ "ALTERNATIVE": [
+ "SNYK-JS-JSONWEBTOKEN-10037"
+ ]
+ },
+ "packageName": "jsonwebtoken",
+ "proprietary": false,
+ "creationTime": "2015-03-31T16:00:00Z",
+ "functions_new": [],
+ "alternativeIds": [
+ "SNYK-JS-JSONWEBTOKEN-10037"
+ ],
+ "disclosureTime": "2015-03-31T16:00:00Z",
+ "packageManager": "npm",
+ "publicationTime": "2015-03-31T16:00:00Z",
+ "modificationTime": "2023-09-29T09:15:01.983455Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "high",
+ "from": [
+ "juice-shop@15.3.0",
+ "jsonwebtoken@0.4.0"
+ ],
+ "upgradePath": [
+ false,
+ "jsonwebtoken@5.0.0"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "jsonwebtoken",
+ "version": "0.4.0"
+ },
+ {
+ "id": "SNYK-JS-SANITIZEHTML-1070780",
+ "title": "Validation Bypass",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P",
+ "credit": [
+ "Ron Masas",
+ "Checkmarx"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<2.3.2"
+ ]
+ },
+ "exploit": "Proof of Concept",
+ "fixedIn": [
+ "2.3.2"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 6.5,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "sanitize-html",
+ "references": [
+ {
+ "url": "https://github.com/apostrophecms/sanitize-html/commit/6012524e7824a2c8f6782b2bc5f93b1261723403",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/apostrophecms/sanitize-html/pull/460",
+ "title": "GitHub PR"
+ },
+ {
+ "url": "https://advisory.checkmarx.net/advisory/CX-2021-4309",
+ "title": "POC: Potential Exploit"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2022-01-03T16:36:59.234021Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T09:37:50.578095Z"
+ }
+ ],
+ "description": "## Overview\n[sanitize-html](https://github.com/punkave/sanitize-html) is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis\n\nAffected versions of this package are vulnerable to Validation Bypass. There is no proper validation of the hostnames set by the `allowedIframeHostnames` option when the `allowIframeRelativeUrls` is set to `true`. This allows attackers to bypass the hostname whitelist for the iframe element.\n## Details\n\nA cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.\n\nThis is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.\n\nInjecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.\n\nEscaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, `<` can be coded as `<`; and `>` can be coded as `>`; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses `<` and `>` as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.\n \nThe most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware. \n\n### Types of attacks\nThere are a few methods by which XSS can be manipulated:\n\n|Type|Origin|Description|\n|--|--|--|\n|**Stored**|Server|The malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.|\n|**Reflected**|Server|The attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.| \n|**DOM-based**|Client|The attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.|\n|**Mutated**| |The attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.|\n\n### Affected environments\nThe following environments are susceptible to an XSS attack:\n\n* Web servers\n* Application servers\n* Web application environments\n\n### How to prevent\nThis section describes the top best practices designed to specifically protect your code: \n\n* Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches. \n* Convert special characters such as `?`, `&`, `/`, `<`, `>` and spaces to their respective HTML or URL encoded equivalents. \n* Give users the option to disable client-side scripts.\n* Redirect invalid requests.\n* Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.\n* Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.\n* Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.\n\n## Remediation\nUpgrade `sanitize-html` to version 2.3.2 or higher.\n## References\n- [GitHub Commit](https://github.com/apostrophecms/sanitize-html/commit/6012524e7824a2c8f6782b2bc5f93b1261723403)\n- [GitHub PR](https://github.com/apostrophecms/sanitize-html/pull/460)\n- [POC: Potential Exploit](https://advisory.checkmarx.net/advisory/CX-2021-4309)\n",
