| ANDROID.LIFECYCLE.SV.FRAGMENTINJ
|
Unvalidated fragment class name |
1 |
True |
Yes |
| ANDROID.LIFECYCLE.SV.GETEXTRA
|
Unvalidated external data |
3 |
True |
Yes |
| ANDROID.NPE
|
Dereference of a null value in an Android application |
4 |
True |
Yes |
| ANDROID.RLK.MEDIAPLAYER
|
Media player is not released on exit |
1 |
True |
Yes |
| ANDROID.RLK.MEDIARECORDER
|
Media recorder is not released on exit |
1 |
True |
Yes |
| ANDROID.RLK.SQLCON
|
Sql connection is not closed on exit |
1 |
True |
Yes |
| ANDROID.RLK.SQLOBJ
|
Sql object is not closed on exit |
1 |
True |
Yes |
| ANDROID.UF.BITMAP
|
Usage of recycled bitmap |
2 |
True |
Yes |
| ANDROID.UF.CAMERA
|
Usage of released camera |
2 |
True |
Yes |
| ANDROID.UF.MEDIAPLAYER
|
Usage of released media player |
2 |
True |
Yes |
| ANDROID.UF.MEDIARECORDER
|
Usage of released media recorder |
2 |
True |
Yes |
| CMP.CLASS
|
Comparing by classname |
4 |
False |
No |
| CMPF.FLOAT
|
Equality checks on floating point types should be avoided |
4 |
True |
No |
| CMP.OBJ
|
Comparing objects with == |
4 |
True |
No |
| CMP.STR
|
Comparing strings with == |
4 |
True |
No |
| COV.CMP
|
Method compareTo() should have signature 'public int compareTo(Object)' |
4 |
True |
No |
| ECC.EMPTY
|
Empty catch clause |
4 |
True |
No |
| EHC.EQ
|
Class defines hashCode() but does not define equals() |
4 |
True |
No |
| EHC.HASH
|
Class defines equals() but does not define hashCode() |
4 |
True |
No |
| ESCMP.EMPTYSTR
|
Inefficient empty string comparison |
4 |
True |
No |
| EXC.BROADTHROWS
|
Method has an overly broad throws declaration |
4 |
True |
No |
| FIN.EMPTY
|
Empty finalize() method should be removed |
3 |
True |
No |
| FIN.NOSUPER
|
Implementation of the finalize() method should call super.finalize() |
3 |
True |
No |
| FSC.PRT
|
Class and its superclass have protected fields with the same name |
4 |
False |
No |
| FSC.PRV
|
Class and its superclass have private fields with the same name |
4 |
False |
No |
| FSC.PUB
|
Class and its superclass have public fields with the same name |
4 |
False |
No |
| JAVA.SV.EMAIL.HOST
|
Sending e-mails to Host without validation. |
3 |
True |
Yes |
| JAVA.SV.XML.INVALID
|
XML is not validated before being unmarshalled to a Java object |
2 |
True |
Yes |
| JD.BITCMP
|
Using non short-circuit logic in expression |
3 |
True |
No |
| JD.BITMASK
|
Possible error in bit operations |
3 |
True |
No |
| JD.BITR
|
Redundant expression |
3 |
True |
No |
| JD.CALL.WRONGSTATIC
|
Call to static method via instance reference |
4 |
True |
No |
| JD.CAST.COL.MIGHT
|
Possible ClassCastException for collection |
4 |
False |
No |
| JD.CAST.COL.MUST
|
ClassCastException for collection |
4 |
True |
No |
| JD.CAST.DOWNCAST
|
Possible ClassCastException for subtypes |
4 |
True |
No |
| JD.CAST.KEY
|
Suspicious key type used to retrieve an element from collection |
4 |
True |
No |
| JD.CAST.SUSP.MIGHT
|
Possible ClassCastException for different types |
4 |
True |
No |
| JD.CAST.SUSP.MUST
|
ClassCastException for different types |
4 |
True |
No |
| JD.CAST.UPCAST
|
