getdoorman 1.0.6 → 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/rules/bugs/ai-codegen.js +1 -1
- package/src/rules/bugs/crypto-bugs.js +1 -1
- package/src/rules/bugs/go-bugs.js +1 -1
- package/src/rules/compliance/healthcare.js +4 -4
- package/src/rules/compliance/regional-eu.js +1 -1
- package/src/rules/compliance/regional-international.js +4 -4
- package/src/rules/infrastructure/index.js +5 -5
- package/src/rules/quality/index.js +8 -8
- package/src/rules/scope-rules.js +1 -1
- package/src/rules/security/ai-api.js +8 -8
- package/src/rules/security/auth.js +5 -5
- package/src/rules/security/csharp.js +15 -15
- package/src/rules/security/dart.js +6 -6
- package/src/rules/security/deserialization.js +1 -1
- package/src/rules/security/go.js +8 -8
- package/src/rules/security/injection.js +21 -21
- package/src/rules/security/mcp-server.js +4 -4
- package/src/rules/security/oauth-jwt.js +1 -1
- package/src/rules/security/path-traversal.js +6 -6
- package/src/rules/security/php.js +28 -28
- package/src/rules/security/ruby.js +20 -20
- package/src/rules/security/rust.js +6 -6
- package/src/rules/security/shell.js +9 -9
- package/src/rules/security/ssrf.js +1 -1
- package/src/rules/security/swift.js +3 -3
- package/src/rules/security/taint.js +1 -1
package/package.json
CHANGED
|
@@ -23,7 +23,7 @@ function hasHealthContext(files) {
|
|
|
23
23
|
const rules = [
|
|
24
24
|
// COMP-HIPAA-007: PHI in error messages/stack traces
|
|
25
25
|
{
|
|
26
|
-
id: 'COMP-HIPAA-007', category: 'compliance', severity: '
|
|
26
|
+
id: 'COMP-HIPAA-007', category: 'compliance', severity: 'high', confidence: 'likely',
|
|
27
27
|
title: 'PHI Exposed in Error Messages',
|
|
28
28
|
check({ files }) {
|
|
29
29
|
const findings = [];
|
|
@@ -68,7 +68,7 @@ const rules = [
|
|
|
68
68
|
|
|
69
69
|
// COMP-HIPAA-009: PHI shared with third-party SDKs
|
|
70
70
|
{
|
|
71
|
-
id: 'COMP-HIPAA-009', category: 'compliance', severity: '
|
|
71
|
+
id: 'COMP-HIPAA-009', category: 'compliance', severity: 'high', confidence: 'likely',
|
|
72
72
|
title: 'PHI Shared with Third-Party Monitoring SDKs',
|
|
73
73
|
check({ files }) {
|
|
74
74
|
const findings = [];
|
|
@@ -131,7 +131,7 @@ const rules = [
|
|
|
131
131
|
|
|
132
132
|
// COMP-HIPAA-012: Missing access controls on health endpoints
|
|
133
133
|
{
|
|
134
|
-
id: 'COMP-HIPAA-012', category: 'compliance', severity: '
|
|
134
|
+
id: 'COMP-HIPAA-012', category: 'compliance', severity: 'high', confidence: 'likely',
|
|
135
135
|
title: 'Missing Access Controls on Health Endpoints',
|
|
136
136
|
check({ files }) {
|
|
137
137
|
const findings = [];
|
|
@@ -384,7 +384,7 @@ const rules = [
|
|
|
384
384
|
|
|
385
385
|
// COMP-HIPAA-024: Telehealth without end-to-end encryption
|
|
386
386
|
{
|
|
387
|
-
id: 'COMP-HIPAA-024', category: 'compliance', severity: '
|
|
387
|
+
id: 'COMP-HIPAA-024', category: 'compliance', severity: 'high', confidence: 'likely',
|
|
388
388
|
title: 'Telehealth Without End-to-End Encryption',
|
|
389
389
|
check({ files }) {
|
|
390
390
|
const findings = [];
|
|
@@ -364,7 +364,7 @@ const rules = [
|
|
|
364
364
|
},
|
|
365
365
|
},
|
|
366
366
|
|
|
367
|
-
{ id: 'COMP-EUAI-007', category: 'compliance', severity: '
|
|
367
|
+
{ id: 'COMP-EUAI-007', category: 'compliance', severity: 'high', confidence: 'likely',
|
|
368
368
|
title: 'Emotion Recognition Without Safeguards',
|
|
369
369
|
check({ files }) {
|
|
370
370
|
const findings = [];
|
|
