@fabasoad/sarif-to-slack 0.1.1 → 0.2.1

package/test-data/sarif/codeql-typescript.sarif

@@ -0,0 +1 @@
+{"$schema":"https://json.schemastore.org/sarif-2.1.0.json","version":"2.1.0","runs":[{"tool":{"driver":{"name":"CodeQL","organization":"GitHub","semanticVersion":"2.19.0","notifications":[{"id":"js/diagnostics/extraction-errors","name":"js/diagnostics/extraction-errors","shortDescription":{"text":"Extraction errors"},"fullDescription":{"text":"List all extraction errors for files in the source code directory."},"defaultConfiguration":{"enabled":true},"properties":{"description":"List all extraction errors for files in the source code directory.","id":"js/diagnostics/extraction-errors","kind":"diagnostic","name":"Extraction errors"}},{"id":"js/diagnostics/successfully-extracted-files","name":"js/diagnostics/successfully-extracted-files","shortDescription":{"text":"Extracted files"},"fullDescription":{"text":"Lists all files in the source code directory that were extracted."},"defaultConfiguration":{"enabled":true},"properties":{"tags":["successfully-extracted-files"],"description":"Lists all files in the source code directory that were extracted.","id":"js/diagnostics/successfully-extracted-files","kind":"diagnostic","name":"Extracted files"}},{"id":"js/baseline/expected-extracted-files","name":"js/baseline/expected-extracted-files","shortDescription":{"text":"Expected extracted files"},"fullDescription":{"text":"Files appearing in the source archive that are expected to be extracted."},"defaultConfiguration":{"enabled":true},"properties":{"tags":["expected-extracted-files","telemetry"]}},{"id":"cli/sip-enablement","name":"cli/sip-enablement","shortDescription":{"text":"macOS SIP enablement status"},"fullDescription":{"text":"macOS SIP enablement status"},"defaultConfiguration":{"enabled":true}}],"rules":[{"id":"js/angular/disabling-sce","name":"js/angular/disabling-sce","shortDescription":{"text":"Disabling SCE"},"fullDescription":{"text":"Disabling strict contextual escaping (SCE) can cause security vulnerabilities."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","maintainability","frameworks/angularjs","external/cwe/cwe-116"],"description":"Disabling strict contextual escaping (SCE) can cause security vulnerabilities.","id":"js/angular/disabling-sce","kind":"problem","name":"Disabling SCE","precision":"very-high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/angular/double-compilation","name":"js/angular/double-compilation","shortDescription":{"text":"Double compilation"},"fullDescription":{"text":"Recompiling an already compiled part of the DOM can lead to unexpected behavior of directives, performance problems, and memory leaks."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["reliability","frameworks/angularjs","security","external/cwe/cwe-1176"],"description":"Recompiling an already compiled part of the DOM can lead to\n              unexpected behavior of directives, performance problems, and memory leaks.","id":"js/angular/double-compilation","kind":"problem","name":"Double compilation","precision":"very-high","problem.severity":"warning","security-severity":"8.8"}},{"id":"js/angular/insecure-url-whitelist","name":"js/angular/insecure-url-whitelist","shortDescription":{"text":"Insecure URL whitelist"},"fullDescription":{"text":"URL whitelists that are too permissive can cause security vulnerabilities."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","frameworks/angularjs","external/cwe/cwe-183","external/cwe/cwe-625"],"description":"URL whitelists that are too permissive can cause security vulnerabilities.","id":"js/angular/insecure-url-whitelist","kind":"problem","name":"Insecure URL whitelist","precision":"very-high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/identity-replacement","name":"js/identity-replacement","shortDescription":{"text":"Replacement of a substring with itself"},"fullDescription":{"text":"Replacing a substring with itself has no effect and may indicate a mistake."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-116"],"description":"Replacing a substring with itself has no effect and may indicate a mistake.","id":"js/identity-replacement","kind":"problem","name":"Replacement of a substring with itself","precision":"very-high","problem.severity":"warning","security-severity":"5.0"}},{"id":"js/cross-window-information-leak","name":"js/cross-window-information-leak","shortDescription":{"text":"Cross-window communication with unrestricted target origin"},"fullDescription":{"text":"When sending sensitive information to another window using `postMessage`, the origin of the target window should be restricted to avoid unintentional information leaks."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-201","external/cwe/cwe-359"],"description":"When sending sensitive information to another window using `postMessage`,\n              the origin of the target window should be restricted to avoid unintentional\n              information leaks.","id":"js/cross-window-information-leak","kind":"path-problem","name":"Cross-window communication with unrestricted target origin","precision":"high","problem.severity":"error","security-severity":"4.3"}},{"id":"js/functionality-from-untrusted-source","name":"js/functionality-from-untrusted-source","shortDescription":{"text":"Inclusion of functionality from an untrusted source"},"fullDescription":{"text":"Including functionality from an untrusted source may allow an attacker to control the functionality and execute arbitrary code."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-830"],"description":"Including functionality from an untrusted source may allow\n              an attacker to control the functionality and execute arbitrary code.","id":"js/functionality-from-untrusted-source","kind":"problem","name":"Inclusion of functionality from an untrusted source","precision":"high","problem.severity":"warning","security-severity":"6.0"}},{"id":"js/functionality-from-untrusted-domain","name":"js/functionality-from-untrusted-domain","shortDescription":{"text":"Untrusted domain used in script or other content"},"fullDescription":{"text":"Using a resource from an untrusted or compromised domain makes your code vulnerable to receiving malicious code."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-830"],"description":"Using a resource from an untrusted or compromised domain makes your code vulnerable to receiving malicious code.","id":"js/functionality-from-untrusted-domain","kind":"problem","name":"Untrusted domain used in script or other content","precision":"high","problem.severity":"error","security-severity":"7.2"}},{"id":"js/code-injection","name":"js/code-injection","shortDescription":{"text":"Code injection"},"fullDescription":{"text":"Interpreting unsanitized user input as code allows a malicious user arbitrary code execution."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-094","external/cwe/cwe-095","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Interpreting unsanitized user input as code allows a malicious user arbitrary\n              code execution.","id":"js/code-injection","kind":"path-problem","name":"Code injection","precision":"high","problem.severity":"error","security-severity":"9.3"}},{"id":"js/unsafe-dynamic-method-access","name":"js/unsafe-dynamic-method-access","shortDescription":{"text":"Unsafe dynamic method access"},"fullDescription":{"text":"Invoking user-controlled methods on certain objects can lead to remote code execution."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-094"],"description":"Invoking user-controlled methods on certain objects can lead to remote code execution.","id":"js/unsafe-dynamic-method-access","kind":"path-problem","name":"Unsafe dynamic method access","precision":"high","problem.severity":"error","security-severity":"9.3"}},{"id":"js/actions/command-injection","name":"js/actions/command-injection","shortDescription":{"text":"Expression injection in Actions"},"fullDescription":{"text":"Using user-controlled GitHub Actions contexts like `run:` or `script:` may allow a malicious user to inject code into the GitHub action."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["actions","security","external/cwe/cwe-094"],"description":"Using user-controlled GitHub Actions contexts like `run:` or `script:` may allow a malicious\n              user to inject code into the GitHub action.","id":"js/actions/command-injection","kind":"problem","name":"Expression injection in Actions","precision":"high","problem.severity":"warning","security-severity":"9.3"}},{"id":"js/bad-code-sanitization","name":"js/bad-code-sanitization","shortDescription":{"text":"Improper code sanitization"},"fullDescription":{"text":"Escaping code as HTML does not provide protection against code injection."