Possible ClassCastException for subtypes |
4 |
True |
No |
| JD.CATCH
|
Catching runtime exception |
4 |
True |
No |
| JD.CONCUR
|
Possible ConcurrentModificationException |
3 |
True |
No |
| JD.EQ.ARR
|
Calling 'equals' on array |
4 |
True |
No |
| JD.EQ.UTA
|
Calling 'equals' on incompatible types (array and non-array) |
4 |
True |
No |
| JD.EQ.UTC
|
Calling equals on incompatible types |
4 |
True |
No |
| JD.FINRET
|
Return inside finally |
4 |
True |
No |
| JD.IFBAD
|
Redundant 'if' statement |
3 |
True |
No |
| JD.IFEMPTY
|
Redundant 'if' statement. Unfinished code |
3 |
True |
No |
| JD.INF.ALLOC
|
Allocation within infinite loop |
4 |
True |
No |
| JD.INF.AREC
|
Apparent infinite recursion |
4 |
True |
No |
| JD.INST.TRUE
|
Redundant 'instanceof' condition |
4 |
True |
No |
| JD.LIST.ADD
|
Container added to itself |
4 |
True |
No |
| JD.LOCK
|
Lock without unlock |
2 |
True |
Yes |
| JD.LOCK.NOTIFY
|
Method 'notify' called with locks held |
4 |
True |
No |
| JD.LOCK.SLEEP
|
Method 'sleep' called with locks held |
4 |
True |
No |
| JD.LOCK.WAIT
|
Method 'wait' called with locks held |
4 |
True |
No |
| JD.METHOD.CBS
|
Method can be static |
4 |
False |
No |
| JD.NEXT
|
Possible 'NoSuchElementException' |
4 |
True |
Yes |
| JD.OVER
|
Mismatched override |
4 |
True |
No |
| JD.RC.EXPR.CHECK
|
Test expression is always true |
4 |
True |
No |
| JD.RC.EXPR.DEAD
|
Redundant check causing dead code |
4 |
False |
No |
| JD.ST.POS
|
Incorrect check for method 'indexOf' |
4 |
True |
No |
| JD.SYNC.DCL
|
Double-checked locking |
4 |
True |
No |
| JD.SYNC.IN
|
Inconsistent synchronization |
4 |
True |
No |
| JD.THREAD.RUN
|
Explicit call to a 'Thread.run' method |
4 |
True |
No |
| JD.UMC.FINALIZE
|
Explicit call to method 'Object.finalize' |
3 |
True |
No |
| JD.UMC.RUNFIN
|
runFinalizersOnExit() is called |
3 |
True |
No |
| JD.UMC.WAIT
|
Wait called on incorrect object |
4 |
True |
No |
| JD.UNCAUGHT
|
Uncaught exception |
4 |
True |
No |
| JD.UN.MET
|
Unused non-private method |
4 |
False |
No |
| JD.UNMOD
|
Modification of unmodifiable collection |
2 |
True |
Yes |
| JD.UN.PMET
|
Unused private method |
3 |
True |
No |
| JD.VNU
|
Variable was never read after being assigned |
4 |
True |
No |
| JD.VNU.NULL
|
Variable was never read after null being assigned |
4 |
True |
No |
| MNA.CAP
|
Method name should start with non-capital letter |
4 |
True |
No |
| MNA.CNS
|
Method name is same as constructor name but it is not a constructor |
4 |
True |
No |
| MNA.SUS
|
Suspicious method name |
4 |
True |
No |
| NPE.COND
|
Null pointer dereference where null comes from condition |
1 |
True |
Yes |
| NPE.CONST
|
Null pointer dereference where null comes from constant |
1 |
True |
Yes |
| NPE.RET
|
Dereference of a null value which is returned from a method |
1 |
True |
Yes |
| NPE.RET.UTIL
|
Dereference of a null value which is returned from a map or a collection |
1 |
True |
Yes |
| NPE.STAT
|
Null pointer dereference of a return value (statistical) |
4 |
False |
Yes |
| REDUN.DEF
|
Assignment of expression to itself |
4 |
True |
No |
| REDUN.EQ
|