+ "epssDetails": {
+ "percentile": "0.48819",
+ "probability": "0.00137",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2021-26540"
+ ],
+ "CWE": [
+ "CWE-20"
+ ],
+ "GHSA": [
+ "GHSA-mjxr-4v3x-q3m4"
+ ]
+ },
+ "packageName": "sanitize-html",
+ "proprietary": false,
+ "creationTime": "2021-02-09T08:21:52.232749Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2021-02-09T08:07:33Z",
+ "packageManager": "npm",
+ "publicationTime": "2021-02-09T16:34:45.881363Z",
+ "modificationTime": "2023-11-08T09:37:50.578095Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "sanitize-html@1.4.2"
+ ],
+ "upgradePath": [
+ false,
+ "sanitize-html@2.3.2"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "sanitize-html",
+ "version": "1.4.2"
+ },
+ {
+ "id": "SNYK-JS-SANITIZEHTML-1070786",
+ "title": "Access Restriction Bypass",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "credit": [
+ "Ron Masas",
+ "Checkmarx"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<2.3.1"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "2.3.1"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 6.5,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "sanitize-html",
+ "references": [
+ {
+ "url": "https://github.com/apostrophecms/sanitize-html/pull/458",
+ "title": "GitHub PR"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2022-04-27T01:10:36.338203Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T09:37:50.738101Z"
+ }
+ ],
+ "description": "## Overview\n[sanitize-html](https://github.com/punkave/sanitize-html) is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis\n\nAffected versions of this package are vulnerable to Access Restriction Bypass. Internationalized domain name (IDN) is not properly handled. This allows attackers to bypass hostname whitelist validation set by the `allowedIframeHostnames` option.\n## Remediation\nUpgrade `sanitize-html` to version 2.3.1 or higher.\n## References\n- [GitHub PR](https://github.com/apostrophecms/sanitize-html/pull/458)\n",
+ "epssDetails": {
+ "percentile": "0.48819",
+ "probability": "0.00137",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2021-26539"
+ ],
+ "CWE": [
+ "CWE-20"
+ ],
+ "GHSA": [
+ "GHSA-rjqq-98f6-6j3r"
+ ]
+ },
+ "packageName": "sanitize-html",
+ "proprietary": false,
+ "creationTime": "2021-02-09T08:37:16.368073Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2021-02-09T08:21:55Z",
+ "packageManager": "npm",
+ "publicationTime": "2021-02-09T16:34:49Z",
+ "modificationTime": "2023-11-08T09:37:50.738101Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "sanitize-html@1.4.2"
+ ],
+ "upgradePath": [
+ false,
+ "sanitize-html@2.3.1"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "sanitize-html",
+ "version": "1.4.2"
+ },
+ {
+ "id": "SNYK-JS-SANITIZEHTML-2957526",
+ "title": "Regular Expression Denial of Service (ReDoS)",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "credit": [
+ "Nariyoshi Chida of NTT Security Japan"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<2.7.1"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "2.7.1"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 5.3,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "sanitize-html",
+ "references": [
+ {
+ "url": "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/apostrophecms/sanitize-html/pull/557",
+ "title": "GitHub PR"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "high",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "cvssV3BaseScore": 7.5,
+ "modificationTime": "2022-09-02T01:11:51.670814Z"
+ },
+ {
+ "assigner": "Red Hat",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "cvssV3BaseScore": 5.3,
+ "modificationTime": "2023-11-08T09:37:50.786715Z"
+ }
+ ],