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-094","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Escaping code as HTML does not provide protection against code injection.","id":"js/bad-code-sanitization","kind":"path-problem","name":"Improper code sanitization","precision":"high","problem.severity":"error","security-severity":"6.1"}},{"id":"js/stack-trace-exposure","name":"js/stack-trace-exposure","shortDescription":{"text":"Information exposure through a stack trace"},"fullDescription":{"text":"Propagating stack trace information to an external user can unintentionally reveal implementation details that are useful to an attacker for developing a subsequent exploit."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-209","external/cwe/cwe-497"],"description":"Propagating stack trace information to an external user can\n              unintentionally reveal implementation details that are useful\n              to an attacker for developing a subsequent exploit.","id":"js/stack-trace-exposure","kind":"path-problem","name":"Information exposure through a stack trace","precision":"very-high","problem.severity":"warning","security-severity":"5.4"}},{"id":"js/exposure-of-private-files","name":"js/exposure-of-private-files","shortDescription":{"text":"Exposure of private files"},"fullDescription":{"text":"Exposing a node_modules folder, or the project folder to the public, can cause exposure of private information."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-200","external/cwe/cwe-219","external/cwe/cwe-548"],"description":"Exposing a node_modules folder, or the project folder to the public, can cause exposure\n              of private information.","id":"js/exposure-of-private-files","kind":"problem","name":"Exposure of private files","precision":"high","problem.severity":"warning","security-severity":"6.5"}},{"id":"js/client-side-unvalidated-url-redirection","name":"js/client-side-unvalidated-url-redirection","shortDescription":{"text":"Client-side URL redirect"},"fullDescription":{"text":"Client-side URL redirection based on unvalidated user input may cause redirection to malicious web sites."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116","external/cwe/cwe-601"],"description":"Client-side URL redirection based on unvalidated user input\n              may cause redirection to malicious web sites.","id":"js/client-side-unvalidated-url-redirection","kind":"path-problem","name":"Client-side URL redirect","precision":"high","problem.severity":"error","security-severity":"6.1"}},{"id":"js/server-side-unvalidated-url-redirection","name":"js/server-side-unvalidated-url-redirection","shortDescription":{"text":"Server-side URL redirect"},"fullDescription":{"text":"Server-side URL redirection based on unvalidated user input may cause redirection to malicious web sites."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-601"],"description":"Server-side URL redirection based on unvalidated user input\n              may cause redirection to malicious web sites.","id":"js/server-side-unvalidated-url-redirection","kind":"path-problem","name":"Server-side URL redirect","precision":"high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/insufficient-key-size","name":"js/insufficient-key-size","shortDescription":{"text":"Use of a weak cryptographic key"},"fullDescription":{"text":"Using a weak cryptographic key can allow an attacker to compromise security."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-326"],"description":"Using a weak cryptographic key can allow an attacker to compromise security.","id":"js/insufficient-key-size","kind":"problem","name":"Use of a weak cryptographic key","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/case-sensitive-middleware-path","name":"js/case-sensitive-middleware-path","shortDescription":{"text":"Case-sensitive middleware path"},"fullDescription":{"text":"Middleware with case-sensitive paths do not protect endpoints with case-insensitive paths."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-178"],"description":"Middleware with case-sensitive paths do not protect endpoints with case-insensitive paths.","id":"js/case-sensitive-middleware-path","kind":"problem","name":"Case-sensitive middleware path","precision":"high","problem.severity":"warning","security-severity":"7.3"}},{"id":"js/weak-cryptographic-algorithm","name":"js/weak-cryptographic-algorithm","shortDescription":{"text":"Use of a broken or weak cryptographic algorithm"},"fullDescription":{"text":"Using broken or weak cryptographic algorithms can compromise security."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-327","external/cwe/cwe-328"],"description":"Using broken or weak cryptographic algorithms can compromise security.","id":"js/weak-cryptographic-algorithm","kind":"path-problem","name":"Use of a broken or weak cryptographic algorithm","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/biased-cryptographic-random","name":"js/biased-cryptographic-random","shortDescription":{"text":"Creating biased random numbers from a cryptographically secure source"},"fullDescription":{"text":"Some mathematical operations on random numbers can cause bias in the results and compromise security."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-327"],"description":"Some mathematical operations on random numbers can cause bias in\n              the results and compromise security.","id":"js/biased-cryptographic-random","kind":"problem","name":"Creating biased random numbers from a cryptographically secure source","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/insufficient-password-hash","name":"js/insufficient-password-hash","shortDescription":{"text":"Use of password hash with insufficient computational effort"},"fullDescription":{"text":"Creating a hash of a password with low computational effort makes the hash vulnerable to password cracking attacks."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-916"],"description":"Creating a hash of a password with low computational effort makes the hash vulnerable to password cracking attacks.","id":"js/insufficient-password-hash","kind":"path-problem","name":"Use of password hash with insufficient computational effort","precision":"high","problem.severity":"warning","security-severity":"8.1"}},{"id":"js/request-forgery","name":"js/request-forgery","shortDescription":{"text":"Server-side request forgery"},"fullDescription":{"text":"Making a network request with user-controlled data in the URL allows for request forgery attacks."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-918"],"description":"Making a network request with user-controlled data in the URL allows for request forgery attacks.","id":"js/request-forgery","kind":"path-problem","name":"Server-side request forgery","precision":"high","problem.severity":"error","security-severity":"9.1"}},{"id":"js/sensitive-get-query","name":"js/sensitive-get-query","shortDescription":{"text":"Sensitive data read from GET request"},"fullDescription":{"text":"Placing sensitive data in a GET request increases the risk of the data being exposed to an attacker."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-598"],"description":"Placing sensitive data in a GET request increases the risk of\n              the data being exposed to an attacker.","id":"js/sensitive-get-query","kind":"problem","name":"Sensitive data read from GET request","precision":"high","problem.severity":"warning","security-severity":"6.5"}},{"id":"js/clear-text-cookie","name":"js/clear-text-cookie","shortDescription":{"text":"Clear text transmission of sensitive cookie"},"fullDescription":{"text":"Sending sensitive information in a cookie without requring SSL encryption can expose the cookie to an attacker."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-614","external/cwe/cwe-311","external/cwe/cwe-312","external/cwe/cwe-319"],"description":"Sending sensitive information in a cookie without requring SSL encryption\n              can expose the cookie to an attacker.","id":"js/clear-text-cookie","kind":"problem","name":"Clear text transmission of sensitive cookie","precision":"high","problem.severity":"warning","security-severity":"5.0"}},{"id":"js/sql-injection","name":"js/sql-injection","shortDescription":{"text":"Database query built from user-controlled sources"},"fullDescription":{"text":"Building a database query from user-controlled sources is vulnerable to insertion of malicious code by the user."