Suspicious equals() called with same expression on both sides |
4 |
True |
No |
| REDUN.EQNULL
|
Suspicious equals() called with expression and null (never true) |
4 |
True |
No |
| REDUN.FINAL
|
Redundant 'final' modifier |
4 |
True |
No |
| REDUN.NULL
|
Usage of variable instead of null constant |
4 |
True |
No |
| REDUN.OP
|
Suspicious operation with same expression on both sides |
4 |
True |
No |
| RI.IGNOREDCALL
|
The value returned by a method called on immutable object is ignored |
4 |
True |
No |
| RI.IGNOREDNEW
|
Newly created object is ignored |
4 |
True |
No |
| RLK.AWT
|
AWT object is not disposed on exit |
1 |
True |
Yes |
| RLK.FIELD
|
Possible leak of system resource stored in a field |
4 |
True |
No |
| RLK.HIBERNATE
|
Hibernate object is not closed on exit |
1 |
True |
Yes |
| RLK.IMAGEIO
|
ImageIO stream is not closed on exit |
1 |
True |
Yes |
| RLK.IN
|
Input stream is not closed on exit |
1 |
True |
Yes |
| RLK.JNDI
|
JNDI context is not closed on exit |
1 |
True |
Yes |
| RLK.JPA
|
{3} object is not closed on exit. |
1 |
True |
Yes |
| RLK.MAIL
|
Java mail object is not closed on exit |
1 |
True |
Yes |
| RLK.MICRO
|
Java Microedition connection is not closed on exit |
1 |
True |
Yes |
| RLK.NIO
|
NIO object is not closed on exit |
1 |
True |
Yes |
| RLK.OUT
|
Output stream is not closed on exit |
1 |
True |
Yes |
| RLK.SOCK
|
Socket is not closed on exit |
1 |
True |
Yes |
| RLK.SQLCON
|
Sql connection is not closed on exit |
1 |
True |
Yes |
| RLK.SQLOBJ
|
Sql object is not closed on exit |
1 |
True |
Yes |
| RLK.SWT
|
SWT object is not disposed on exit |
1 |
True |
Yes |
| RLK.ZIP
|
Zip file is not closed on exit |
1 |
True |
Yes |
| RNU.THIS
|
Compare this and null but this cannot be null |
4 |
True |
No |
| RR.IGNORED
|
The returned value is ignored |
4 |
True |
No |
| RTC.CALL
|
Type cast is redundant |
4 |
True |
No |
| SPRING.AUTHC.ABSENT
|
No configuration for a critical resource |
2 |
False |
No |
| SPRING.AUTHC.MISSING
|
Missing authentication for critical function |
2 |
True |
No |
| SPRING.AUTHZ.ABSENT
|
No configuration for protected resource |
2 |
False |
No |
| SPRING.AUTHZ.MISSING
|
Missing Authorization |
2 |
True |
No |
| STRCON.LOOP
|
Using append for string in a loop |
4 |
True |
No |
| SV.AUTH.BYPASS.MIGHT
|
Incorrect Authentication |
2 |
True |
Yes |
| SV.AUTH.BYPASS.MUST
|
Incorrect Authentication |
2 |
True |
Yes |
| SV.AUTH.HASH.MIGHT
|
Use of weak cryptographic algorithm |
3 |
True |
Yes |
| SV.AUTH.HASH.MUST
|
Use of weak cryptographic algorithm |
3 |
True |
Yes |
| SV.CERT.INVALID
|
Certificate must be validated by constructing certification path. |
1 |
True |
Yes |
| SV.CLASSDEF.INJ
|
Runtime Class Definition Injection |
2 |
True |
Yes |
| SV.CLASSLOADER.INJ
|
Class Loader URL Injection |
2 |
True |
Yes |
| SV.CLEXT.CLLOADER
|
Class extends 'java.lang.ClassLoader' |
4 |
False |
No |
| SV.CLEXT.POLICY
|
Class extends 'java.security.Policy' |
4 |
False |
No |
| SV.CLLOADER
|
Direct use of Classloader |
4 |
False |
No |
| SV.CLONE.SUP
|
Class implements 'clone' method but does not implement Cloneable |