+ "description": "## Overview\n[sanitize-html](https://github.com/punkave/sanitize-html) is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis\n\nAffected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.\n\n## Details\n\nDenial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.\n\nThe Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.\n\nLet’s take the following regular expression as an example:\n```js\nregex = /A(B|C+)+D/\n```\n\nThis regular expression accomplishes the following:\n- `A` The string must start with the letter 'A'\n- `(B|C+)+` The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the `+` matches one or more times). The `+` at the end of this section states that we can look for one or more matches of this section.\n- `D` Finally, we ensure this section of the string ends with a 'D'\n\nThe expression would match inputs such as `ABBD`, `ABCCCCD`, `ABCBCCCD` and `ACCCCCD`\n\nIt most cases, it doesn't take very long for a regex engine to find a match:\n\n```bash\n$ time node -e '/A(B|C+)+D/.test(\"ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD\")'\n0.04s user 0.01s system 95% cpu 0.052 total\n\n$ time node -e '/A(B|C+)+D/.test(\"ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX\")'\n1.79s user 0.02s system 99% cpu 1.812 total\n```\n\nThe entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.\n\nMost Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as _catastrophic backtracking_.\n\nLet's look at how our expression runs into this problem, using a shorter string: \"ACCCX\". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:\n1. CCC\n2. CC+C\n3. C+CC\n4. C+C+C.\n\nThe engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use [RegEx 101 debugger](https://regex101.com/debugger) to see the engine has to take a total of 38 steps before it can determine the string doesn't match.\n\nFrom there, the number of steps the engine must use to validate a string just continues to grow.\n\n| String | Number of C's | Number of steps |\n| -------|-------------:| -----:|\n| ACCCX | 3 | 38\n| ACCCCX | 4 | 71\n| ACCCCCX | 5 | 136\n| ACCCCCCCCCCCCCCX | 14 | 65,553\n\n\nBy the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.\n\n## Remediation\nUpgrade `sanitize-html` to version 2.7.1 or higher.\n## References\n- [GitHub Commit](https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c)\n- [GitHub PR](https://github.com/apostrophecms/sanitize-html/pull/557)\n",
+ "epssDetails": {
+ "percentile": "0.44428",
+ "probability": "0.00112",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2022-25887"
+ ],
+ "CWE": [
+ "CWE-1333"
+ ]
+ },
+ "packageName": "sanitize-html",
+ "proprietary": true,
+ "creationTime": "2022-07-21T08:00:56.827849Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2022-07-21T07:37:40Z",
+ "packageManager": "npm",
+ "publicationTime": "2022-08-29T13:28:12.439235Z",
+ "modificationTime": "2023-11-08T09:37:50.786715Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "sanitize-html@1.4.2"
+ ],
+ "upgradePath": [
+ false,
+ "sanitize-html@2.7.1"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "sanitize-html",
+ "version": "1.4.2"
+ },
+ {
+ "id": "SNYK-JS-SANITIZEHTML-585892",
+ "title": "Arbitrary Code Execution",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
+ "credit": [
+ "mikesamuel"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<2.0.0-beta"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "2.0.0-beta"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "critical",
+ "cvssScore": 9.4,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "sanitize-html",
+ "references": [
+ {
+ "url": "https://github.com/apostrophecms/sanitize-html/pull/156",
+ "title": "GitHub PR"
+ }
+ ],
+ "cvssDetails": [],
+ "description": "## Overview\n[sanitize-html](https://github.com/punkave/sanitize-html) is a library that allows you to clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis\n\nAffected versions of this package are vulnerable to Arbitrary Code Execution. Tag transformations which turn an attribute value into a text node using `transformTags` could be vulnerable to code execution.\n## Remediation\nUpgrade `sanitize-html` to version 2.0.0-beta or higher.\n## References\n- [GitHub PR](https://github.com/apostrophecms/sanitize-html/pull/156)\n",
+ "epssDetails": null,
