Мы используем куки, чтобы пользоваться сайтом было удобно.
Хорошо
to the top
>
>
>
Классификация предупреждений PVS-Studio…

Классификация предупреждений PVS-Studio согласно OWASP Top 10 Web Application Security Risks

OWASP Top 10 — это рейтинг десяти наиболее опасных угроз защищённости Web-приложений, основанный на общем мнении экспертов по вопросам безопасности со всего мира. Ранжирование в рейтинге основано на степени серьёзности описанных потенциальных угроз, частоте их выявления и величине потенциального урона, которые они могут нанести. Целью проекта OWASP Top 10 является предоставление разработчикам и экспертам по безопасности информации для обнаружения, противодействия и своевременного устранения рисков безопасности разрабатываемых ими приложений.

Каждые несколько лет рейтинг OWASP Top 10 пересматривается, чтобы отражать наиболее актуальные для данного момента угрозы защищённости приложений. PVS-Studio поддерживает классификацию своих диагностических правил согласно редакции рейтинга OWASP Top 10 версии 2021.

PVS-Studio имеет диагностики для обнаружения 10/10 (100%) приведенных категорий уязвимостей.

Category

CWE

Rules

A01.Broken Access Control Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user's limits.

CWE-22, CWE-23, CWE-35, CWE-59, CWE-200, CWE-201, CWE-219, CWE-264, CWE-275, CWE-276, CWE-284, CWE-285, CWE-352, CWE-359, CWE-377, CWE-402, CWE-425, CWE-441, CWE-497, CWE-538, CWE-540, CWE-548, CWE-552, CWE-566, CWE-601, CWE-639, CWE-651, CWE-668, CWE-706, CWE-862, CWE-863, CWE-913, CWE-922, CWE-1275

V5609 - Possible path traversal vulnerability. Potentially tainted data is used as a path. - CWE-22

V5623 - Possible open redirect vulnerability. Potentially tainted data is used in the URL. - CWE-601

A02.Cryptographic Failures Data in transit and at rest — such as passwords, credit card numbers, health records, personal information, and business secrets — require extra protection due to the potential for cryptographic failures (sensitive data exposures). This is especially true if the data falls under any of the privacy laws such as GDPR, CCPA, and others.

CWE-261, CWE-296, CWE-310, CWE-319, CWE-321, CWE-322, CWE-323, CWE-324, CWE-325, CWE-326, CWE-327, CWE-328, CWE-329, CWE-330, CWE-331, CWE-335, CWE-336, CWE-337, CWE-338, CWE-340, CWE-347, CWE-523, CWE-720, CWE-757, CWE-759, CWE-760, CWE-780, CWE-818, CWE-916

V1057 - Pseudo random sequence is the same at every program run. Consider assigning the seed to a value not known at compile-time. - CWE-337

V5014 - Cryptographic function is deprecated. Its use can lead to security issues. Consider switching to an equivalent newer function. - CWE-327

V5307 - Potentially predictable seed is used in pseudo-random number generator. - CWE-337,CWE-336

V5612 - Do not use old versions of SSL/TLS protocols as it may cause security issues. - CWE-326

V5613 - Use of outdated cryptographic algorithm is not recommended. - CWE-327,CWE-328

V6109 - Potentially predictable seed is used in pseudo-random number generator. - CWE-337,CWE-336

A03.Injection Injection vulnerabilities can occur when a query or command is used to insert untrusted data into the interpreter via SQL, OS, NoSQL, or LDAP injection. The hostile data injected through this attack vector tricks the interpreter to make the application do something it was not designed for, such as generating unintended commands or accessing data without proper authentication.

CWE-20, CWE-74, CWE-75, CWE-77, CWE-78, CWE-79, CWE-80, CWE-83, CWE-87, CWE-88, CWE-89, CWE-90, CWE-91, CWE-93, CWE-94, CWE-95, CWE-96, CWE-97, CWE-98, CWE-99, CWE-100, CWE-113, CWE-116, CWE-138, CWE-184, CWE-470, CWE-471, CWE-564, CWE-610, CWE-643, CWE-644, CWE-652, CWE-917

V739 - EOF should not be compared with a value of the 'char' type. Consider using the 'int' type. - CWE-20

V781 - Value of a variable is checked after it is used. Possible error in program's logic. Check lines: N1, N2. - CWE-20

V1024 - Potential use of invalid data. The stream is checked for EOF before reading from it but is not checked after reading. - CWE-20

V1076 - Code contains invisible characters that may alter its logic. Consider enabling the display of invisible characters in the code editor. - CWE-94

V1111 - The index was used without check after it was checked in previous lines. - CWE-20

V5309 - Possible SQL injection. Potentially tainted data is used to create SQL command. - CWE-89

V5608 - Possible SQL injection. Potentially tainted data is used to create SQL command. - CWE-89

V5610 - Possible XSS vulnerability. Potentially tainted data might be used to execute a malicious script. - CWE-79

V5616 - Possible command injection. Potentially tainted data is used to create OS command. - CWE-77,CWE-78,CWE-88

V5620 - Possible LDAP injection. Potentially tainted data is used in a search filter. - CWE-90

V5622 - Possible XPath injection. Potentially tainted data is used in the XPath expression. - CWE-643

V5628 - Possible Zip Slip vulnerability. Potentially tainted data is used in the path to extract the file. - CWE-22,CWE-99

A04.Insecure Design Insecure design is a wide term that encompasses a variety of flaws and is defined as "missing or poor control design". Threat modeling, secure design patterns, and reference architectures are among the new categories for 2021, with a demand for increasing the usage of threat modeling, safe design patterns, and reference architectures.