4 |
False |
No |
| SV.CSRF.GET
|
CSRF Token in GET request |
4 |
False |
Yes |
| SV.CSRF.ORIGIN
|
Request handler without an origin check |
4 |
False |
Yes |
| SV.CSRF.TOKEN
|
State changing request handler without a CSRF check |
4 |
False |
Yes |
| SV.DATA.BOUND
|
Untrusted Data leaks into trusted storage |
3 |
True |
Yes |
| SV.DATA.DB
|
Data injection |
2 |
True |
Yes |
| SV.DATA.FILE
|
A potentially harmful file could be uploaded and automatically processed |
4 |
True |
Yes |
| SV.DOS.ARRINDEX
|
Tainted index used for array access |
3 |
True |
Yes |
| SV.DOS.ARRSIZE
|
Tainted size used for array allocation |
3 |
True |
Yes |
| SV.DOS.TMPFILEDEL
|
Leaving temporary file for lifetime of JVM |
3 |
True |
Yes |
| SV.DOS.TMPFILEEXIT
|
Leaving temporary file |
3 |
True |
Yes |
| SV.ECV
|
Empty certificate validation |
4 |
False |
No |
| SV.ECV.TRUSTMANAGER
|
Unsafe implementation of the interface X509TrustManager. |
2 |
False |
No |
| SV.EMAIL
|
Unchecked e-mail |
2 |
True |
Yes |
| SV.EXEC
|
Process Injection |
2 |
True |
Yes |
| SV.EXEC.DIR
|
Process Injection. Working Directory |
2 |
True |
Yes |
| SV.EXEC.ENV
|
Process Injection. Environment Variables |
2 |
True |
Yes |
| SV.EXEC.LOCAL
|
Process Injection. Local Arguments |
3 |
True |
Yes |
| SV.EXEC.PATH
|
Untrusted Search Path |
4 |
True |
No |
| SV.EXPOSE.FIELD
|
Static field may be changed by malicious code |
4 |
False |
No |
| SV.EXPOSE.FIN
|
Method finalize() should have protected access modifier, not public |
4 |
False |
No |
| SV.EXPOSE.IFIELD
|
Instance field should be made final |
4 |
False |
No |
| SV.EXPOSE.MUTABLEFIELD
|
Static mutable field can be accessed by malicious code |
4 |
False |
No |
| SV.EXPOSE.RET
|
Internal representation may be exposed |
4 |
False |
No |
| SV.EXPOSE.STORE
|
Method stores reference to mutable object |
4 |
False |
No |
| SV.HASH.NO_SALT
|
Use of a one-way cryptographic hash without a salt |
3 |
True |
No |
| SV.HTTP_SPLIT
|
Http Response Splitting |
2 |
True |
Yes |
| SV.IL.DEV
|
Design information leakage |
3 |
True |
Yes |
| SV.IL.FILE
|
File Name Leaking |
3 |
True |
Yes |
| SV.IL.SESSION
|
Logging of session id |
3 |
True |
Yes |
| SV.IL.SESSION.CLIENT
|
HttpServletRequest.getRequestedSessionId method should not be used. |
4 |
True |
Yes |
| SV.INT_OVF
|
Tainted data may lead to Integer Overflow |
2 |
True |
Yes |
| SV.LDAP
|
Unvalidated user input is used as LDAP filter |
2 |
True |
Yes |
| SV.LDAP.ANON
|
Incorrect authentication |
4 |
True |
Yes |
| SV.LOADLIB.INJ
|
Untrusted call to 'loadLibrary' method |
4 |
True |
No |
| SV.LOG_FORGING
|
Log Forging |
3 |
True |
Yes |
| SV.PASSWD.HC
|
Hardcoded Password |
2 |
True |
Yes |
| SV.PASSWD.HC.EMPTY
|
Empty Password |
2 |
True |
Yes |
| SV.PASSWD.HC.MINLEN
|
Minimum 15 character length Hardcoded Password |
2 |
True |
Yes |
| SV.PASSWD.PLAIN
|
Plain-text Password |
2 |
True |
Yes |
| SV.PASSWD.PLAIN.HC
|
Plain-text Password |
2 |
True |
Yes |
| SV.PATH
|
Path and file name injection |
3 |
True |
Yes |
| SV.PATH.INJ
|
File injection |
3 |
True |
Yes |
| SV.PERMS.HOME