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-089","external/cwe/cwe-090","external/cwe/cwe-943"],"description":"Building a database query from user-controlled sources is vulnerable to insertion of\n              malicious code by the user.","id":"js/sql-injection","kind":"path-problem","name":"Database query built from user-controlled sources","precision":"high","problem.severity":"error","security-severity":"8.8"}},{"id":"js/template-object-injection","name":"js/template-object-injection","shortDescription":{"text":"Template Object Injection"},"fullDescription":{"text":"Instantiating a template using a user-controlled object is vulnerable to local file read and potential remote code execution."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-073","external/cwe/cwe-094"],"description":"Instantiating a template using a user-controlled object is vulnerable to local file read and potential remote code execution.","id":"js/template-object-injection","kind":"path-problem","name":"Template Object Injection","precision":"high","problem.severity":"error","security-severity":"9.3"}},{"id":"js/incomplete-url-scheme-check","name":"js/incomplete-url-scheme-check","shortDescription":{"text":"Incomplete URL scheme check"},"fullDescription":{"text":"Checking for the \"javascript:\" URL scheme without also checking for \"vbscript:\" and \"data:\" suggests a logic error or even a security vulnerability."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","correctness","external/cwe/cwe-020","external/cwe/cwe-184"],"description":"Checking for the \"javascript:\" URL scheme without also checking for \"vbscript:\"\n              and \"data:\" suggests a logic error or even a security vulnerability.","id":"js/incomplete-url-scheme-check","kind":"problem","name":"Incomplete URL scheme check","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/useless-regexp-character-escape","name":"js/useless-regexp-character-escape","shortDescription":{"text":"Useless regular-expression character escape"},"fullDescription":{"text":"Prepending a backslash to an ordinary character in a string does not have any effect, and may make regular expressions constructed from this string behave unexpectedly."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["correctness","security","external/cwe/cwe-020"],"description":"Prepending a backslash to an ordinary character in a string\n              does not have any effect, and may make regular expressions constructed from this string\n              behave unexpectedly.","id":"js/useless-regexp-character-escape","kind":"problem","name":"Useless regular-expression character escape","precision":"high","problem.severity":"error","security-severity":"7.8"}},{"id":"js/incomplete-hostname-regexp","name":"js/incomplete-hostname-regexp","shortDescription":{"text":"Incomplete regular expression for hostnames"},"fullDescription":{"text":"Matching a URL or hostname against a regular expression that contains an unescaped dot as part of the hostname might match more hostnames than expected."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-020"],"description":"Matching a URL or hostname against a regular expression that contains an unescaped dot as part of the hostname might match more hostnames than expected.","id":"js/incomplete-hostname-regexp","kind":"problem","name":"Incomplete regular expression for hostnames","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/incorrect-suffix-check","name":"js/incorrect-suffix-check","shortDescription":{"text":"Incorrect suffix check"},"fullDescription":{"text":"Using indexOf to implement endsWith functionality is error-prone if the -1 case is not explicitly handled."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","correctness","external/cwe/cwe-020"],"description":"Using indexOf to implement endsWith functionality is error-prone if the -1 case is not explicitly handled.","id":"js/incorrect-suffix-check","kind":"problem","name":"Incorrect suffix check","precision":"high","problem.severity":"error","security-severity":"7.8"}},{"id":"js/incomplete-url-substring-sanitization","name":"js/incomplete-url-substring-sanitization","shortDescription":{"text":"Incomplete URL substring sanitization"},"fullDescription":{"text":"Security checks on the substrings of an unparsed URL are often vulnerable to bypassing."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-020"],"description":"Security checks on the substrings of an unparsed URL are often vulnerable to bypassing.","id":"js/incomplete-url-substring-sanitization","kind":"problem","name":"Incomplete URL substring sanitization","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/overly-large-range","name":"js/overly-large-range","shortDescription":{"text":"Overly permissive regular expression range"},"fullDescription":{"text":"Overly permissive regular expression ranges match a wider range of characters than intended. This may allow an attacker to bypass a filter or sanitizer."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-020"],"description":"Overly permissive regular expression ranges match a wider range of characters than intended.\n              This may allow an attacker to bypass a filter or sanitizer.","id":"js/overly-large-range","kind":"problem","name":"Overly permissive regular expression range","precision":"high","problem.severity":"warning","security-severity":"5.0"}},{"id":"js/host-header-forgery-in-email-generation","name":"js/host-header-forgery-in-email-generation","shortDescription":{"text":"Host header poisoning in email generation"},"fullDescription":{"text":"Using the HTTP Host header to construct a link in an email can facilitate phishing attacks and leak password reset tokens."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-640"],"description":"Using the HTTP Host header to construct a link in an email can facilitate phishing\n              attacks and leak password reset tokens.","id":"js/host-header-forgery-in-email-generation","kind":"path-problem","name":"Host header poisoning in email generation","precision":"high","problem.severity":"error","security-severity":"9.8"}},{"id":"js/resource-exhaustion-from-deep-object-traversal","name":"js/resource-exhaustion-from-deep-object-traversal","shortDescription":{"text":"Resources exhaustion from deep object traversal"},"fullDescription":{"text":"Processing user-controlled object hierarchies inefficiently can lead to denial of service."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-400"],"description":"Processing user-controlled object hierarchies inefficiently can lead to denial of service.","id":"js/resource-exhaustion-from-deep-object-traversal","kind":"path-problem","name":"Resources exhaustion from deep object traversal","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/loop-bound-injection","name":"js/loop-bound-injection","shortDescription":{"text":"Loop bound injection"},"fullDescription":{"text":"Iterating over an object with a user-controlled .length property can cause indefinite looping."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-834","external/cwe/cwe-730"],"description":"Iterating over an object with a user-controlled .length\n              property can cause indefinite looping.","id":"js/loop-bound-injection","kind":"path-problem","name":"Loop bound injection","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/disabling-certificate-validation","name":"js/disabling-certificate-validation","shortDescription":{"text":"Disabling certificate validation"},"fullDescription":{"text":"Disabling cryptographic certificate validation can cause security vulnerabilities."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-295","external/cwe/cwe-297"],"description":"Disabling cryptographic certificate validation can cause security vulnerabilities.","id":"js/disabling-certificate-validation","kind":"problem","name":"Disabling certificate validation","precision":"very-high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/insecure-helmet-configuration","name":"js/insecure-helmet-configuration","shortDescription":{"text":"Insecure configuration of Helmet security middleware"},"fullDescription":{"text":"The Helmet middleware is used to set security-related HTTP headers in Express applications. This query finds instances where the middleware is configured with important security features disabled."