@@ -344,7 +344,7 @@ const rules = [
|
|
|
344
344
|
{
|
|
345
345
|
id: 'COMP-LGPD-006',
|
|
346
346
|
category: 'compliance',
|
|
347
|
-
severity: '
|
|
347
|
+
severity: 'high',
|
|
348
348
|
confidence: 'likely',
|
|
349
349
|
title: 'LGPD: Children\'s Data Without Parental Consent',
|
|
350
350
|
check({ files }) {
|
|
@@ -513,7 +513,7 @@ const rules = [
|
|
|
513
513
|
{
|
|
514
514
|
id: 'COMP-PIPEDA-006',
|
|
515
515
|
category: 'compliance',
|
|
516
|
-
severity: '
|
|
516
|
+
severity: 'high',
|
|
517
517
|
confidence: 'likely',
|
|
518
518
|
title: 'PIPEDA: Sensitive Data Without Explicit Consent',
|
|
519
519
|
check({ files }) {
|
|
@@ -720,7 +720,7 @@ const rules = [
|
|
|
720
720
|
{
|
|
721
721
|
id: 'COMP-DPDPA-003',
|
|
722
722
|
category: 'compliance',
|
|
723
|
-
severity: '
|
|
723
|
+
severity: 'high',
|
|
724
724
|
confidence: 'likely',
|
|
725
725
|
title: 'DPDPA: Children\'s Data Without Verifiable Parental Consent',
|
|
726
726
|
check({ files }) {
|
|
@@ -878,7 +878,7 @@ const rules = [
|
|
|
878
878
|
{
|
|
879
879
|
id: 'COMP-APPI-005',
|
|
880
880
|
category: 'compliance',
|
|
881
|
-
severity: '
|
|
881
|
+
severity: 'high',
|
|
882
882
|
confidence: 'likely',
|
|
883
883
|
title: 'APPI: Sensitive Personal Info Without Explicit Consent',
|
|
884
884
|
check({ files }) {
|
|
@@ -702,7 +702,7 @@ const rules = [
|
|
|
702
702
|
},
|
|
703
703
|
|
|
704
704
|
// INFRA-TF-005: Public S3 bucket in Terraform
|
|
705
|
-
{ id: 'INFRA-TF-005', category: 'infrastructure', severity: '
|
|
705
|
+
{ id: 'INFRA-TF-005', category: 'infrastructure', severity: 'high', confidence: 'likely', title: 'Terraform S3 Bucket Publicly Accessible',
|
|
706
706
|
check({ files }) {
|
|
707
707
|
const findings = [];
|
|
708
708
|
for (const [fp, c] of files) {
|
|
@@ -1459,7 +1459,7 @@ const rules = [
|
|
|
1459
1459
|
},
|
|
1460
1460
|
},
|
|
1461
1461
|
// INFRA-CLOUD-029: No S3 bucket public access block
|
|
1462
|
-
{ id: 'INFRA-CLOUD-029', category: 'infrastructure', severity: '
|
|
1462
|
+
{ id: 'INFRA-CLOUD-029', category: 'infrastructure', severity: 'high', confidence: 'likely', title: 'S3 Bucket Without Public Access Block',
|
|
1463
1463
|
check({ files }) {
|
|
1464
1464
|
const findings = [];
|
|
1465
1465
|
for (const [fp, c] of files) {
|
|
@@ -2193,7 +2193,7 @@ rules.push({
|
|
|
2193
2193
|
|
|
2194
2194
|
// INFRA-TF-039: IAM role with wildcard permissions
|
|
2195
2195
|
rules.push({
|
|
2196
|
-
id: 'INFRA-TF-039', category: 'infrastructure', severity: '
|
|
2196
|
+
id: 'INFRA-TF-039', category: 'infrastructure', severity: 'high', confidence: 'likely', title: 'IAM role with wildcard action (*) permissions',
|
|
2197
2197
|
check({ files }) {
|
|
2198
2198
|
const findings = [];
|
|
2199
2199
|
for (const [fp, c] of files) {
|
|
@@ -2348,7 +2348,7 @@ rules.push({
|
|
|
2348
2348
|
|
|
2349
2349
|
// INFRA-TF-044: S3 bucket with public access allowed
|
|
2350
2350
|
rules.push({
|
|
2351
|
-
id: 'INFRA-TF-044', category: 'infrastructure', severity: '
|
|
2351
|
+
id: 'INFRA-TF-044', category: 'infrastructure', severity: 'high', confidence: 'likely', title: 'Terraform S3 bucket without block public access settings',
|
|
2352
2352
|
check({ files }) {
|
|
2353
2353
|
const findings = [];
|
|
2354
2354
|
for (const [fp, c] of files) {
|
|
@@ -2666,7 +2666,7 @@ rules.push({
|
|
|
2666
2666
|
|
|
2667
2667
|
// INFRA-064: Cloud storage bucket public access
|
|
2668
2668
|
rules.push({
|
|
2669
|
-