CWE-73, CWE-183, CWE-209, CWE-213, CWE-235, CWE-256, CWE-257, CWE-266, CWE-269, CWE-280, CWE-311, CWE-312, CWE-313, CWE-316, CWE-419, CWE-430, CWE-434, CWE-444, CWE-451, CWE-472, CWE-501, CWE-522, CWE-525, CWE-539, CWE-579, CWE-598, CWE-602, CWE-642, CWE-646, CWE-650, CWE-653, CWE-656, CWE-657, CWE-799, CWE-807, CWE-840, CWE-841, CWE-927, CWE-1021, CWE-1173

V504 - Semicolon ';' is probably missing after the 'return' keyword. - CWE-841

V5001 - It is highly probable that the semicolon ';' is missing after 'return' keyword. - CWE-841

V5621 - Error message contains potentially sensitive data that may be exposed. - CWE-209

A05.Security Misconfiguration Gartner estimates that up to 95% of cloud breaches are the result of human errors. Security setting misconfigurations are one of the prime drivers of that statistic, with OWASP noting that, of the top ten, this vulnerability is the most common. There are many types of misconfiguration that expose the company to cybersecurity risk, including accepting default settings that are insecure, overly accessible cloud storage resources, incomplete configurations, misconfigured HTTP headers, verbose error messages that contain sensitive information.

CWE-2, CWE-11, CWE-13, CWE-15, CWE-16, CWE-260, CWE-315, CWE-520, CWE-526, CWE-537, CWE-541, CWE-547, CWE-611, CWE-614, CWE-756, CWE-776, CWE-942, CWE-1004, CWE-1032, CWE-1174

V624 - Use of constant NN. The resulting value may be inaccurate. Consider using the M_NN constant from <math.h>. - CWE-547

V5614 - Potential XXE vulnerability. Insecure XML parser is used to process potentially tainted data. - CWE-611

V5615 - Potential XEE vulnerability. Insecure XML parser is used to process potentially tainted data. - CWE-776

V5624 - Use of potentially tainted data in configuration may lead to security issues. - CWE-15

V6107 - The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant. - CWE-547

A06.Vulnerable and Outdated Components Modern distributed web applications often incorporate open source components such as libraries and frameworks. Any component with a known vulnerability becomes a weak link that can impact the security of the entire application. Although the use of open source components with known vulnerabilities ranks low in terms of security problem severity, it is #1 when ranking the OWASP Top 10 by how often a vulnerability was the root cause of an actual data breach.

CWE-937, CWE-1035, CWE-1104

V5625 - Referenced package contains vulnerability. - CWE-1035

A07.Identification and Authentication Failures When applications incorrectly execute functions related to session management or user authentication, intruders may be able to compromise passwords, security keys, or session tokens and permanently or temporarily assume the identities and permissions of other users. This vulnerability poses a grave threat to the security of the application and the resources it accesses and can also severely compromise other assets connected to the same network.

CWE-255, CWE-259, CWE-287, CWE-288, CWE-290, CWE-294, CWE-295, CWE-297, CWE-300, CWE-302, CWE-304, CWE-306, CWE-307, CWE-346, CWE-384, CWE-521, CWE-613, CWE-620, CWE-640, CWE-798, CWE-940, CWE-1216

V5013 - Storing credentials inside source code can lead to security issues. - CWE-798,CWE-259

V5305 - Storing credentials inside source code can lead to security issues. - CWE-798,CWE-259

V5601 - Storing credentials inside source code can lead to security issues. - CWE-798,CWE-259

V5617 - Assigning potentially negative or large value as timeout of HTTP session can lead to excessive session expiration time. - CWE-613

A08.Software and Data Integrity Failures Software and data integrity failures relate to code and infrastructure that does not protect against integrity violations. An example of this is where an application relies upon plugins, libraries, or modules from untrusted sources, repositories, and content delivery networks (CDNs). An insecure CI/CD pipeline can introduce the potential for unauthorized access, malicious code, or system compromise.

CWE-345, CWE-353, CWE-426, CWE-494, CWE-502, CWE-565, CWE-784, CWE-829, CWE-830, CWE-915

V5611 - Potential insecure deserialization vulnerability. Potentially tainted data is used to create an object using deserialization. - CWE-502

A09.Security Logging and Monitoring Failures This category is to help detect, escalate, and respond to active breaches. Without logging and monitoring, breaches cannot be detected. Studies indicate that the time from attack to detection can take up to 200 days, and often longer. This window gives cyber thieves plenty of time to tamper with servers, corrupt databases, steal confidential information, and plant malicious code.

CWE-117, CWE-223, CWE-532, CWE-778

V1116 - Creating an exception object without an explanatory message may result in insufficient logging. - CWE-778

V5619 - Possible log injection. Potentially tainted data is written into logs. - CWE-117

A10.Server Side Request Forgery (SSRF) SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network access control list (ACL).

CWE-918

V5618 - Possible server-side request forgery. Potentially tainted data is used in the URL. - CWE-918

close form

Заполните форму в два простых шага ниже:

Ваши контактные данные:

Шаг 1
Поздравляем! У вас есть промокод!

Тип желаемой лицензии:

Шаг 2
Team license
Enterprise license
** Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности
close form
Запросите информацию о ценах
Новая лицензия
Продление лицензии
--Выберите валюту--
USD
EUR
RUB
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Бесплатная лицензия PVS‑Studio для специалистов Microsoft MVP
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Для получения лицензии для вашего открытого
проекта заполните, пожалуйста, эту форму
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Мне интересно попробовать плагин на:
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
check circle
Ваше сообщение отправлено.

Мы ответим вам на


Если вы так и не получили ответ, пожалуйста, проверьте, отфильтровано ли письмо в одну из следующих стандартных папок:

  • Промоакции
  • Оповещения
  • Спам