|
File created in user home directory, without setting permissions |
2 |
True |
Yes |
| SV.PERMS.WIDE
|
Too wide permissions |
4 |
True |
Yes |
| SV.PRIVILEGE.MISSING
|
Method invoked should not be inside doPrivileged block |
4 |
True |
No |
| SV.RANDOM
|
Use of insecure Random number generator |
4 |
True |
No |
| SV.SCRIPT
|
Script Execution |
2 |
True |
Yes |
| SV.SENSITIVE.DATA
|
Unencrypted sensitive data is written |
2 |
True |
Yes |
| SV.SENSITIVE.OBJ
|
Object with unencrypted sensitive data is stored |
2 |
True |
No |
| SV.SERIAL.INON
|
Interface extends 'Serializable' |
4 |
False |
No |
| SV.SERIAL.NOFINAL
|
Methods readObject() and writeObject() in serializable classes should be final |
4 |
False |
No |
| SV.SERIAL.NON
|
Class implements 'Serializable' |
4 |
False |
No |
| SV.SERIAL.NOREAD
|
Method readObject() should be defined for a serializable class |
4 |
False |
No |
| SV.SERIAL.NOWRITE
|
Method writeObject() should be defined for a serializable class |
4 |
False |
No |
| SV.SERIAL.OVERRIDE
|
Do not invoke overridable methods from the readObject() method |
4 |
True |
No |
| SV.SERIAL.SIG
|
Methods readObject() and writeObject() in serializable classes should have correct signature |
4 |
False |
No |
| SV.SESSION.FIXATION.COOKIE
|
Cookies should not be vulnerable to session fixation |
4 |
True |
Yes |
| SV.SHARED.VAR
|
Unsynchronized access to static variable from servlet |
4 |
True |
No |
| SV.SOCKETS
|
Bad practices: use of sockets |
4 |
False |
No |
| SV.SPRING.FIXATION
|
Session fixation protection is disabled |
2 |
True |
Yes |
| SV.SQL
|
Sql Injection |
2 |
True |
Yes |
| SV.SQL.DBSOURCE
|
Unchecked information from the database is used in SQL statements |
3 |
True |
Yes |
| SV.SSRF.URI
|
URI based on invalidated user input. |
4 |
True |
Yes |
| SV.STRBUF.CLEAN
|
String buffer not cleaned |
3 |
False |
Yes |
| SV.STRUTS.NOTRESET
|
Struts Forms: inconsistent reset |
4 |
False |
No |
| SV.STRUTS.NOTVALID
|
Struts Forms: inconsistent validate |
4 |
False |
No |
| SV.STRUTS.PRIVATE
|
Struts Forms: non-private fields |
4 |
False |
No |
| SV.STRUTS.RESETMET
|
Struts Forms: reset method |
4 |
False |
No |
| SV.STRUTS.STATIC
|
Struts Forms: static fields |
4 |
False |
No |
| SV.STRUTS.VALIDMET
|
Struts Forms: validate method |
4 |
False |
No |
| SV.STRUTS.VER
|
Usage of vulnerable Apache Struts version |
2 |
True |
No |
| SV.TAINT
|
Tainted data |
3 |
False |
Yes |
| SV.TAINT_NATIVE
|
Tainted data goes to native code |
3 |
True |
Yes |
| SV.TMPFILE
|
Temporary file path tampering |
3 |
True |
Yes |
| SV.UMC.EXIT
|
The System.exit() and Runtime.exit() method calls should not be used in servlets code |
4 |
False |
No |
| SV.UMC.JDBC
|
Application should avoid calling to DriverManager.getConnection() directly |
4 |
False |
No |
| SV.UMC.THREADS
|
Bad practices: use of thread management |
4 |
False |
No |
| SV.UMD.MAIN
|
Leftover debug code - main method |
4 |
False |
No |
| SV.USE.POLICY
|
Direct use methods of Policy |
4 |
False |
No |
| SV.WEAK.CRYPT
|
Use of a Broken or Risky Cryptographic Algorithm |
3 |