id: 'INFRA-064', category: 'infrastructure', severity: '
|
|
2669
|
+
id: 'INFRA-064', category: 'infrastructure', severity: 'high', confidence: 'likely', title: 'Cloud storage with public access enabled',
|
|
2670
2670
|
check({ files }) {
|
|
2671
2671
|
const findings = [];
|
|
2672
2672
|
for (const [fp, c] of files) {
|
|
@@ -381,7 +381,7 @@ const rules = [
|
|
|
381
381
|
},
|
|
382
382
|
|
|
383
383
|
// QUAL-SMELL-001: eval() usage
|
|
384
|
-
{ id: 'QUAL-SMELL-001', category: 'quality', severity: '
|
|
384
|
+
{ id: 'QUAL-SMELL-001', category: 'quality', severity: 'high', confidence: 'likely', title: 'eval() Usage',
|
|
385
385
|
check({ files }) {
|
|
386
386
|
const findings = [];
|
|
387
387
|
for (const [fp, c] of files) {
|
|
@@ -399,7 +399,7 @@ const rules = [
|
|
|
399
399
|
},
|
|
400
400
|
|
|
401
401
|
// QUAL-SMELL-002: new Function() with dynamic string
|
|
402
|
-
{ id: 'QUAL-SMELL-002', category: 'quality', severity: '
|
|
402
|
+
{ id: 'QUAL-SMELL-002', category: 'quality', severity: 'high', confidence: 'likely', title: 'new Function() — Behaves Like eval()',
|
|
403
403
|
check({ files }) {
|
|
404
404
|
const findings = [];
|
|
405
405
|
for (const [fp, c] of files) {
|
|
@@ -1184,7 +1184,7 @@ const rules = [
|
|
|
1184
1184
|
},
|
|
1185
1185
|
|
|
1186
1186
|
// QUAL-SEC-002: Insecure random for tokens
|
|
1187
|
-
{ id: 'QUAL-SEC-002', category: 'quality', severity: '
|
|
1187
|
+
{ id: 'QUAL-SEC-002', category: 'quality', severity: 'high', confidence: 'likely', title: 'Math.random() Used for Security Tokens',
|
|
1188
1188
|
check({ files }) {
|
|
1189
1189
|
const findings = [];
|
|
1190
1190
|
for (const [fp, c] of files) {
|
|
@@ -1361,7 +1361,7 @@ const rules = [
|
|
|
1361
1361
|
},
|
|
1362
1362
|
|
|
1363
1363
|
// QUAL-SEC-005: Hardcoded JWT secret
|
|
1364
|
-
{ id: 'QUAL-SEC-005', category: 'quality', severity: '
|
|
1364
|
+
{ id: 'QUAL-SEC-005', category: 'quality', severity: 'high', confidence: 'likely', title: 'Hardcoded JWT Secret',
|
|
1365
1365
|
check({ files }) {
|
|
1366
1366
|
const findings = [];
|
|
1367
1367
|
for (const [fp, c] of files) {
|
|
@@ -1520,7 +1520,7 @@ const rules = [
|
|
|
1520
1520
|
},
|
|
1521
1521
|
},
|
|
1522
1522
|
// QUAL-SEC-007: Command injection via exec
|
|
1523
|
-
{ id: 'QUAL-SEC-007', category: 'quality', severity: '
|
|
1523
|
+
{ id: 'QUAL-SEC-007', category: 'quality', severity: 'high', confidence: 'likely', title: 'Command Injection via exec/spawn',
|
|
1524
1524
|
check({ files }) {
|
|
1525
1525
|
const findings = [];
|
|
1526
1526
|
for (const [fp, c] of files) {
|
|
@@ -1824,7 +1824,7 @@ const rules = [
|
|
|
1824
1824
|
},
|
|
1825
1825
|
},
|
|
1826
1826
|
// QUAL-SEC-010: Using eval() with user-controlled input
|
|
1827
|
-
{ id: 'QUAL-SEC-010', category: 'quality', severity: '
|
|
1827
|
+
{ id: 'QUAL-SEC-010', category: 'quality', severity: 'high', confidence: 'likely', title: 'eval() Used with Potentially User-Controlled Data',
|
|
1828
1828
|
check({ files }) {
|
|
1829
1829
|
const findings = [];
|
|
1830
1830
|
for (const [fp, c] of files) {
|
|
@@ -1937,7 +1937,7 @@ const rules = [
|
|
|
1937
1937
|
},
|
|
1938
1938
|
},
|
|
1939
1939
|
// QUAL-SEC-011: Insecure deserialization
|
|
1940
|
-
{ id: 'QUAL-SEC-011', category: 'quality', severity: '
|
|
1940
|
+
{ id: 'QUAL-SEC-011', category: 'quality', severity: 'high', confidence: 'likely', title: 'Insecure Deserialization with node-serialize',
|
|
1941
1941
|
check({ files, stack }) {