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-693","external/cwe/cwe-1021"],"description":"The Helmet middleware is used to set security-related HTTP headers in Express applications. This query finds instances where the middleware is configured with important security features disabled.","id":"js/insecure-helmet-configuration","kind":"problem","name":"Insecure configuration of Helmet security middleware","precision":"high","problem.severity":"error","security-severity":"7.0"}},{"id":"js/jwt-missing-verification","name":"js/jwt-missing-verification","shortDescription":{"text":"JWT missing secret or public key verification"},"fullDescription":{"text":"The application does not verify the JWT payload with a cryptographic secret or public key."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-347"],"description":"The application does not verify the JWT payload with a cryptographic secret or public key.","id":"js/jwt-missing-verification","kind":"problem","name":"JWT missing secret or public key verification","precision":"high","problem.severity":"warning","security-severity":"7.0"}},{"id":"js/resource-exhaustion","name":"js/resource-exhaustion","shortDescription":{"text":"Resource exhaustion"},"fullDescription":{"text":"Allocating objects or timers with user-controlled sizes or durations can cause resource exhaustion."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-400","external/cwe/cwe-770"],"description":"Allocating objects or timers with user-controlled\n              sizes or durations can cause resource exhaustion.","id":"js/resource-exhaustion","kind":"path-problem","name":"Resource exhaustion","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/missing-rate-limiting","name":"js/missing-rate-limiting","shortDescription":{"text":"Missing rate limiting"},"fullDescription":{"text":"An HTTP request handler that performs expensive operations without restricting the rate at which operations can be carried out is vulnerable to denial-of-service attacks."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-770","external/cwe/cwe-307","external/cwe/cwe-400"],"description":"An HTTP request handler that performs expensive operations without\n              restricting the rate at which operations can be carried out is vulnerable\n              to denial-of-service attacks.","id":"js/missing-rate-limiting","kind":"problem","name":"Missing rate limiting","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/cors-misconfiguration-for-credentials","name":"js/cors-misconfiguration-for-credentials","shortDescription":{"text":"CORS misconfiguration for credentials transfer"},"fullDescription":{"text":"Misconfiguration of CORS HTTP headers allows for leaks of secret credentials."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-346","external/cwe/cwe-639","external/cwe/cwe-942"],"description":"Misconfiguration of CORS HTTP headers allows for leaks of secret credentials.","id":"js/cors-misconfiguration-for-credentials","kind":"path-problem","name":"CORS misconfiguration for credentials transfer","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/incomplete-sanitization","name":"js/incomplete-sanitization","shortDescription":{"text":"Incomplete string escaping or encoding"},"fullDescription":{"text":"A string transformer that does not replace or escape all occurrences of a meta-character may be ineffective."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-020","external/cwe/cwe-080","external/cwe/cwe-116"],"description":"A string transformer that does not replace or escape all occurrences of a\n              meta-character may be ineffective.","id":"js/incomplete-sanitization","kind":"problem","name":"Incomplete string escaping or encoding","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/bad-tag-filter","name":"js/bad-tag-filter","shortDescription":{"text":"Bad HTML filtering regexp"},"fullDescription":{"text":"Matching HTML tags using regular expressions is hard to do right, and can easily lead to security issues."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-020","external/cwe/cwe-080","external/cwe/cwe-116","external/cwe/cwe-184","external/cwe/cwe-185","external/cwe/cwe-186"],"description":"Matching HTML tags using regular expressions is hard to do right, and can easily lead to security issues.","id":"js/bad-tag-filter","kind":"problem","name":"Bad HTML filtering regexp","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/unsafe-html-expansion","name":"js/unsafe-html-expansion","shortDescription":{"text":"Unsafe expansion of self-closing HTML tag"},"fullDescription":{"text":"Using regular expressions to expand self-closing HTML tags may lead to cross-site scripting vulnerabilities."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Using regular expressions to expand self-closing HTML\n              tags may lead to cross-site scripting vulnerabilities.","id":"js/unsafe-html-expansion","kind":"problem","name":"Unsafe expansion of self-closing HTML tag","precision":"very-high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/incomplete-multi-character-sanitization","name":"js/incomplete-multi-character-sanitization","shortDescription":{"text":"Incomplete multi-character sanitization"},"fullDescription":{"text":"A sanitizer that removes a sequence of characters may reintroduce the dangerous sequence."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-020","external/cwe/cwe-080","external/cwe/cwe-116"],"description":"A sanitizer that removes a sequence of characters may reintroduce the dangerous sequence.","id":"js/incomplete-multi-character-sanitization","kind":"problem","name":"Incomplete multi-character sanitization","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/double-escaping","name":"js/double-escaping","shortDescription":{"text":"Double escaping or unescaping"},"fullDescription":{"text":"When escaping special characters using a meta-character like backslash or ampersand, the meta-character has to be escaped first to avoid double-escaping, and conversely it has to be unescaped last to avoid double-unescaping."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-116","external/cwe/cwe-020"],"description":"When escaping special characters using a meta-character like backslash or\n              ampersand, the meta-character has to be escaped first to avoid double-escaping,\n              and conversely it has to be unescaped last to avoid double-unescaping.","id":"js/double-escaping","kind":"problem","name":"Double escaping or unescaping","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/incomplete-html-attribute-sanitization","name":"js/incomplete-html-attribute-sanitization","shortDescription":{"text":"Incomplete HTML attribute sanitization"},"fullDescription":{"text":"Writing incompletely sanitized values to HTML attribute strings can lead to a cross-site scripting vulnerability."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116","external/cwe/cwe-020"],"description":"Writing incompletely sanitized values to HTML\n              attribute strings can lead to a cross-site\n              scripting vulnerability.","id":"js/incomplete-html-attribute-sanitization","kind":"path-problem","name":"Incomplete HTML attribute sanitization","precision":"high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/prototype-polluting-assignment","name":"js/prototype-polluting-assignment","shortDescription":{"text":"Prototype-polluting assignment"},"fullDescription":{"text":"Modifying an object obtained via a user-controlled property name may lead to accidental mutation of the built-in Object prototype, and possibly escalate to remote code execution or cross-site scripting."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-078","external/cwe/cwe-079","external/cwe/cwe-094","external/cwe/cwe-400","external/cwe/cwe-471","external/cwe/cwe-915"],"description":"Modifying an object obtained via a user-controlled property name may\n              lead to accidental mutation of the built-in Object prototype,\n              and possibly escalate to remote code execution or cross-site scripting.","id":"js/prototype-polluting-assignment","kind":"path-problem","name":"Prototype-polluting assignment","precision":"high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/prototype-pollution","name":"js/prototype-pollution","shortDescription":{"text":"Prototype-polluting merge call"},"fullDescription":{"text":"Recursively merging a user-controlled object into another object can allow an attacker to modify the built-in Object prototype, and possibly escalate to remote code execution or cross-site scripting."