218 questions
5
votes
3
answers
394
views
How can you enable compiler warning on array argument decaying to pointer
I learned that in C++, array arguments decay to pointer arguments. As a result,
void PrintArray(int arr[4])
{
std::cout << arr[0] << std::endl;
std::cout << arr[1] << ...
- 247
0
votes
3
answers
94
views
Is it possible to have SQL Injection in Java PreparedStatement without setString() or setInt() methods? [duplicate]
In Java, if a user input is directly appended to an SQL query without using methods like setString() or setInt(), but the query is executed using a PreparedStatement, is it still considered SQL ...
0
votes
1
answer
160
views
Should both the sender's keypair and the recipient's keypair open a sodium crypto box?
I'm trying to understand sharing encrypted messages using PHP's sodium crypto box.
Using an example that I found somewhere I've tried to simulate a conversation between two people. They each have ...
- 58
0
votes
1
answer
168
views
Learning how to implement secure boot on an embedded system
I would like to learn how to implement secure boot on a device. I have a raspberry pi 2, and 3. I can get any board if it is required.
I have been working with embedded systems and embedded linux.
...
- 729
-1
votes
1
answer
66
views
Storing Database Password
If I save the password to the database as a hash in the configuration file of the application or in the code for security reasons, how does the application connect to the database if it does not ...
- 1
-1
votes
1
answer
346
views
CWE 201: fetch function
Veracode scan is showing a low level vulnerability in the fetch function. What's the best way to fix this?
const response = await fetch(url, {
method: 'POST',
headers: {
'Content-Type': '...
- 71
0
votes
1
answer
216
views
How to convert NSCoding to NSSecureCoding?
I got a message in log 'NSKeyedUnarchiveFromData' should not be used to for un-archiving and will be removed in a future release. I am not sure how to convert this class to use NSSecureCoding. I am ...
- 2,531
0
votes
0
answers
58
views
nonetype error when securing passwords in environment variables in windows 11
2023-10-17 00:21:31.357 Uncaught app exception
Traceback (most recent call last):
File "D:\pythonProject\portfolio\send_email.py", line 21, in send_email
server.login(username, password)
...
0
votes
0
answers
152
views
Clearing memory buffers securely to prevent data leaks in C
So I'm asking about this here purely because I can't find any guidelines/explanation for how this works anywhere else.
I am trying to clear a memory buffer after use to prevent a leak of highly ...
- 57
0
votes
1
answer
2k
views
Spring Boot 3 Security with JWT Verification without Users
I have a Microservice with an rest endpoint to receive data.
I will secure this endpoint not with a user/Password rather with an JWT Token. The secret from this token is known to this service.
I take ...
- 191
1
vote
1
answer
305
views
How to address CWE-502 for Swift's Codable
Snyk.io has alerted me to a CWE-502 issue with a Swift class that implements Codable.
Deserialization of untrusted data (CWE-502), is when the application
deserializes untrusted data without ...
- 16.3k
0
votes
0
answers
166
views
Deleting secure files if program crashes
I'm looking for way to delete secure files if a program were to crash in any way. Is there a way to do this in python?
I've been looking at the tempfile module to see if this were possible. Looking it ...
0
votes
0
answers
129
views
How to resolve Trust Bound Violation In Date parameter
Scan shows "Trust Bound Violation" in Session Variables for the below code.
How to sanitize or validate the below getDate()?
Not able to use the regular ESAPI validator as getDate() is type ...
0
votes
1
answer
251
views
How to add password to Tab in order to open it's content
Dears,
How to add password to Tab in order to open it's content ?
I want to keep Tab1(Mobiles) and Tab3 (Computers) accessible and the other ones request password each time we click on them :
Below is ...
- 31
0
votes
1
answer
630
views
I want API JSON response data but don't want it to be shown in network tab as its not specific to logged in user yet very sensitive?
So basically I have some information which I have gathered with lot of effort, this information is not specific to user so I cannot totally depend on my user logged in token, this is somewhat some ...
- 146
0
votes
2
answers
284
views
For C/C++, when people say code is insecure, does it mean the application will crash, or it can be abused to launch cyber attack? [closed]
I have seen in many instances when people say codes are "insecure".
Accessing an array beyond bound is "insecure".
Malloc without free is insecure.
Dangling pointer is "...
user18092857
1
vote
0
answers
37
views
Securing application settings in Active Directory
I'm trying to help our development team solve a problem that I think seems pretty simple. We have settings in our application, for example, a SMTP Authentication password, or a server connection ...