True |
No |
| SV.WEAK.KEYS.AES
|
Insufficient key length in Cryptographic Algorithm |
3 |
True |
Yes |
| SV.WEAK.KEYS.DH
|
Insufficient key length in Cryptographic Algorithm |
3 |
True |
Yes |
| SV.WEAK.KEYS.DSA
|
Insufficient key length in Cryptographic Algorithm |
3 |
True |
Yes |
| SV.WEAK.KEYS.EC
|
Insufficient key length in Cryptographic Algorithm |
3 |
True |
Yes |
| SV.WEAK.KEYS.RSA
|
Insufficient key length in Cryptographic Algorithm |
3 |
True |
Yes |
| SV.WEAK.TLS
|
Weak SSL/TLS protocols should not be used. |
2 |
True |
Yes |
| SV.XPATH
|
Unvalidated user input is used as an XPath expression |
2 |
True |
Yes |
| SV.XSS.COOKIE
|
Sensitive cookie without setHttpOnly flag |
4 |
True |
Yes |
| SV.XSS.COOKIE.SECURE
|
Sensitive cookie without Secure protocol |
1 |
True |
Yes |
| SV.XSS.DB
|
Cross Site Scripting (Stored XSS) |
2 |
True |
Yes |
| SV.XSS.REF
|
Cross Site Scripting (Reflected XSS) |
2 |
True |
Yes |
| SV.XXE.DBF
|
Possibility for XML External Entity attack |
4 |
True |
No |
| SV.XXE.SF
|
Possibility for XML External Entity attack |
4 |
True |
No |
| SV.XXE.SPF
|
Possibility for XML External Entity attack |
4 |
True |
No |
| SV.XXE.TF
|
Possibility for XML External Entity attack |
4 |
True |
No |
| SV.XXE.XIF
|
Possibility for XML External Entity attack |
4 |
True |
No |
| SV.XXE.XRF
|
Possibility for XML External Entity attack |
4 |
True |
No |
| SYNCH.NESTED
|
Synchronized method calls another synchronized method with the same lock held |
4 |
True |
No |
| SYNCH.NESTEDS
|
Synchronized static method calls another synchronized static method with the same lock held |
4 |
True |
No |
| UC.BOOLB
|
Unnecessary creation of new Boolean object from a boolean expression |
4 |
True |
No |
| UC.BOOLS
|
Unnecessary creation of new Boolean object from a string expression |
4 |
True |
No |
| UC.STRS
|
Unnecessary creation of new String object from a string expression |
4 |
True |
No |
| UC.STRV
|
Unnecessary creation of empty String object |
4 |
True |
No |
| UF.IMAGEIO
|
Usage of closed ImageIO stream |
2 |
True |
Yes |
| UF.IN
|
Usage of closed input stream |
2 |
True |
Yes |
| UF.JNDI
|
Usage of closed JNDI context |
2 |
True |
Yes |
| UF.MAIL
|
Usage of closed Java mail object |
2 |
True |
Yes |
| UF.MICRO
|
Usage of closed Java Microedition connection |
2 |
True |
Yes |
| UF.NIO
|
Usage of closed NIO object |
2 |
True |
Yes |
| UF.OUT
|
Usage of closed output stream |
2 |
True |
Yes |
| UF.SOCK
|
Usage of closed socket |
2 |
True |
Yes |
| UF.SQLCON
|
Usage of closed SQL connection |
2 |
True |
Yes |
| UF.SQLOBJ
|
Usage of closed SQL object |
2 |
True |
Yes |
| UF.ZIP
|
Usage of closed zip file |
2 |
True |
Yes |
| UMC.EXIT
|
The System.exit() method call is unwanted |
4 |
False |
No |
| UMC.GC
|
The System.gc() method call is unwanted |
4 |
False |
No |
| UMC.SYSERR
|
Debug print using System.err method calls is unwanted |
4 |
False |
No |
| UMC.SYSOUT
|
Debug print using System.out method calls is unwanted |
4 |
False |
No |
| UMC.TOSTRING
|
Unnecessary toString() method called for a String argument |
4 |
True |
No |