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-078","external/cwe/cwe-079","external/cwe/cwe-094","external/cwe/cwe-400","external/cwe/cwe-471","external/cwe/cwe-915"],"description":"Recursively merging a user-controlled object into another object\n              can allow an attacker to modify the built-in Object prototype,\n              and possibly escalate to remote code execution or cross-site scripting.","id":"js/prototype-pollution","kind":"path-problem","name":"Prototype-polluting merge call","precision":"high","problem.severity":"error","security-severity":"6.1"}},{"id":"js/prototype-pollution-utility","name":"js/prototype-pollution-utility","shortDescription":{"text":"Prototype-polluting function"},"fullDescription":{"text":"Functions recursively assigning properties on objects may be the cause of accidental modification of a built-in prototype object."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-078","external/cwe/cwe-079","external/cwe/cwe-094","external/cwe/cwe-400","external/cwe/cwe-471","external/cwe/cwe-915"],"description":"Functions recursively assigning properties on objects may be\n              the cause of accidental modification of a built-in prototype object.","id":"js/prototype-pollution-utility","kind":"path-problem","name":"Prototype-polluting function","precision":"high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/xml-bomb","name":"js/xml-bomb","shortDescription":{"text":"XML internal entity expansion"},"fullDescription":{"text":"Parsing user input as an XML document with arbitrary internal entity expansion is vulnerable to denial-of-service attacks."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-776","external/cwe/cwe-400"],"description":"Parsing user input as an XML document with arbitrary internal\n              entity expansion is vulnerable to denial-of-service attacks.","id":"js/xml-bomb","kind":"path-problem","name":"XML internal entity expansion","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/clear-text-storage-of-sensitive-data","name":"js/clear-text-storage-of-sensitive-data","shortDescription":{"text":"Clear text storage of sensitive information"},"fullDescription":{"text":"Sensitive information stored without encryption or hashing can expose it to an attacker."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-312","external/cwe/cwe-315","external/cwe/cwe-359"],"description":"Sensitive information stored without encryption or hashing can expose it to an\n              attacker.","id":"js/clear-text-storage-of-sensitive-data","kind":"path-problem","name":"Clear text storage of sensitive information","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/actions/actions-artifact-leak","name":"js/actions/actions-artifact-leak","shortDescription":{"text":"Storage of sensitive information in GitHub Actions artifact"},"fullDescription":{"text":"Including sensitive information in a GitHub Actions artifact can expose it to an attacker."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-312","external/cwe/cwe-315","external/cwe/cwe-359"],"description":"Including sensitive information in a GitHub Actions artifact can\n              expose it to an attacker.","id":"js/actions/actions-artifact-leak","kind":"problem","name":"Storage of sensitive information in GitHub Actions artifact","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/clear-text-logging","name":"js/clear-text-logging","shortDescription":{"text":"Clear-text logging of sensitive information"},"fullDescription":{"text":"Logging sensitive information without encryption or hashing can expose it to an attacker."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-312","external/cwe/cwe-359","external/cwe/cwe-532"],"description":"Logging sensitive information without encryption or hashing can\n              expose it to an attacker.","id":"js/clear-text-logging","kind":"path-problem","name":"Clear-text logging of sensitive information","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/build-artifact-leak","name":"js/build-artifact-leak","shortDescription":{"text":"Storage of sensitive information in build artifact"},"fullDescription":{"text":"Including sensitive information in a build artifact can expose it to an attacker."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-312","external/cwe/cwe-315","external/cwe/cwe-359"],"description":"Including sensitive information in a build artifact can\n              expose it to an attacker.","id":"js/build-artifact-leak","kind":"path-problem","name":"Storage of sensitive information in build artifact","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/unvalidated-dynamic-method-call","name":"js/unvalidated-dynamic-method-call","shortDescription":{"text":"Unvalidated dynamic method call"},"fullDescription":{"text":"Calling a method with a user-controlled name may dispatch to an unexpected target, which could cause an exception."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-754"],"description":"Calling a method with a user-controlled name may dispatch to\n              an unexpected target, which could cause an exception.","id":"js/unvalidated-dynamic-method-call","kind":"path-problem","name":"Unvalidated dynamic method call","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/hardcoded-credentials","name":"js/hardcoded-credentials","shortDescription":{"text":"Hard-coded credentials"},"fullDescription":{"text":"Hard-coding credentials in source code may enable an attacker to gain unauthorized access."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-259","external/cwe/cwe-321","external/cwe/cwe-798"],"description":"Hard-coding credentials in source code may enable an attacker\n              to gain unauthorized access.","id":"js/hardcoded-credentials","kind":"path-problem","name":"Hard-coded credentials","precision":"high","problem.severity":"warning","security-severity":"9.8"}},{"id":"js/tainted-format-string","name":"js/tainted-format-string","shortDescription":{"text":"Use of externally-controlled format string"},"fullDescription":{"text":"Using external input in format strings can lead to garbled output."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-134"],"description":"Using external input in format strings can lead to garbled output.","id":"js/tainted-format-string","kind":"path-problem","name":"Use of externally-controlled format string","precision":"high","problem.severity":"warning","security-severity":"7.3"}},{"id":"js/missing-token-validation","name":"js/missing-token-validation","shortDescription":{"text":"Missing CSRF middleware"},"fullDescription":{"text":"Using cookies without CSRF protection may allow malicious websites to submit requests on behalf of the user."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-352"],"description":"Using cookies without CSRF protection may allow malicious websites to\n              submit requests on behalf of the user.","id":"js/missing-token-validation","kind":"problem","name":"Missing CSRF middleware","precision":"high","problem.severity":"error","security-severity":"8.8"}},{"id":"js/insecure-randomness","name":"js/insecure-randomness","shortDescription":{"text":"Insecure randomness"},"fullDescription":{"text":"Using a cryptographically weak pseudo-random number generator to generate a security-sensitive value may allow an attacker to predict what value will be generated."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-338"],"description":"Using a cryptographically weak pseudo-random number generator to generate a\n              security-sensitive value may allow an attacker to predict what value will\n              be generated.","id":"js/insecure-randomness","kind":"path-problem","name":"Insecure randomness","precision":"high","problem.severity":"warning","security-severity":"7.8"}},{"id":"js/insecure-dependency","name":"js/insecure-dependency","shortDescription":{"text":"Dependency download using unencrypted communication channel"},"fullDescription":{"text":"Using unencrypted protocols to fetch dependencies can leave an application open to man-in-the-middle attacks."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-300","external/cwe/cwe-319","external/cwe/cwe-494","external/cwe/cwe-829"],"description":"Using unencrypted protocols to fetch dependencies can leave an application\n              open to man-in-the-middle attacks.","id":"js/insecure-dependency","kind":"problem","name":"Dependency download using unencrypted communication channel","precision":"high","problem.severity":"warning","security-severity":"8.1"}},{"id":"js/unsafe-deserialization","name":"js/unsafe-deserialization","shortDescription":{"text":"Deserialization of user-controlled data"},"fullDescription":{"text":"Deserializing user-controlled data may allow attackers to execute arbitrary code."