- 33
0
votes
1
answer
204
views
code and classes are not secure using proguard
I want to secure my code from reverse engineering And I have already used Proguard and defined rules too, But after reverse engineering I am getting all my classes with same name and also code in it. ...
1
vote
0
answers
2k
views
Validate String in Java To Avoid Path Traversal
I have a system where user can upload file. I want to throw an exception in case the filename is contains sensitive characters like "../", etc. (to avoid Path Traversal vulnerability: "...
- 31
0
votes
2
answers
790
views
Getting some error while decrypting text in Java
I have below NodeJS code for decryption and it is working perfectly fine but when I am trying to convert the same code in Java at that time I am getting below error.
Given final block not properly ...
- 1,373
0
votes
1
answer
205
views
How to exchange a number between two processes securely
Here is the sample code for myapp1 and myapp2:
myapp1 code:
int main(int argc, char *argv[])
{
int secret = 123;
char buffer[20];
sprintf(buffer,"%d",secret);
char *argv[...
- 23
-2
votes
1
answer
1k
views
How to encrypt curl command to secure server password?
I need to secure the server login and password.
I have a Bash script and to work I have to run it on third-party services.
The script contains a curl command with a login and password to transfer data ...
- 47
0
votes
0
answers
714
views
Fortify Tool Buffer overflow
char tmp[] = "hello world";
char *line;
size_t sz;
sz = strlen(tmp) +1;
line = (char*)malloc(sz);
if (line)
memset(line, 0x00, sz);
Using a tool called Fortify, it flags the memset as ...
- 57
1
vote
1
answer
60
views
Added random parameter for XSHM fix. Is there a limit to the length of a URL on IIS/ASP.NET?
At my organization, we have implemented a suggestion for fixing Cross-Site History Manipulation by appending a random GUID to the end of the URL on a redirect.
For example:
Response.Redirect($"{...
- 40
3
votes
1
answer
600
views
Require compiler to emit branchless/constant-time code
In cryptography, any piece of code that depends on secret data (such as a private key) must execute in constant time in order to avoid side-channel timing attacks.
The most popular architectures ...
- 3,000
0
votes
1
answer
4k
views
checkmarx stored absolute path traversal
We are trying to fix some issue reported by checkmarx, I have to say Stored xxx serial issue are hard to find a solution.
About this one, We have following code
PreparedStatement ps = conn....
- 285
-2
votes
1
answer
431
views
API Abuse- Security Vulnerability Issue MVC APP
Fortify has tool has reported a "API Abuse - Mass Assignment: Insecure Binder Configuration" for below code I appreciate someone's help to identify the security flaws in the below code. The ...
- 53
-5
votes
1
answer
2k
views
Checkmarx and angular2 template xss warning
I'm facing the follow warning at checkmarx report. I tried to use sanitized pipe to fix but still returning the warning. Any suggestions?
1
vote
1
answer
17k
views
HOw to fix checkmarx error for sanitizing payload
I have a spring boot service (2.4.5) that shows a checkmarx error, that we need to sanitize the request payload. How do we sanitize the request payload?
@ApiOperation(value = "Executes new ...
- 183
1
vote
1
answer
10k
views
Implementing Checkmarx suggested clickjacking fix introduces high severity Client DOM XSS vulnerability
My organization has scanned our code using Checkmarx and the low severity issue Potential Clickjacking on Legacy Browsers was detected due to a JavaScript function firing on an HTML image click event.
...
- 40
2
votes
0
answers
4k
views
checkmarx medium severity: May unintentionally allow setting the value of method in the object
I am getting below medium vulnerability highlighted in checkmarx:
The rModificationRequest at r-config\com\mycompapi\RController.java in
line# may unintentionally allow setting the value of ...
- 3,121
3
votes
1
answer
3k
views
segment fault 11 when install ruby 3
I need to install ruby 3.0.0 on my machine to upgrade my ROR application gems, I use RVM as version management but when I write RVM install 3.0.0 I have this error
Error running '__rvm_make -j4',
...
- 424
0
votes
0
answers
1k
views
SAST Issue - Improper Resource Access Authorization
I am using Checkmarx security tool to scan my code. It is throwing Improper Resource Access Authorization error in the repository.
@Query(value="select * from mapping_table where project_id = :...
0
votes
0
answers
7k
views
how to fix the "Command Injection" issue by Checkmarx for python code "args=parser.parse_args()"?
I have a python code which parses the input parameters like the following:
parser = argparse.ArgumentParser(description='Information injection in file.') # , usage=usage())
requiredNamed = parser....