|
|
1942
1942
|
const findings = [];
|
|
1943
1943
|
const allDeps = { ...stack.dependencies, ...stack.devDependencies };
|
|
@@ -1953,7 +1953,7 @@ const rules = [
|
|
|
1953
1953
|
},
|
|
1954
1954
|
},
|
|
1955
1955
|
// QUAL-ARCH-014: No input sanitization before DB queries
|
|
1956
|
-
{ id: 'QUAL-ARCH-014', category: 'quality', severity: '
|
|
1956
|
+
{ id: 'QUAL-ARCH-014', category: 'quality', severity: 'high', confidence: 'likely', title: 'String Template Used in Database Query',
|
|
1957
1957
|
check({ files }) {
|
|
1958
1958
|
const findings = [];
|
|
1959
1959
|
for (const [fp, c] of files) {
|
package/src/rules/scope-rules.js
CHANGED
|
@@ -577,7 +577,7 @@ const rules = [
|
|
|
577
577
|
{
|
|
578
578
|
id: 'SCOPE-SEC-001',
|
|
579
579
|
category: 'security',
|
|
580
|
-
severity: '
|
|
580
|
+
severity: 'high',
|
|
581
581
|
confidence: 'likely',
|
|
582
582
|
title: 'eval/exec Outside Sandboxed Context',
|
|
583
583
|
description: 'eval() or exec() used outside of a sandboxing function (vm.runInNewContext, sandbox, etc.).',
|
|
@@ -116,7 +116,7 @@ const rules = [
|
|
|
116
116
|
{
|
|
117
117
|
id: 'SEC-AI-004',
|
|
118
118
|
category: 'security',
|
|
119
|
-
severity: '
|
|
119
|
+
severity: 'high',
|
|
120
120
|
confidence: 'likely',
|
|
121
121
|
title: 'Hardcoded AI provider API key',
|
|
122
122
|
description: 'AI provider API key (Cohere, Mistral, Replicate, HuggingFace, etc.) is hardcoded in source code.',
|
|
@@ -137,7 +137,7 @@ const rules = [
|
|
|
137
137
|
{
|
|
138
138
|
id: 'SEC-AI-005',
|
|
139
139
|
category: 'security',
|
|
140
|
-
severity: '
|
|
140
|
+
severity: 'high',
|
|
141
141
|
confidence: 'likely',
|
|
142
142
|
title: 'AI API key exposed in client-side code',
|
|
143
143
|
description: 'AI API key is used in frontend/client code, exposing it to end users via browser DevTools or source maps.',
|
|
@@ -191,7 +191,7 @@ const rules = [
|
|
|
191
191
|
{
|
|
192
192
|
id: 'SEC-AI-007',
|
|
193
193
|
category: 'security',
|
|
194
|
-
severity: '
|
|
194
|
+
severity: 'high',
|
|
195
195
|
confidence: 'likely',
|
|
196
196
|
title: 'Prompt injection vulnerability',
|
|
197
197
|
description: 'User input is directly concatenated or interpolated into AI prompts without sanitization, enabling prompt injection.',
|
|
@@ -213,7 +213,7 @@ const rules = [
|
|
|
213
213
|
{
|
|
214
214
|
id: 'SEC-AI-008',
|
|
215
215
|
category: 'security',
|
|
216
|
-
severity: '
|
|
216
|
+
severity: 'high',
|
|
217
217
|
confidence: 'likely',
|
|
218
218
|
title: 'User input injected into system prompt',
|
|
219
219
|
description: 'User-controlled data is included in the system prompt, allowing privilege escalation via prompt injection.',
|
|
@@ -465,7 +465,7 @@ const rules = [
|
|
|
465
465
|
{
|
|
466
466
|
id: 'SEC-AI-018',
|
|
467
467
|
category: 'security',
|
|
468
|
-
severity: '
|
|
468
|
+
severity: 'high',
|
|
469
469
|
confidence: 'likely',
|
|
470
470
|
title: 'Unsafe AI function/tool calling execution',
|
|
471
471
|
description: 'AI function call results are executed without validation, allowing the AI to trigger arbitrary functions.',
|
|
@@ -762,7 +762,7 @@ const rules = [
|
|
|
762
762
|
{
|
|
763
763
|
id: 'SEC-AI-031',
|
|
764
764
|
category: 'security',
|
|
765
|
-
severity: '
|
|
765
|
+
severity: 'high',
|
|
766
766
|
confidence: 'likely',
|
|
767
767
|
title: 'AI output used in code execution',
|
|
768
768
|
description: 'AI API response is passed to eval(), exec(), or code execution functions, enabling arbitrary code execution.',