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-502"],"description":"Deserializing user-controlled data may allow attackers to\n              execute arbitrary code.","id":"js/unsafe-deserialization","kind":"path-problem","name":"Deserialization of user-controlled data","precision":"high","problem.severity":"warning","security-severity":"9.8"}},{"id":"js/regex-injection","name":"js/regex-injection","shortDescription":{"text":"Regular expression injection"},"fullDescription":{"text":"User input should not be used in regular expressions without first being escaped, otherwise a malicious user may be able to inject an expression that could require exponential time on certain inputs."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-730","external/cwe/cwe-400"],"description":"User input should not be used in regular expressions without first being escaped,\n              otherwise a malicious user may be able to inject an expression that could require\n              exponential time on certain inputs.","id":"js/regex-injection","kind":"path-problem","name":"Regular expression injection","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/server-crash","name":"js/server-crash","shortDescription":{"text":"Server crash"},"fullDescription":{"text":"A server that can be forced to crash may be vulnerable to denial-of-service attacks."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-248","external/cwe/cwe-730"],"description":"A server that can be forced to crash may be vulnerable to denial-of-service\n              attacks.","id":"js/server-crash","kind":"path-problem","name":"Server crash","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/client-exposed-cookie","name":"js/client-exposed-cookie","shortDescription":{"text":"Sensitive server cookie exposed to the client"},"fullDescription":{"text":"Sensitive cookies set by a server can be read by the client if the `httpOnly` flag is not set."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-1004"],"description":"Sensitive cookies set by a server can be read by the client if the `httpOnly` flag is not set.","id":"js/client-exposed-cookie","kind":"problem","name":"Sensitive server cookie exposed to the client","precision":"high","problem.severity":"warning","security-severity":"5.0"}},{"id":"js/zipslip","name":"js/zipslip","shortDescription":{"text":"Arbitrary file access during archive extraction (\"Zip Slip\")"},"fullDescription":{"text":"Extracting files from a malicious ZIP file, or similar type of archive, without validating that the destination file path is within the destination directory can allow an attacker to unexpectedly gain access to resources."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-022"],"description":"Extracting files from a malicious ZIP file, or similar type of archive, without\n              validating that the destination file path is within the destination directory\n              can allow an attacker to unexpectedly gain access to resources.","id":"js/zipslip","kind":"path-problem","name":"Arbitrary file access during archive extraction (\"Zip Slip\")","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/path-injection","name":"js/path-injection","shortDescription":{"text":"Uncontrolled data used in path expression"},"fullDescription":{"text":"Accessing paths influenced by users can allow an attacker to access unexpected resources."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-022","external/cwe/cwe-023","external/cwe/cwe-036","external/cwe/cwe-073","external/cwe/cwe-099"],"description":"Accessing paths influenced by users can allow an attacker to access\n              unexpected resources.","id":"js/path-injection","kind":"path-problem","name":"Uncontrolled data used in path expression","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/type-confusion-through-parameter-tampering","name":"js/type-confusion-through-parameter-tampering","shortDescription":{"text":"Type confusion through parameter tampering"},"fullDescription":{"text":"Sanitizing an HTTP request parameter may be ineffective if the user controls its type."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-843"],"description":"Sanitizing an HTTP request parameter may be ineffective if the user controls its type.","id":"js/type-confusion-through-parameter-tampering","kind":"path-problem","name":"Type confusion through parameter tampering","precision":"high","problem.severity":"error","security-severity":"9.8"}},{"id":"js/xxe","name":"js/xxe","shortDescription":{"text":"XML external entity expansion"},"fullDescription":{"text":"Parsing user input as an XML document with external entity expansion is vulnerable to XXE attacks."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-611","external/cwe/cwe-827"],"description":"Parsing user input as an XML document with external\n              entity expansion is vulnerable to XXE attacks.","id":"js/xxe","kind":"path-problem","name":"XML external entity expansion","precision":"high","problem.severity":"error","security-severity":"9.1"}},{"id":"js/unnecessary-use-of-cat","name":"js/unnecessary-use-of-cat","shortDescription":{"text":"Unnecessary use of `cat` process"},"fullDescription":{"text":"Using the `cat` process to read a file is unnecessarily complex, inefficient, unportable, and can lead to subtle bugs, or even security vulnerabilities."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["correctness","security","maintainability","external/cwe/cwe-078"],"description":"Using the  `cat` process to read a file is unnecessarily complex, inefficient, unportable, and can lead to subtle bugs, or even security vulnerabilities.","id":"js/unnecessary-use-of-cat","kind":"problem","name":"Unnecessary use of `cat` process","precision":"high","problem.severity":"error","security-severity":"6.3"}},{"id":"js/command-line-injection","name":"js/command-line-injection","shortDescription":{"text":"Uncontrolled command line"},"fullDescription":{"text":"Using externally controlled strings in a command line may allow a malicious user to change the meaning of the command."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["correctness","security","external/cwe/cwe-078","external/cwe/cwe-088"],"description":"Using externally controlled strings in a command line may allow a malicious\n              user to change the meaning of the command.","id":"js/command-line-injection","kind":"path-problem","name":"Uncontrolled command line","precision":"high","problem.severity":"error","security-severity":"9.8"}},{"id":"js/shell-command-constructed-from-input","name":"js/shell-command-constructed-from-input","shortDescription":{"text":"Unsafe shell command constructed from library input"},"fullDescription":{"text":"Using externally controlled strings in a command line may allow a malicious user to change the meaning of the command."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["correctness","security","external/cwe/cwe-078","external/cwe/cwe-088"],"description":"Using externally controlled strings in a command line may allow a malicious\n              user to change the meaning of the command.","id":"js/shell-command-constructed-from-input","kind":"path-problem","name":"Unsafe shell command constructed from library input","precision":"high","problem.severity":"error","security-severity":"6.3"}},{"id":"js/second-order-command-line-injection","name":"js/second-order-command-line-injection","shortDescription":{"text":"Second order command injection"},"fullDescription":{"text":"Using user-controlled data as arguments to some commands, such as git clone, can allow arbitrary commands to be executed."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["correctness","security","external/cwe/cwe-078","external/cwe/cwe-088"],"description":"Using user-controlled data as arguments to some commands, such as git clone,\n              can allow arbitrary commands to be executed.","id":"js/second-order-command-line-injection","kind":"path-problem","name":"Second order command injection","precision":"high","problem.severity":"error","security-severity":"7.0"}},{"id":"js/shell-command-injection-from-environment","name":"js/shell-command-injection-from-environment","shortDescription":{"text":"Shell command built from environment values"},"fullDescription":{"text":"Building a shell command string with values from the enclosing environment may cause subtle bugs or vulnerabilities."