CodeGuru
Detector Library
JavaScript detectors (78/78)
Improper access controlSensitive data stored unencrypted due to partial encryptionPseudorandom number generatorsOS command injectionURL redirection to untrusted siteInteger overflowProtection mechanism failureNon-literal regular expressionTainted input for Docker APIUsage of an API that is not recommendedXML external entityServer-side request forgeryNew function detectedStack trace exposureTiming attackSNS don't bind subscribe and publishInvoke super appropriatelyNoSQL injectionHardcoded credentialsInsecure cookieCross-site scriptingHardcoded IP addressAWS credentials loggedXPath injectionData loss in a batch requestPath traversalLeast privilege violationDNS prefetchingResource leakInsufficiently protected credentialsFile extension validationInsecure connection using unencrypted protocolCross-site request forgeryTypeof expressionSet SNS Return Subscription ARNFile and directory information exposureMissing Amazon S3 bucket owner conditionInsecure hashingNumeric truncation errorClient-side KMS reencryptionAWS client not reused in a Lambda functionLDAP injectionBatch request with unchecked failuresCryptographic key generatorUnauthenticated Amazon SNS unsubscribe requests might succeedUnverified hostnameOrigins-verified cross-origin communicationsLoose file permissionsUnsanitized input is run as codeMissing paginationUntrusted Amazon Machine ImagesImproper certificate validationInsecure CORS policyDeserialization of untrusted objectSensitive information leakCheck failed records when using kinesisWeak obfuscation of web requestsCatch and swallow exceptionLogging of sensitive informationLimit request lengthString passed to `setInterval` or `setTimeout`Log injectionOverride of reserved variable names in a Lambda functionImproper restriction of rendered UI layers or framesInsecure cryptographyInsecure object attribute modificationSession fixationAvoid nan in comparisonImproper input validationDisabled HTML autoescapeUse of a deprecated methodUnvalidated expansion of archive filesFile injectionSendfile injectionSQL injectionHeader injectionInsecure temporary file or directoryInefficient polling of AWS resource
Tag: owasp-top10
Improper access control
The software does not restrict or incorrectly restrict access to a resource from an unauthorized actor.
Sensitive data stored unencrypted due to partial encryption
Encryption that is dependent on conditional logic, such as an
if...then clause, might cause unencrypted sensitive data to be stored.Pseudorandom number generators
Using pseudorandom number generators (PRNGs) is security-sensitive.
OS command injection
Constructing operating system or shell commands with unsanitized user input can lead to inadvertently running malicious code.
URL redirection to untrusted site
User-controlled input that specifies a link to an external site could lead to phishing attacks and allow user credentials to be stolen.
Tainted input for Docker API
Passing an unsanitized user argument to a function call makes your code insecure.
XML external entity
Objects that parse or handle XML can lead to XML external entity (XXE) attacks when they are misconfigured.
Server-side request forgery
Insufficient sanitization of potentially untrusted URLs on the server side can allow server requests to unwanted destinations.
New function detected
Use of
new Function() can be dangerous if used to evaluate dynamic content.Stack trace exposure
Stack traces can be hard to use for debugging.
Hardcoded credentials
Hardcoded credentials can be intercepted by malicious actors.
Insecure cookie
Insecure cookies can lead to unencrypted transmission of sensitive data.
Cross-site scripting
Relying on potentially untrusted user inputs when constructing web application outputs can lead to cross-site scripting vulnerabilities.
AWS credentials logged
Logging unencrypted AWS credentials can expose them to an attacker.
XPath injection
Potentially unsanitized user input in XPath queries can allow an attacker to control the query in unwanted or insecure ways.
Path traversal
Creating file paths from untrusted input might give a malicious actor access to sensitive files.
Resource leak
Allocated resources are not released properly.
Insufficiently protected credentials
An object attribute constructed from a user-provided input should not be passed directly to a method.
Insecure connection using unencrypted protocol
Connections that use insecure protocols transmit data in cleartext, which can leak sensitive information.
Cross-site request forgery
Insecure configuration can lead to a cross-site request forgery (CRSF) vulnerability.
File and directory information exposure
Allowing hidden files while serving files from a given root directory can cause information leakage.
Insecure hashing
Obsolete, broken, or weak hashing algorithms can lead to security vulnerabilities.
Client-side KMS reencryption
Client-side decryption followed by encryption is inefficient and can lead to sensitive data leaks.
LDAP injection
LDAP queries that rely on potentially untrusted inputs can allow attackers to read or modify sensitive data, run code, and perform other unwanted actions.
Cryptographic key generator
Insufficient key sizes can lead to brute force attacks.
Unverified hostname
Unverified hostnames lead to security vulnerabilities.
Origins-verified cross-origin communications
Unverified origins of messages and identities in cross-origin communications can lead to security vulnerabilities.
Loose file permissions
Weak file permissions can lead to privilege escalation.
Unsanitized input is run as code
Scripts generated from unsanitized inputs can lead to malicious behavior and inadvertently running code remotely.
Improper certificate validation
Lack of validation of a security certificate can lead to host impersonation and sensitive data leaks.
Insecure CORS policy
Cross-origin resource sharing policies that are too permissive could lead to security vulnerabilities.
Deserialization of untrusted object
Deserialization of untrusted objects can lead to security vulnerabilities such as, inadvertently running remote code.
Sensitive information leak
Exposure of sensitive information can lead to an unauthorized actor having access to the information.
Weak obfuscation of web requests
Weak obfuscation of web requests makes your application vulnerable.
Logging of sensitive information
The logging of sensitive information can expose the information to potential attackers.
Limit request length
Significant content length can lead to denial of service.
Log injection
Using untrusted inputs in a log statement can enable attackers to break the log's format, forge log entries, and bypass log monitors.
Improper restriction of rendered UI layers or frames
The application incorrectly restricts frame objects or UI layers that belong to another application or domain.
Insecure cryptography
Weak, broken, or misconfigured cryptography can lead to security vulnerabilities.
Insecure object attribute modification
Updating object attributes obtained from external sources is security sensitive.
Session fixation
Session fixation might allow an attacker to steal authenticated session IDs.
Improper input validation
Improper input validation can enable attacks and lead to unwanted behavior.
Disabled HTML autoescape
Disabling the HTML autoescape mechanism exposes your web applications to attacks.
Unvalidated expansion of archive files
Expanding unverified archive files without controlling the size of the expanded data can lead to zip bomb attacks.
File injection
Writing unsanitized user data to a file is unsafe.
Sendfile injection
The software allows user input to control or influence paths or file names that are used in file system operations.
SQL injection
The use of untrusted inputs in a SQL database query can enable attackers to read, modify, or delete sensitive data in the database.
Header injection
Constructing HTTP response headers from user-controlled data is unsafe.
Insecure temporary file or directory
Insecure ways of creating temporary files and directories can lead to race conditions, privilege escalation, and other security vulnerabilities.