|
|
@@ -783,7 +783,7 @@ const rules = [
|
|
|
783
783
|
{
|
|
784
784
|
id: 'SEC-AI-032',
|
|
785
785
|
category: 'security',
|
|
786
|
-
severity: '
|
|
786
|
+
severity: 'high',
|
|
787
787
|
confidence: 'likely',
|
|
788
788
|
title: 'AI output used in SQL query construction',
|
|
789
789
|
description: 'AI API response is interpolated into SQL queries, enabling SQL injection via AI-generated content.',
|
|
@@ -805,7 +805,7 @@ const rules = [
|
|
|
805
805
|
{
|
|
806
806
|
id: 'SEC-AI-033',
|
|
807
807
|
category: 'security',
|
|
808
|
-
severity: '
|
|
808
|
+
severity: 'high',
|
|
809
809
|
confidence: 'likely',
|
|
810
810
|
title: 'AI API key embedded in mobile application',
|
|
811
811
|
description: 'AI API key found in mobile app code (React Native, Flutter, Swift, Kotlin) where it can be extracted.',
|
|
@@ -75,7 +75,7 @@ const rules = [
|
|
|
75
75
|
{
|
|
76
76
|
id: 'SEC-AUTH-001',
|
|
77
77
|
category: 'security',
|
|
78
|
-
severity: '
|
|
78
|
+
severity: 'high',
|
|
79
79
|
confidence: 'likely',
|
|
80
80
|
title: 'Plaintext password storage detected',
|
|
81
81
|
check({ files }) {
|
|
@@ -615,7 +615,7 @@ const rules = [
|
|
|
615
615
|
{
|
|
616
616
|
id: 'SEC-AUTH-014',
|
|
617
617
|
category: 'security',
|
|
618
|
-
severity: '
|
|
618
|
+
severity: 'high',
|
|
619
619
|
confidence: 'likely',
|
|
620
620
|
title: 'OAuth open redirect via unvalidated redirect_uri',
|
|
621
621
|
check({ files }) {
|
|
@@ -1012,7 +1012,7 @@ rules.push({
|
|
|
1012
1012
|
|
|
1013
1013
|
// SEC-AUTH-026: Session fixation
|
|
1014
1014
|
rules.push({
|
|
1015
|
-
id: 'SEC-AUTH-026', category: 'security', severity: '
|
|
1015
|
+
id: 'SEC-AUTH-026', category: 'security', severity: 'high', confidence: 'likely',
|
|
1016
1016
|
title: 'Session fixation: session not regenerated after login',
|
|
1017
1017
|
check({ files }) {
|
|
1018
1018
|
const findings = [];
|
|
@@ -1171,7 +1171,7 @@ rules.push({
|
|
|
1171
1171
|
|
|
1172
1172
|
// SEC-AUTH-034: JWT decoded without verification
|
|
1173
1173
|
rules.push({
|
|
1174
|
-
id: 'SEC-AUTH-034', category: 'security', severity: '
|
|
1174
|
+
id: 'SEC-AUTH-034', category: 'security', severity: 'high', confidence: 'likely',
|
|
1175
1175
|
title: 'JWT decoded without signature verification',
|
|
1176
1176
|
check({ files }) {
|
|
1177
1177
|
const findings = [];
|
|
@@ -1233,7 +1233,7 @@ rules.push({
|
|
|
1233
1233
|
|
|
1234
1234
|
// SEC-AUTH-037: Authentication bypass via type coercion
|
|
1235
1235
|
rules.push({
|
|
1236
|
-
id: 'SEC-AUTH-037', category: 'security', severity: '
|
|
1236
|
+
id: 'SEC-AUTH-037', category: 'security', severity: 'high', confidence: 'likely',
|
|
1237
1237
|
title: 'Password comparison with == — type coercion bypass',
|
|
1238
1238
|
check({ files }) {
|
|
1239
1239
|
const findings = [];
|
|
@@ -50,7 +50,7 @@ const rules = [
|
|
|
50
50
|
{
|
|
51
51
|
id: 'SEC-CS-001',
|
|
52
52
|
category: 'security',
|
|
53
|
-
severity: '
|
|
53
|
+
severity: 'high',
|
|
54
54
|
confidence: 'likely',
|
|
55
55
|
title: 'SQL Injection via String Concatenation in SqlCommand',
|
|
56
56
|
description: 'Building SQL queries with string concatenation in SqlCommand allows SQL injection.',
|
|
@@ -67,7 +67,7 @@ const rules = [
|
|
|
67
67
|
{
|
|
68
68
|
id: 'SEC-CS-002',
|
|
69
69
|
category: 'security',
|
|
70
|
-
severity: '
|
|
70
|
+
severity: 'high',
|
|
71
71
|
confidence: 'likely',
|
|
72
72
|