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["correctness","security","external/cwe/cwe-078","external/cwe/cwe-088"],"description":"Building a shell command string with values from the enclosing\n              environment may cause subtle bugs or vulnerabilities.","id":"js/shell-command-injection-from-environment","kind":"path-problem","name":"Shell command built from environment values","precision":"high","problem.severity":"warning","security-severity":"6.3"}},{"id":"js/xpath-injection","name":"js/xpath-injection","shortDescription":{"text":"XPath injection"},"fullDescription":{"text":"Building an XPath expression from user-controlled sources is vulnerable to insertion of malicious code by the user."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-643"],"description":"Building an XPath expression from user-controlled sources is vulnerable to insertion of\n              malicious code by the user.","id":"js/xpath-injection","kind":"path-problem","name":"XPath injection","precision":"high","problem.severity":"error","security-severity":"9.8"}},{"id":"js/insecure-download","name":"js/insecure-download","shortDescription":{"text":"Download of sensitive file through insecure connection"},"fullDescription":{"text":"Downloading executables and other sensitive files over an insecure connection opens up for potential man-in-the-middle attacks."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-829"],"description":"Downloading executables and other sensitive files over an insecure connection\n              opens up for potential man-in-the-middle attacks.","id":"js/insecure-download","kind":"path-problem","name":"Download of sensitive file through insecure connection","precision":"high","problem.severity":"error","security-severity":"8.1"}},{"id":"js/reflected-xss","name":"js/reflected-xss","shortDescription":{"text":"Reflected cross-site scripting"},"fullDescription":{"text":"Writing user input directly to an HTTP response allows for a cross-site scripting vulnerability."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Writing user input directly to an HTTP response allows for\n              a cross-site scripting vulnerability.","id":"js/reflected-xss","kind":"path-problem","name":"Reflected cross-site scripting","precision":"high","problem.severity":"error","security-severity":"7.8"}},{"id":"js/xss-through-dom","name":"js/xss-through-dom","shortDescription":{"text":"DOM text reinterpreted as HTML"},"fullDescription":{"text":"Reinterpreting text from the DOM as HTML can lead to a cross-site scripting vulnerability."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Reinterpreting text from the DOM as HTML\n              can lead to a cross-site scripting vulnerability.","id":"js/xss-through-dom","kind":"path-problem","name":"DOM text reinterpreted as HTML","precision":"high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/unsafe-jquery-plugin","name":"js/unsafe-jquery-plugin","shortDescription":{"text":"Unsafe jQuery plugin"},"fullDescription":{"text":"A jQuery plugin that unintentionally constructs HTML from some of its options may be unsafe to use for clients."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116","frameworks/jquery"],"description":"A jQuery plugin that unintentionally constructs HTML from some of its options may be unsafe to use for clients.","id":"js/unsafe-jquery-plugin","kind":"path-problem","name":"Unsafe jQuery plugin","precision":"high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/xss","name":"js/xss","shortDescription":{"text":"Client-side cross-site scripting"},"fullDescription":{"text":"Writing user input directly to the DOM allows for a cross-site scripting vulnerability."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Writing user input directly to the DOM allows for\n              a cross-site scripting vulnerability.","id":"js/xss","kind":"path-problem","name":"Client-side cross-site scripting","precision":"high","problem.severity":"error","security-severity":"7.8"}},{"id":"js/xss-through-exception","name":"js/xss-through-exception","shortDescription":{"text":"Exception text reinterpreted as HTML"},"fullDescription":{"text":"Reinterpreting text from an exception as HTML can lead to a cross-site scripting vulnerability."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Reinterpreting text from an exception as HTML\n              can lead to a cross-site scripting vulnerability.","id":"js/xss-through-exception","kind":"path-problem","name":"Exception text reinterpreted as HTML","precision":"high","problem.severity":"warning","security-severity":"6.1"}},{"id":"js/html-constructed-from-input","name":"js/html-constructed-from-input","shortDescription":{"text":"Unsafe HTML constructed from library input"},"fullDescription":{"text":"Using externally controlled strings to construct HTML might allow a malicious user to perform a cross-site scripting attack."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Using externally controlled strings to construct HTML might allow a malicious\n              user to perform a cross-site scripting attack.","id":"js/html-constructed-from-input","kind":"path-problem","name":"Unsafe HTML constructed from library input","precision":"high","problem.severity":"error","security-severity":"6.1"}},{"id":"js/stored-xss","name":"js/stored-xss","shortDescription":{"text":"Stored cross-site scripting"},"fullDescription":{"text":"Using uncontrolled stored values in HTML allows for a stored cross-site scripting vulnerability."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-079","external/cwe/cwe-116"],"description":"Using uncontrolled stored values in HTML allows for\n              a stored cross-site scripting vulnerability.","id":"js/stored-xss","kind":"path-problem","name":"Stored cross-site scripting","precision":"high","problem.severity":"error","security-severity":"7.8"}},{"id":"js/redos","name":"js/redos","shortDescription":{"text":"Inefficient regular expression"},"fullDescription":{"text":"A regular expression that requires exponential time to match certain inputs can be a performance bottleneck, and may be vulnerable to denial-of-service attacks."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","external/cwe/cwe-1333","external/cwe/cwe-730","external/cwe/cwe-400"],"description":"A regular expression that requires exponential time to match certain inputs\n              can be a performance bottleneck, and may be vulnerable to denial-of-service\n              attacks.","id":"js/redos","kind":"problem","name":"Inefficient regular expression","precision":"high","problem.severity":"error","security-severity":"7.5"}},{"id":"js/polynomial-redos","name":"js/polynomial-redos","shortDescription":{"text":"Polynomial regular expression used on uncontrolled data"},"fullDescription":{"text":"A regular expression that can require polynomial time to match may be vulnerable to denial-of-service attacks."},"defaultConfiguration":{"enabled":true,"level":"warning"},"properties":{"tags":["security","external/cwe/cwe-1333","external/cwe/cwe-730","external/cwe/cwe-400"],"description":"A regular expression that can require polynomial time\n              to match may be vulnerable to denial-of-service attacks.","id":"js/polynomial-redos","kind":"path-problem","name":"Polynomial regular expression used on uncontrolled data","precision":"high","problem.severity":"warning","security-severity":"7.5"}},{"id":"js/enabling-electron-insecure-content","name":"js/enabling-electron-insecure-content","shortDescription":{"text":"Enabling Electron allowRunningInsecureContent"},"fullDescription":{"text":"Enabling allowRunningInsecureContent can allow remote code execution."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","frameworks/electron","external/cwe/cwe-494"],"description":"Enabling allowRunningInsecureContent can allow remote code execution.","id":"js/enabling-electron-insecure-content","kind":"problem","name":"Enabling Electron allowRunningInsecureContent","precision":"very-high","problem.severity":"error","security-severity":"8.8"}},{"id":"js/disabling-electron-websecurity","name":"js/disabling-electron-websecurity","shortDescription":{"text":"Disabling Electron webSecurity"},"fullDescription":{"text":"Disabling webSecurity can cause critical security vulnerabilities."