Supported Sast rules
The rules for Code Vulnerabilities listed below are classified by language according to their kind.
C
Buffer Overflow
-
Use of insecure unbounded string copy/concatenation functions
-
Use of insecure scanf-family functions prone to buffer overflow
-
Incorrect use of strncpy/stpncpy/strlcpy with wrong buffer size
-
Direct write into stack buffer may cause stack-based buffer overflow
-
Unsafe use of snprintf/vsnprintf return value may cause buffer overflow
-
Unsafe use of strlcpy/strlcat return value may cause buffer overflow
-
Use of insecure sprintf/vsprintf functions prone to buffer overflow
Integer Overflow
Memory Management
Miscellaneous
Csharp
Injection
Go
Injection
Java
Javascript
Injection
-
Improper neutralization of XML entities ('Xml Entity Injection')
-
Improper neutralization of data within XPath expressions ('XPath Injection')
-
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
-
Improper neutralization of input during web page generation ('Cross-site Scripting' aka 'XSS')
Kotlin
Php
Injection
-
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
-
Improper neutralization of XML entities ('Xml Entity Injection')
-
Improper neutralization of data within XPath expressions ('XPath Injection')
-
Improper neutralization of input during web page generation ('Cross-site Scripting' aka 'XSS')
-
Improper neutralization of external input used within a CSV or Excel formula ('Formula Injection')
Python
Injection
Ruby
Cross-Site Scripting
-
Cross-Site Scripting: Number helpers XSS vulnerabilities in certain versions
-
Cross-Site Scripting: HTML escaping is disabled for JSON output
-
Cross-Site Scripting: Versions with vulnerable sanitize and sanitize_css
-
Cross-Site Scripting: Versions before 2.3.14 which have a vulnerable escape method
-
Cross-Site Scripting: Vunerable uses of sanitize (CVE-2022-32209)
-
Cross-Site Scripting: Unsafe uses of select_tag() in some versions of Rails 3.x
-
Cross-Site Scripting: Versions which do not escape single quotes (CVE-2012-3464)
Denial of Service
Remote Code Execution
-
Remote Code Execution: JSON parsing vulnerabilities CVE-2013-0333 and CVE-2013-0269
-
Remote Code Execution: YAML parsing vulnerabilities (CVE-2013-0156)
-
Remote Code Execution: Render that might be vulnerable to CVE-2016-0752
-
Remote Code Execution: Uses of serialize in versions vulnerable to CVE-2013-0277
-
Remote Code Execution: Use of Marshal for cookie serialization
Scala
Cookie
-
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
-
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
-
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
-
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
-
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Inject
-
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
-
Improper Neutralization of Special Elements in Data Query Logic
-
Improper limitation of a pathname to a restricted directory ('Path Traversal')
-
Improper Neutralization of CRLF Sequences ('CRLF Injection')
-
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
-
Improper limitation of a pathname to a restricted directory ('Path Traversal')
-
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
-
Improper limitation of a pathname to a restricted directory ('Path Traversal')
-
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
-
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
-
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
-
Improper limitation of a pathname to a restricted directory ('Path Traversal')
Xss
-
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
-
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
-
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
-
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Xxe
-
Improper Restriction of XML External Entity Reference ('XXE')
-
Improper Restriction of XML External Entity Reference ('XXE')
-
Improper Restriction of XML External Entity Reference ('XXE')
-
Improper Restriction of XML External Entity Reference ('XXE')
-
Improper Restriction of XML External Entity Reference ('XXE')
-
Improper Restriction of XML External Entity Reference ('XXE')