title: 'SQL Injection via String Interpolation',
|
|
73
73
|
description: 'Using string interpolation ($"...") in SQL commands allows injection.',
|
|
@@ -84,7 +84,7 @@ const rules = [
|
|
|
84
84
|
{
|
|
85
85
|
id: 'SEC-CS-003',
|
|
86
86
|
category: 'security',
|
|
87
|
-
severity: '
|
|
87
|
+
severity: 'high',
|
|
88
88
|
confidence: 'likely',
|
|
89
89
|
title: 'SQL Injection via String.Format',
|
|
90
90
|
description: 'Using String.Format to build SQL queries enables injection attacks.',
|
|
@@ -181,7 +181,7 @@ const rules = [
|
|
|
181
181
|
{
|
|
182
182
|
id: 'SEC-CS-009',
|
|
183
183
|
category: 'security',
|
|
184
|
-
severity: '
|
|
184
|
+
severity: 'high',
|
|
185
185
|
confidence: 'likely',
|
|
186
186
|
title: 'Command Injection via Process.Start',
|
|
187
187
|
description: 'Passing user-controlled data to Process.Start enables arbitrary command execution.',
|
|
@@ -197,7 +197,7 @@ const rules = [
|
|
|
197
197
|
{
|
|
198
198
|
id: 'SEC-CS-010',
|
|
199
199
|
category: 'security',
|
|
200
|
-
severity: '
|
|
200
|
+
severity: 'high',
|
|
201
201
|
confidence: 'likely',
|
|
202
202
|
title: 'Command Injection via ProcessStartInfo',
|
|
203
203
|
description: 'Setting ProcessStartInfo.Arguments with user input enables command injection.',
|
|
@@ -245,7 +245,7 @@ const rules = [
|
|
|
245
245
|
{
|
|
246
246
|
id: 'SEC-CS-013',
|
|
247
247
|
category: 'security',
|
|
248
|
-
severity: '
|
|
248
|
+
severity: 'high',
|
|
249
249
|
confidence: 'likely',
|
|
250
250
|
title: 'LDAP Injection',
|
|
251
251
|
description: 'Building LDAP filters with string concatenation allows injection attacks.',
|
|
@@ -262,7 +262,7 @@ const rules = [
|
|
|
262
262
|
{
|
|
263
263
|
id: 'SEC-CS-014',
|
|
264
264
|
category: 'security',
|
|
265
|
-
severity: '
|
|
265
|
+
severity: 'high',
|
|
266
266
|
confidence: 'likely',
|
|
267
267
|
title: 'LDAP Injection via String Interpolation',
|
|
268
268
|
description: 'Using string interpolation in LDAP filters enables injection.',
|
|
@@ -278,7 +278,7 @@ const rules = [
|
|
|
278
278
|
{
|
|
279
279
|
id: 'SEC-CS-015',
|
|
280
280
|
category: 'security',
|
|
281
|
-
severity: '
|
|
281
|
+
severity: 'high',
|
|
282
282
|
confidence: 'likely',
|
|
283
283
|
title: 'XXE: XmlDocument Without Safe Settings',
|
|
284
284
|
description: 'XmlDocument processes external entities by default, enabling XXE attacks.',
|
|
@@ -294,7 +294,7 @@ const rules = [
|
|
|
294
294
|
{
|
|
295
295
|
id: 'SEC-CS-016',
|
|
296
296
|
category: 'security',
|
|
297
|
-
severity: '
|
|
297
|
+
severity: 'high',
|
|
298
298
|
confidence: 'likely',
|
|
299
299
|
title: 'XXE: XmlTextReader Without Safe Settings',
|
|
300
300
|
description: 'XmlTextReader processes DTDs and external entities by default.',
|
|
@@ -490,7 +490,7 @@ const rules = [
|
|
|
490
490
|
{
|
|
491
491
|
id: 'SEC-CS-028',
|
|
492
492
|
category: 'security',
|
|
493
|
-
severity: '
|
|
493
|
+
severity: 'high',
|
|
494
494
|
confidence: 'likely',
|
|
495
495
|
title: 'Hardcoded Connection String',
|
|
496
496
|
description: 'Database connection strings with credentials hardcoded in source code.',
|
|
@@ -506,7 +506,7 @@ const rules = [
|
|
|
506
506
|
{
|
|
507
507
|
id: 'SEC-CS-029',
|
|
508
508
|
category: 'security',
|
|
509
|
-
severity: '
|
|
509
|
+
severity: 'high',
|
|
510
510
|
confidence: 'likely',
|
|
511
511
|
title: 'Hardcoded Credentials',
|
|
512
512
|
description: 'Passwords or API keys hardcoded in source code risk exposure.',