+ "identifiers": {
+ "CVE": [],
+ "CWE": [
+ "CWE-94"
+ ]
+ },
+ "packageName": "sanitize-html",
+ "proprietary": false,
+ "creationTime": "2020-07-17T15:02:43.082824Z",
+ "functions_new": [],
+ "alternativeIds": [],
+ "disclosureTime": "2020-09-07T09:46:18Z",
+ "packageManager": "npm",
+ "publicationTime": "2020-09-07T09:46:10Z",
+ "modificationTime": "2020-09-07T15:37:06.961614Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "critical",
+ "from": [
+ "juice-shop@15.3.0",
+ "sanitize-html@1.4.2"
+ ],
+ "upgradePath": [
+ false,
+ "sanitize-html@2.0.0"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "sanitize-html",
+ "version": "1.4.2"
+ },
+ {
+ "id": "npm:sanitize-html:20141024",
+ "title": "Cross-site Scripting (XSS)",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
+ "credit": [
+ "Unknown"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<1.4.3"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [
+ "1.4.3"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 4.3,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "sanitize-html",
+ "references": [
+ {
+ "url": "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json",
+ "title": "CVE"
+ },
+ {
+ "url": "https://github.com/punkave/sanitize-html/issues/29",
+ "title": "GitHub Issue"
+ },
+ {
+ "url": "https://nodesecurity.io/advisories/135",
+ "title": "Node Security Advisories"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+ "cvssV3BaseScore": 6.1,
+ "modificationTime": "2022-01-03T17:40:52.414772Z"
+ }
+ ],
+ "description": "## Overview\r\n\r\nSince the sanitize-html module trusts 'text' coming from htmlparser2, and outputs it without further escaping (because htmlparser2 does not decode entities in text before delivering it), this results in an XSS attack vector if sanitize-html ignores the img tag (according to user-configured filter rules) but passes the text intact, as it must do to keep any text in documents.\r\n\r\n\r\n## References\r\n- https://github.com/punkave/sanitize-html/issues/29",
+ "epssDetails": {
+ "percentile": "0.47924",
+ "probability": "0.00132",
+ "modelVersion": "v2023.03.01"
+ },
+ "identifiers": {
+ "CVE": [
+ "CVE-2016-1000237"
+ ],
+ "CWE": [
+ "CWE-79"
+ ],
+ "GHSA": [
+ "GHSA-3j7m-hmh3-9jmp"
+ ],
+ "ALTERNATIVE": [
+ "SNYK-JS-SANITIZEHTML-10048"
+ ]
+ },
+ "packageName": "sanitize-html",
+ "proprietary": false,
+ "creationTime": "2015-11-06T02:09:36.180000Z",
+ "functions_new": [],
+ "alternativeIds": [
+ "SNYK-JS-SANITIZEHTML-10048"
+ ],
+ "disclosureTime": "2015-11-06T02:09:36Z",
+ "packageManager": "npm",
+ "publicationTime": "2015-11-06T02:09:36Z",
+ "modificationTime": "2022-01-03T17:40:52.414772Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "sanitize-html@1.4.2"
+ ],
+ "upgradePath": [
+ false,
+ "sanitize-html@1.4.3"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "sanitize-html",
+ "version": "1.4.2"
+ },
+ {
+ "id": "npm:sanitize-html:20160801",
+ "title": "Cross-site Scripting (XSS)",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
+ "credit": [
+ "Björn Kimminich"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<=1.4.2"
+ ]
+ },
+ "exploit": "Not Defined",
+ "fixedIn": [],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 4.7,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "sanitize-html",
+ "references": [
+ {
+ "url": "https://github.com/punkave/sanitize-html/commit/762fbc7bba389f3f789cc291c1eb2b64f60f2caf",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/punkave/sanitize-html/issues/29",
+ "title": "GitHub Issue"
+ }
+ ],
+ "cvssDetails": [],
