Topics tagged security

Topic	Replies	Views	Activity
SonarLint missing PHP exec() security vulnerability (command injection) SonarLint vscode , security , php8	2	35	May 13, 2022
No OWASP vulnerability found against OWASP juice shop SonarQube typescript , security , js	12	129	May 12, 2022
S5131 - Endpoints security and XSS attacks Report a False-positive / False-negative java , sonarqube , security , xss	10	625	May 9, 2022
For some reasons unsafe usage of $_GET not flagged Report a False-positive / False-negative sonarcloud , security	4	45	April 29, 2022
A false negaitve about the rule RSPEC-6350 Report a False-positive / False-negative java , security	1	41	April 28, 2022
S3649 and S2077 do not work SonarQube csharp , sonarqube , scanner , security	10	486	April 27, 2022
Use secure mode and padding scheme for ECB Not Detected Consistently Across C/JAVA Languages SonarQube cfamily , security , rules , bug-no-category	4	196	April 26, 2022
SonarQube affected by Java CVE-2022-21449 relating to ECDSA signatures? SonarQube java , security	4	234	April 25, 2022
OWASP Top 10 Injection are not fully covered in SonarQube 9.4 Report a False-positive / False-negative csharp , sonarqube , dotnet , security , appsec	9	97	April 25, 2022
SAST REPORTS / Security Report SonarCloud sonarqube , sonarcloud , security	2	81	April 21, 2022
Run Code analysis take a long time for Angular Project SonarQube typescript , security	5	98	April 13, 2022
SonarCloud detects Permission problems on AWS resources on CloudFormation and Terraform files Announcements security , iac , terraform , cloudformation , aws	0	570	September 30, 2021
FP on S3329 (Cipher IV unpredictable) on DECRYPT_MODE if IV variable declaration is split from definition Report a False-positive / False-negative java , sonarqube , security	3	199	April 8, 2022
Sonar Lombok issue SonarQube java , security	1	137	April 7, 2022
Sonar Scanner CLI freezing at various stages SonarQube javascript , sonarqube , scanner , security	3	83	April 7, 2022
Azurerm_storage_account incorrectly flags log configuration Report a False-positive / False-negative security , azure , iac , terraform , appsec	6	109	April 5, 2022
Integration for WordPress plugins Suggest new features php , security , plugin	3	696	March 31, 2022
AWS SES Nodemailer Transport doesn't use clear-text protocol Report a False-positive / False-negative typescript , sonarcloud , security , security-hotspot , node	0	85	March 25, 2022
Remove user from SonarQube SonarQube sonarqube , security , user	4	200	March 24, 2022
Automated User deletion from SonarQube with Azure AD synchronization process SonarQube security , sso , user	1	66	March 18, 2022
In our team, we want to perform vulnerability scan on Yaml files SonarQube security , iac	8	397	March 14, 2022
Retrieve issues categorized through application security and development STIG New features sonarqube , security , reports	6	162	March 11, 2022
Database queries should not be vulnerable to injection attacks Report a False-positive / False-negative javascript , sonarqube , security	0	74	March 9, 2022
CVE-2021-42550 Vulnerable logback version 1.2.7 in SonarQube 8.9.6 SonarQube sonarqube , security	6	190	March 9, 2022
SonarCloud detects security problems in Terraform for GCP files Announcements security , iac , terraform , gcp	0	417	March 9, 2022
Security rule does not trigger: S5135 (Deserialization should not be vulnerable to injection attacks) Report a False-positive / False-negative java , security , taint-analysis	6	209	March 8, 2022
[Cloudformation] Sonar still complains about 'Authorizing HTTP communications with S3 Bucket' after fix Report a False-positive / False-negative sonarqube , security , security-hotspot	7	167	March 7, 2022
Detection of hardcoded credentials in .NET project web.config or app.config file New rules xml , dotnet , security	1	87	March 7, 2022
SonarCloud questions SonarCloud sonarcloud , security	1	120	March 3, 2022
Not possible to disable a rule for JsSecuritySensor SonarQube javascript , performance , security , bug-no-category	6	176	March 3, 2022