- 1
-2
votes
1
answer
729
views
Environment.GetCommandLineArgs() may get an untrusted string
We use Checkmarx to check our project.
The result show Environment.GetCommandLineArgs() may get an untrusted string and could allow an attacker to inject an arbitrary command.
var args = Environment....
0
votes
0
answers
605
views
Injection attacks on a ASP FileUpload Control
I'm using Checkmarx that scans source code and identifies security vulnerabilities within the code like SQL Injection, XSS etc..
I can't get rid off a vulnerability checkmarx detects on a ASP ...
- 129
2
votes
2
answers
7k
views
How to resolve XSRF Cross-Site Request Forgery (CSRF) in API controller after SAST Checkmarx
I have done the scan my project java spring boot with Checkmarx tool.
The tool found about 23 XSRF occurrences with Medium severity.
The issue found is marked on Rest API method POST on @RequestBody ...
- 1,724
1
vote
2
answers
2k
views
How to validate/sanitize an int so Checkmarx notices I validated/sanitized it
I have some code that retrieves numeric data from a source Checkmarx considers untrusted (a file under my control), which at some point I convert to a pair of integers, and range-check both of them ...
- 6,697
1
vote
0
answers
131
views
DOM XSS - is this actually exploitable?
CheckMarx found this and marked it as a vulnerability. It doesn't seem to rely on user input, so I'm curious if this is actually exploitable. This is activated by dragging a component. If this is ...
- 1,399
1
vote
1
answer
1k
views
CheckMarkx :: HRA_JAVA_CGI_REFLECTED_XSS_ALL_CLIENTS issue
I am struggling with one of the CheckMarx vulnerabilities. I need some guidance to support this.
Below is my code :
try(Bufferedreader in = new BufferedReader(new InputStreamReader(con.getInputStream()...
- 361
1
vote
1
answer
98
views
Solving and fixing vulnerability pointed by the static analysis tool SPLINT
I was working on my project and tried to run splint to see some hidden vulnerability and improve the my quality of code and I ran splint on one of my .c files of the project and I came across these 4 ...
- 162
3
votes
1
answer
10k
views
A Path Traversal vulnerability in asp.net core
I already tried these solutions
Does my code prevent directory traversal in C#?
Is Path Traversal Vulnerabilities possible in my below code?
How to prevent Path Traversal in .NET
How to avoid ...
- 2,051
1
vote
1
answer
2k
views
Change BinaryFormatter.Deserialize to DataContractSerializer for Concurrent Dictionary
I am working on an application that has been around for a while that uses BinaryFormatter.Deserialize. We recently ran a CheckMarx vulnerability scan that flag that as an issue. Microsoft even calls ...
- 1,399
0
votes
0
answers
64
views
How to convert ".exe" from ".xlsm" excel macro file or to secure vba file [duplicate]
I want to encrypt the VBA file no one can check the code. To secure the VBA file. I know about "VBE Project Properties-> lock" and I don't make it execute from the VBS file.
1
vote
1
answer
878
views
Open Redirect with known page but user-supplied url parms. Possible?
We're reviewing some security findings and I'm trying to understand a finding about open redirects. Essentially the question is: Can a redirect to a hard-coded known-local path with user-supplied ...
- 4,556
2
votes
2
answers
6k
views
How to fix Reflected XSS vulnerability in my node.js application
I am writing the backend of an application using express in node.js. Checkmarx highlights this issue: Improper Neutralization of Input During Web Page Generation
The line of code highlighted: const ...
- 65
1
vote
0
answers
213
views
Certifications needed for FinTech companies
I am trying to do some research on all the types of certifications needed for a FinTech company like PCI-DSS, etc. What all other certification can be used by the company, in terms of IT security as ...
- 107
1
vote
1
answer
9k
views
Checkmarx: Unsafe object binding
We are using Java Spring framework. We have an endpoint for passing email object.
@RequestMapping(method = RequestMethod.POST, path = "/api/messaging/v1/emailMessages/actions/send")
...
- 1,121
5
votes
2
answers
15k
views
Input_Path_Not_Canonicalized - PathTravesal Vulnerability in checkmarx
I am facing path traversal vulnerability while analyzing code through checkmarx. I am fetching path with below code:
String path = System.getenv(variableName);
and "path" variable value is ...
- 51
4
votes
2
answers
8k
views
Can reflected XSS (cross site scripting) attack happen on a REST API which serves non HTML response
Can reflected XSS (cross site scripting) attack happen on a REST API which takes in a XML request payload, serves a XML response. There is no html content in the request or response.
I have gone ...
