Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-14611

Improve Java analysis: 9 new security rules and more accurate regexp rules

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.8
    • Component/s: None
    • Edition:
      Community
    • Production Notes:
      None

      Description

      The Java analysis now brings 9 new security rules:

      • S5445 : Insecure temporary file creation methods should not be used
      • S2053 : Hashes should include an unpredictable salt
      • S5659 : JWT should be signed and verified with strong cipher algorithms
      • S5332 : Using clear-text protocols is security-sensitive
      • S5443 : Using publicly writable directories is security-sensitive
      • S5693 : Allowing requests with excessive content length is security-sensitive
      • S5247 :Disabling auto-escaping in template engines is security-sensitive
      • S4036 : Searching OS commands in PATH is security-sensitive
      • S5689 : Disclosing fingerprints from web application technologies is security-sensitive

      and many improvements on Regexp rules.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              wouter.admiraal Wouter Admiraal
              Reporter:
              sonarqube.tech SonarQube Technical user
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: