Explore
101-125 of 379
Information Exposure: Avoid using hardware identifiers - Compliant
Using hardware identifiers is not recommended - compliant
- error
- java
- security
- framework specific
- mobile
- Android
Information Exposure: Do not place sensitive information on ClipBoard
Never copy sensitive information to the ClipBoard
- info
- java
- security
- framework specific
- mobile
- Android
Information Exposure: Sensitive information
Do not send sensitive information or put it on the clipboard
- warning
- java
- security
- framework specific
- mobile
- Android
Injection: XXE: Jaxb2Marshaller#setProcessExternalEntities set to true
Prevent XXE by disabling the processing of external entities
- error
- java
- Spring
- security
- XXE
- framework specific
- Spring XML
- OWASP Top 10
Injection: XXE: Jaxb2Marshaller#setSupportDtd set to true
Prevent XXE by disabling DTDs
- error
- java
- Spring
- security
- XXE
- framework specific
- Spring XML
- OWASP Top 10
Injection: XXE: Jaxb2RootElementHttpMessageConverter#setProcessExternalEntities set to true
Prevent XXE by disabling the processing of External Entities
- error
- java
- Spring
- security
- XXE
- framework specific
- Spring XML
- OWASP Top 10
Injection: XXE: Jaxb2RootElementHttpMessageConverter#setSupportDtd set to true
Prevent XXE by disabling DTDs
- error
- java
- Spring
- security
- XXE
- framework specific
- Spring XML
- OWASP Top 10
Injection: XXE: SourceHttpMessageConverter#setProcessExternalEntities set to true
Prevent XXE by disabling the processing of External Entities
- error
- java
- Spring
- security
- XXE
- framework specific
- Spring XML
- OWASP Top 10
Injection: XXE: SourceHttpMessageConverter#setSupportDtd set to true
Prevent XXE by disabling DTDs
- error
- java
- Spring
- security
- XXE
- framework specific
- Spring XML
- OWASP Top 10
Input Validation: Avoid JDBC Injection: Bind variables in prepared statements: single parameter
Could lead to JDBC Injection
- error
- java
- Spring
- security
- Spring Data
- framework specific
- injection
- SQL
- OWASP Top 10
Input Validation: Avoid JDBC Injection: Bind variables in prepared statements: Two parameters
Could lead to JDBC Injection
- error
- java
- Spring
- security
- Spring Data
- framework specific
- injection
- SQL
- OWASP Top 10
Input Validation: Avoid Spring Expression Language Injection: Do not evaluate expressions controlled by user input (ExpressionParser)
Could lead to Spring Expression Language Injection
- error
- java
- expression language
- Spring
- Spring Core
- security
- framework specific
- injection
- OWASP Top 10
Input Validation: Avoid XXE: Use automatically protected source types
Could lead to XXE
- error
- java
- Spring
- security
- XXE
- framework specific
- Spring XML
- OWASP Top 10
Insecure Data Storage: Store Sensitive Data in a Private Location (FileOutputStream constructor) in Activity
Do not store sensitive data in a public location
- warning
- java
- security
- framework specific
- mobile
- Android
Insecure Data Storage: Store Sensitive Data in a Private Location (FileOutputStream constructor) in Fragment
Do not store sensitive data in a public location
- warning
- java
- security
- framework specific
- mobile
- Android
Insecure Data Storage: Use SQLCipher Database (all other methods)
SQLite Databases are an insecure means of storage
- warning
- java
- security
- framework specific
- mobile
- Android
- SQL
- Android security set
Insecure Data Storage: Use SQLCipher Database (creation)
SQLite Databases are an insecure means of storage
- warning
- java
- security
- framework specific
- mobile
- Android
- SQL
- Android security set
JUnit 4: assertEquals suspicious order of arguments (with message)
Suspicious argument values for 'expected' and 'actual'
- warning
- java
- testing
- framework specific
- JUnit 4
- quality
JUnit 4: assertEquals suspicious order of arguments (with message)
Suspicious argument values for 'expected' and 'actual'
- warning
- java
- testing
- framework specific
- JUnit 4
- quality
JUnit 4: @Ignored Description
Add a description to indicate why the test has been ignored.
- warning
- java
- testing
- framework specific
- JUnit 4
- quality
JUnit 4: Incorrect method signature for annotation
The annotations on this method require it to have a void return type and not be private.
- error
- java
- kotlin
- testing
- framework specific
- JUnit 4
- quality
JUnit 4: Incorrect method signature for annotation (Class)
The annotations on this method require it to have a void return type, not be private, and be static.
- error
- java
- kotlin
- testing
- framework specific
- JUnit 4
- quality
JUnit 4: Incorrect method signature for annotation (Class - arguments)
The annotations on this method require it to have no arguments.
- error
- java
- testing
- framework specific
- JUnit 4
- quality
JUnit 4: @Test annotation missing
Method with assertions is missing @Test annotation
- error
- java
- testing
- framework specific
- JUnit 4
- quality
JUnit 5: assertEquals suspicious order of arguments
Suspicious argument values for 'expected' and 'actual'
- warning
- java
- testing
- framework specific
- JUnit 5
- quality