|
|
@@ -651,7 +651,7 @@ const rules = [
|
|
|
651
651
|
{
|
|
652
652
|
id: 'SEC-CS-038',
|
|
653
653
|
category: 'security',
|
|
654
|
-
severity: '
|
|
654
|
+
severity: 'high',
|
|
655
655
|
confidence: 'likely',
|
|
656
656
|
title: 'Dynamic Assembly Loading with User Input',
|
|
657
657
|
description: 'Loading assemblies from user-controlled paths enables arbitrary code execution.',
|
|
@@ -667,7 +667,7 @@ const rules = [
|
|
|
667
667
|
{
|
|
668
668
|
id: 'SEC-CS-039',
|
|
669
669
|
category: 'security',
|
|
670
|
-
severity: '
|
|
670
|
+
severity: 'high',
|
|
671
671
|
confidence: 'likely',
|
|
672
672
|
title: 'Dynamic Type Instantiation with User Input',
|
|
673
673
|
description: 'Activator.CreateInstance with user-controlled type names can instantiate malicious types.',
|
|
@@ -764,7 +764,7 @@ const rules = [
|
|
|
764
764
|
{
|
|
765
765
|
id: 'SEC-CS-045',
|
|
766
766
|
category: 'security',
|
|
767
|
-
severity: '
|
|
767
|
+
severity: 'high',
|
|
768
768
|
confidence: 'likely',
|
|
769
769
|
title: 'Hardcoded Encryption Key',
|
|
770
770
|
description: 'Encryption keys hardcoded in source code can be extracted from assemblies.',
|
|
@@ -845,7 +845,7 @@ const rules = [
|
|
|
845
845
|
{
|
|
846
846
|
id: 'SEC-CS-050',
|
|
847
847
|
category: 'security',
|
|
848
|
-
severity: '
|
|
848
|
+
severity: 'high',
|
|
849
849
|
confidence: 'likely',
|
|
850
850
|
title: 'SQL Injection via Entity Framework Raw SQL',
|
|
851
851
|
description: 'Using FromSqlRaw or ExecuteSqlRaw with string interpolation bypasses EF parameterization.',
|
|
@@ -55,7 +55,7 @@ const rules = [
|
|
|
55
55
|
{
|
|
56
56
|
id: 'SEC-DART-002',
|
|
57
57
|
category: 'security',
|
|
58
|
-
severity: '
|
|
58
|
+
severity: 'high',
|
|
59
59
|
confidence: 'likely',
|
|
60
60
|
title: 'Hardcoded API Key or Secret',
|
|
61
61
|
description: 'API keys or secrets hardcoded in Dart code can be extracted from the compiled app.',
|
|
@@ -175,7 +175,7 @@ const rules = [
|
|
|
175
175
|
{
|
|
176
176
|
id: 'SEC-DART-008',
|
|
177
177
|
category: 'security',
|
|
178
|
-
severity: '
|
|
178
|
+
severity: 'high',
|
|
179
179
|
confidence: 'likely',
|
|
180
180
|
title: 'SQL Injection in sqflite',
|
|
181
181
|
description: 'String interpolation in rawQuery/rawInsert/rawUpdate/rawDelete enables SQL injection.',
|
|
@@ -375,7 +375,7 @@ const rules = [
|
|
|
375
375
|
{
|
|
376
376
|
id: 'SEC-DART-018',
|
|
377
377
|
category: 'security',
|
|
378
|
-
severity: '
|
|
378
|
+
severity: 'high',
|
|
379
379
|
confidence: 'likely',
|
|
380
380
|
title: 'Disabled Certificate Verification in HttpClient',
|
|
381
381
|
description: 'Setting SecurityContext with allowLegacyUnsafeRenegotiation disables TLS protections.',
|
|
@@ -395,7 +395,7 @@ const rules = [
|
|
|
395
395
|
{
|
|
396
396
|
id: 'SEC-DART-019',
|
|
397
397
|
category: 'security',
|
|
398
|
-
severity: '
|
|
398
|
+
severity: 'high',
|
|
399
399
|
confidence: 'likely',
|
|
400
400
|
title: 'Dynamic Code Execution',
|
|
401
401
|
description: 'Using dart:mirrors or evaluateJavascript with user input can lead to code injection.',
|
|
@@ -455,7 +455,7 @@ const rules = [
|
|
|
455
455
|
{
|
|
456
456
|
id: 'SEC-DART-022',
|
|
457
457
|
category: 'security',
|
|
458
|
-
severity: '
|
|
458
|
+
severity: 'high',
|
|
459
459
|
confidence: 'likely',
|
|
460
460
|
title: 'Hardcoded OAuth Client Secret',
|
|
461
461
|
description: 'OAuth client secrets embedded in mobile apps can be extracted and used to impersonate the app.',
