Supported Sast rules

The rules for Code Vulnerabilities listed below are classified by language according to their kind.

Csharp

Access Control

Authentication

Channel

Server Side Request Forgery ('SSRF')

Cryptography

Information Leak

Injection

Memory Access

Buffer Overflow

Misconfiguration

Path Resolution

Path Traversal

Predictability

Privilege

P/Invoke declarations should not be safe critical

Resource Management

Risky Values

Dangerous Hostname Check

Go

Access Control

Insecure File Permissions

Api

Channel

Server Side Request Forgery ('SSRF')

Cryptography

Information Leak

Injection

Misconfiguration

Path Resolution

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Predictability

Hardcoded Cryptographic Key

Resource Management

Connection String Parameter Pollution

Risky Values

Integer Overflow or Wraparound

Java

Access Control

Api

Authentication

Channel

Server Side Request Forgery ('SSRF')

Cryptography

Entry Points

Avoid Leftover Debug Code

Exception Management

Unhandled SSL Exception

Information Leak

Misconfiguration

Other

Path Resolution

Predictability

Resource Management

Risky Values

Synchronization

Javascript

Authentication

Channel

Server Side Request Forgery ('SSRF')

Cryptography

Information Leak

Misconfiguration

Path Resolution

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Predictability

Resource Management

Risky Values

UI

No clickjacking protection configured

Php

Authentication

Channel

Server Side Request Forgery ('SSRF')

Cryptography

Information Leak

Injection

Misconfiguration

Other

Execution After Redirect ('EAR')

Path Resolution

Predictability

Resource Management

Risky Values

Python

Access Control

Api

Insecure Temporary File

Authentication

Channel

Server Side Request Forgery ('SSRF')

Cryptography

Information Leak

Misconfiguration

Other

Execution After Redirect ('EAR')

Path Resolution

Predictability

Resource Management

Risky Values