+ "description": "## Overview\nSanitization of HTML strings is not applied recursively to input, allowing an attacker to potentially inject script and other markup.\n\nSource: _Node Security Project_\n\n## Details\nA cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.\r\n\r\nThis is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.\r\n\r\nֿInjecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.\r\n\r\nEscaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, `<` can be coded as `<`; and `>` can be coded as `>`; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses `<` and `>` as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.\r\n \r\nThe most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware. \r\n\r\n### Types of attacks\r\nThere are a few methods by which XSS can be manipulated:\r\n\r\n|Type|Origin|Description|\r\n|--|--|--|\r\n|**Stored**|Server|The malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.|\r\n|**Reflected**|Server|The attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.| \r\n|**DOM-based**|Client|The attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.|\r\n|**Mutated**| |The attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.|\r\n\r\n### Affected environments\r\nThe following environments are susceptible to an XSS attack:\r\n\r\n* Web servers\r\n* Application servers\r\n* Web application environments\r\n\r\n### How to prevent\r\nThis section describes the top best practices designed to specifically protect your code: \r\n\r\n* Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches. \r\n* Convert special characters such as `?`, `&`, `/`, `<`, `>` and spaces to their respective HTML or URL encoded equivalents. \r\n* Give users the option to disable client-side scripts.\r\n* Redirect invalid requests.\r\n* Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.\r\n* Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.\r\n* Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.\n\n\n## Remediation\nUpgrade `sanitize-html` to `1.4.3` or later\n\n## References\n- https://github.com/punkave/sanitize-html/issues/29\n- https://github.com/punkave/sanitize-html/commit/762fbc7bba389f3f789cc291c1eb2b64f60f2caf\n\n",
+ "epssDetails": null,
+ "identifiers": {
+ "CVE": [],
+ "CWE": [
+ "CWE-79"
+ ],
+ "NSP": [
+ "135"
+ ],
+ "ALTERNATIVE": [
+ "SNYK-JS-SANITIZEHTML-10127"
+ ]
+ },
+ "packageName": "sanitize-html",
+ "proprietary": false,
+ "creationTime": "2016-08-02T08:28:08.097000Z",
+ "functions_new": [],
+ "alternativeIds": [
+ "SNYK-JS-SANITIZEHTML-10127"
+ ],
+ "disclosureTime": "2016-08-01T18:02:31Z",
+ "packageManager": "npm",
+ "publicationTime": "2016-08-01T18:02:31Z",
+ "modificationTime": "2020-12-14T14:41:17.951016Z",
+ "socialTrendAlert": false,
+ "severityWithCritical": "medium",
+ "from": [
+ "juice-shop@15.3.0",
+ "sanitize-html@1.4.2"
+ ],
+ "upgradePath": [
+ false,
+ "sanitize-html@1.4.3"
+ ],
+ "isUpgradable": true,
+ "isPatchable": false,
+ "name": "sanitize-html",
+ "version": "1.4.2"
+ },
+ {
+ "id": "npm:sanitize-html:20161026",
+ "title": "Cross-site Scripting (XSS)",
+ "CVSSv3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C",
+ "credit": [
+ "Andrew Krasichkov"
+ ],
+ "semver": {
+ "vulnerable": [
+ "<1.11.4"
+ ]
+ },
+ "exploit": "Functional",
+ "fixedIn": [
+ "1.11.4"
+ ],
+ "patches": [],
+ "insights": {
+ "triageAdvice": null
+ },
+ "language": "js",
+ "severity": "medium",
+ "cvssScore": 5.4,
+ "functions": [],
+ "malicious": false,
+ "isDisputed": false,
+ "moduleName": "sanitize-html",
+ "references": [
+ {
+ "url": "https://github.com/punkave/sanitize-html/commit/5d205a1005ba0df80e21d8c64a15bb3accdb2403",
+ "title": "GitHub Commit"
+ },
+ {
+ "url": "https://github.com/punkave/sanitize-html/issues/100",
+ "title": "GitHub Issue"
+ }
+ ],
+ "cvssDetails": [
+ {
+ "assigner": "NVD",
+ "severity": "medium",
+ "cvssV3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+ "cvssV3BaseScore": 6.1,
+ "modificationTime": "2022-01-03T16:21:19.197646Z"
+ }
+ ],
+ "description": "## Overview\n[`sanitize-html`](https://www.npmjs.com/package/sanitize-html) is a library for scrubbing html input of malicious values.\n\nAffected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. If at least one `nonTextTags` tag is allowed, a malicious user may potentially conduct an XSS attack.\n\n**PoC:**\n```js\nvar sanitizeHtml = require('sanitize-html');\n\nvar dirty = '!!';\nvar clean = sanitizeHtml(dirty, {\n allowedTags: [ 'textarea' ]\n});\n\nconsole.log(clean);\n\n// !