|
|
@@ -575,7 +575,7 @@ const rules = [
|
|
|
575
575
|
{
|
|
576
576
|
id: 'SEC-DART-028',
|
|
577
577
|
category: 'security',
|
|
578
|
-
severity: '
|
|
578
|
+
severity: 'high',
|
|
579
579
|
confidence: 'likely',
|
|
580
580
|
title: 'Process Execution with User Input',
|
|
581
581
|
description: 'Process.run or Process.start with unsanitized input can lead to command injection.',
|
package/src/rules/security/go.js
CHANGED
|
@@ -50,7 +50,7 @@ const rules = [
|
|
|
50
50
|
{
|
|
51
51
|
id: 'SEC-GO-001',
|
|
52
52
|
category: 'security',
|
|
53
|
-
severity: '
|
|
53
|
+
severity: 'high',
|
|
54
54
|
confidence: 'likely',
|
|
55
55
|
title: 'SQL Injection via fmt.Sprintf in Query',
|
|
56
56
|
description: 'Using fmt.Sprintf to build SQL queries passed to db.Query or db.Exec allows SQL injection.',
|
|
@@ -66,7 +66,7 @@ const rules = [
|
|
|
66
66
|
{
|
|
67
67
|
id: 'SEC-GO-002',
|
|
68
68
|
category: 'security',
|
|
69
|
-
severity: '
|
|
69
|
+
severity: 'high',
|
|
70
70
|
confidence: 'likely',
|
|
71
71
|
title: 'SQL Injection via String Concatenation',
|
|
72
72
|
description: 'Concatenating strings to build SQL queries allows injection attacks.',
|
|
@@ -82,7 +82,7 @@ const rules = [
|
|
|
82
82
|
{
|
|
83
83
|
id: 'SEC-GO-003',
|
|
84
84
|
category: 'security',
|
|
85
|
-
severity: '
|
|
85
|
+
severity: 'high',
|
|
86
86
|
confidence: 'likely',
|
|
87
87
|
title: 'Command Injection via exec.Command',
|
|
88
88
|
description: 'Passing user-controlled input to exec.Command can lead to arbitrary command execution.',
|
|
@@ -98,7 +98,7 @@ const rules = [
|
|
|
98
98
|
{
|
|
99
99
|
id: 'SEC-GO-004',
|
|
100
100
|
category: 'security',
|
|
101
|
-
severity: '
|
|
101
|
+
severity: 'high',
|
|
102
102
|
confidence: 'likely',
|
|
103
103
|
title: 'Command Injection via Shell Execution',
|
|
104
104
|
description: 'Using exec.Command with bash/sh -c and string interpolation enables command injection.',
|
|
@@ -290,7 +290,7 @@ const rules = [
|
|
|
290
290
|
{
|
|
291
291
|
id: 'SEC-GO-016',
|
|
292
292
|
category: 'security',
|
|
293
|
-
severity: '
|
|
293
|
+
severity: 'high',
|
|
294
294
|
confidence: 'likely',
|
|
295
295
|
title: 'Hardcoded Password',
|
|
296
296
|
description: 'Passwords hardcoded in source code can be extracted and used to compromise systems.',
|
|
@@ -306,7 +306,7 @@ const rules = [
|
|
|
306
306
|
{
|
|
307
307
|
id: 'SEC-GO-017',
|
|
308
308
|
category: 'security',
|
|
309
|
-
severity: '
|
|
309
|
+
severity: 'high',
|
|
310
310
|
confidence: 'likely',
|
|
311
311
|
title: 'Hardcoded API Key',
|
|
312
312
|
description: 'API keys hardcoded in source code can be extracted from binaries or repositories.',
|
|
@@ -466,7 +466,7 @@ const rules = [
|
|
|
466
466
|
{
|
|
467
467
|
id: 'SEC-GO-027',
|
|
468
468
|
category: 'security',
|
|
469
|
-
severity: '
|
|
469
|
+
severity: 'high',
|
|
470
470
|
confidence: 'likely',
|
|
471
471
|
title: 'JWT Parsing Without Proper Validation',
|
|
472
472
|
description: 'Using jwt.Parse without specifying valid signing methods allows algorithm substitution attacks.',
|
|
@@ -738,7 +738,7 @@ const rules = [
|
|
|
738
738
|
{
|
|
739
739
|
id: 'SEC-GO-044',
|
|
740
740
|
category: 'security',
|
|
741
|
-
severity: '
|
|
741
|
+
severity: 'high',
|
|
742
742
|
confidence: 'likely',
|
|
743
743
|
title: 'SQL Injection in GORM Raw Query',
|
|
744
744
|
description: 'Using db.Raw with fmt.Sprintf allows SQL injection through GORM.',
|