},"defaultConfiguration":{"enabled":true,"level":"error"},"properties":{"tags":["security","frameworks/electron","external/cwe/cwe-79"],"description":"Disabling webSecurity can cause critical security vulnerabilities.","id":"js/disabling-electron-websecurity","kind":"problem","name":"Disabling Electron webSecurity","precision":"very-high","problem.severity":"error","security-severity":"6.1"}},{"id":"js/summary/lines-of-code","name":"js/summary/lines-of-code","shortDescription":{"text":"Total lines of JavaScript and TypeScript code in the database"},"fullDescription":{"text":"The total number of lines of JavaScript or TypeScript code across all files checked into the repository, except in `node_modules`. This is a useful metric of the size of a database. For all files that were seen during extraction, this query counts the lines of code, excluding whitespace or comments."},"defaultConfiguration":{"enabled":true},"properties":{"tags":["summary","telemetry"],"description":"The total number of lines of JavaScript or TypeScript code across all files checked into the repository, except in `node_modules`. This is a useful metric of the size of a database. For all files that were seen during extraction, this query counts the lines of code, excluding whitespace or comments.","id":"js/summary/lines-of-code","kind":"metric","name":"Total lines of JavaScript and TypeScript code in the database"}},{"id":"js/summary/lines-of-user-code","name":"js/summary/lines-of-user-code","shortDescription":{"text":"Total lines of user written JavaScript and TypeScript code in the database"},"fullDescription":{"text":"The total number of lines of JavaScript and TypeScript code from the source code directory, excluding auto-generated files and files in `node_modules`. This query counts the lines of code, excluding whitespace or comments."},"defaultConfiguration":{"enabled":true},"properties":{"tags":["summary","lines-of-code","debug"],"description":"The total number of lines of JavaScript and TypeScript code from the source code directory,\n   excluding auto-generated files and files in `node_modules`. This query counts the lines of code, excluding\n   whitespace or comments.","id":"js/summary/lines-of-user-code","kind":"metric","name":"Total lines of user written JavaScript and TypeScript code in the database"}}]},"extensions":[{"name":"codeql/javascript-queries","semanticVersion":"1.2.0+e99d7db428fc3981c9a1f03f03a024ac40e52f54","locations":[{"uri":"file:///Users/john.doe/.local/bin/codeql/qlpacks/codeql/javascript-queries/1.2.0/","description":{"text":"The QL pack root directory."},"properties":{"tags":["CodeQL/LocalPackRoot"]}},{"uri":"file:///Users/john.doe/.local/bin/codeql/qlpacks/codeql/javascript-queries/1.2.0/qlpack.yml","description":{"text":"The QL pack definition file."},"properties":{"tags":["CodeQL/LocalPackDefinitionFile"]}}]},{"name":"codeql/javascript-all","semanticVersion":"2.0.0+e99d7db428fc3981c9a1f03f03a024ac40e52f54","locations":[{"uri":"file:///Users/john.doe/.local/bin/codeql/qlpacks/codeql/javascript-queries/1.2.0/.codeql/libraries/codeql/javascript-all/2.0.0/","description":{"text":"The QL pack root directory."},"properties":{"tags":["CodeQL/LocalPackRoot"]}},{"uri":"file:///Users/john.doe/.local/bin/codeql/qlpacks/codeql/javascript-queries/1.2.0/.codeql/libraries/codeql/javascript-all/2.0.0/qlpack.yml","description":{"text":"The QL pack definition file."},"properties":{"tags":["CodeQL/LocalPackDefinitionFile"]}}]}]},"invocations":[{"toolExecutionNotifications":[{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/.eslintrc.js","uriBaseId":"%SRCROOT%","index":1}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/jest.config.js","uriBaseId":"%SRCROOT%","index":2}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/package.json","uriBaseId":"%SRCROOT%","index":3}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/controllers/index.ts","uriBaseId":"%SRCROOT%","index":4}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/middlewares/errorHandler.ts","uriBaseId":"%SRCROOT%","index":5}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/routes/index.ts","uriBaseId":"%SRCROOT%","index":6}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/server.ts","uriBaseId":"%SRCROOT%","index":7}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/test/error.spec.ts","uriBaseId":"%SRCROOT%","index":8}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/test/index.spec.ts","uriBaseId":"%SRCROOT%","index":9}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/tsconfig.json","uriBaseId":"%SRCROOT%","index":10}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/diagnostics/successfully-extracted-files","index":1},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/server.ts","uriBaseId":"%SRCROOT%","index":7}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/routes/index.ts","uriBaseId":"%SRCROOT%","index":6}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/test/index.spec.ts","uriBaseId":"%SRCROOT%","index":9}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/middlewares/errorHandler.ts","uriBaseId":"%SRCROOT%","index":5}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/jest.config.js","uriBaseId":"%SRCROOT%","index":2}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/.eslintrc.js","uriBaseId":"%SRCROOT%","index":1}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/controllers/index.ts","uriBaseId":"%SRCROOT%","index":4}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/test/error.spec.ts","uriBaseId":"%SRCROOT%","index":8}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0}}}],"message":{"text":""},"level":"none","descriptor":{"id":"js/baseline/expected-extracted-files","index":2},"properties":{"formattedMessage":{"text":""}}},{"message":{"text":""},"level":"note","timeUtc":"2025-05-09T08:09:00.100+00:00","descriptor":{"id":"cli/sip-enablement","index":3},"properties":{"attributes":{"isEnabled":true},"visibility":{"statusPage":false,"telemetry":true}}}],"executionSuccessful":true}],"artifacts":[{"location":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0}},{"location":{"uri":"yarn/.eslintrc.js","uriBaseId":"%SRCROOT%","index":1}},{"location":{"uri":"yarn/jest.config.js","uriBaseId":"%SRCROOT%","index":2}},{"location":{"uri":"yarn/package.json","uriBaseId":"%SRCROOT%","index":3}},{"location":{"uri":"yarn/src/controllers/index.ts","uriBaseId":"%SRCROOT%","index":4}},{"location":{"uri":"yarn/src/middlewares/errorHandler.ts","uriBaseId":"%SRCROOT%","index":5}},{"location":{"uri":"yarn/src/routes/index.ts","uriBaseId":"%SRCROOT%","index":6}},{"location":{"uri":"yarn/src/server.ts","uriBaseId":"%SRCROOT%","index":7}},{"location":{"uri":"yarn/src/test/error.spec.ts","uriBaseId":"%SRCROOT%","index":8}},{"location":{"uri":"yarn/src/test/index.spec.ts","uriBaseId":"%SRCROOT%","index":9}},{"location":{"uri":"yarn/tsconfig.json","uriBaseId":"%SRCROOT%","index":10}}],"results":[{"ruleId":"js/code-injection","ruleIndex":7,"rule":{"id":"js/code-injection","index":7},"message":{"text":"Template, which may contain code, depends on a [user-provided value](1)."},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":38,"startColumn":24,"endColumn":32}}}],"partialFingerprints":{"primaryLocationLineHash":"c544cbb4de60052c:1","primaryLocationStartColumnFingerprint":"21"},"codeFlows":[{"threadFlows":[{"locations":[{"location":{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":27,"startColumn":15,"endColumn":33}},"message":{"text":"req.query.username"}}},{"location":{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":27,"startColumn":7,"endColumn":33}},"message":{"text":"input"}}},{"location":{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":37,"startColumn":16,"endColumn":21}},"message":{"text":"input"}}},{"location":{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":28,"startColumn":18,"endLine":37,"endColumn":21}},"message":{"text":"`\\ndocty ... + input"}}},{"location":{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":28,"startColumn":7,"endLine":37,"endColumn":21}},"message":{"text":"template"}}},{"location":{"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":38,"startColumn":24,"endColumn":32}},"message":{"text":"template"}}}]}]}],"relatedLocations":[{"id":1,"physicalLocation":{"artifactLocation":{"uri":"yarn/src/app.ts","uriBaseId":"%SRCROOT%","index":0},"region":{"startLine":27,"startColumn":15,"endColumn":33}},"message":{"text":"user-provided value"}}]}],"newlineSequences":["\r\n","\n","
","
"],"columnKind":"utf16CodeUnits","properties":{"semmle.formatSpecifier":"sarifv2.1.0","metricResults":[{"rule":{"id":"js/summary/lines-of-code","index":86},"ruleId":"js/summary/lines-of-code","ruleIndex":86,"value":153},{"rule":{"id":"js/summary/lines-of-user-code","index":87},"ruleId":"js/summary/lines-of-user-code","ruleIndex":87,"value":153,"baseline":153}]}}]}