elixir
Message Flooding - Elixir
Need Prevent mass messages from being sent to a single user, causing resource saturation. Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Plug (1.12.0 and above) for building composable web ...
Business Information Leak - Analytics - Elixir
Need Prevent unauthorized access to business analytics through exposed API key Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Plug (1.12.0 and above) for building composable web applications ...
Business Information Leak - Personal Information - Elixir
Need Avoid exposure of real user's personal information stored in the source code Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Plug (1.12.0 and above) for building composable web ...
Business Information Leak - DB - Elixir
Need Prevent exposure of sensitive business information from the database Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Ecto (3.6.2 and above) for database query and manipulation Usage of ...
Business Information Leak - Users - Elixir
Need Prevent exposure of valid users' list Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Plug (1.12.1 and above) for building composable web applications in Elixir Usage of Ecto for database ...
Business Information Leak - Token - Elixir
Need Prevent user information from being exposed in session tokens Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Plug (1.12.1 and above) for building composable web applications in Elixir ...
Business Information Leak - Credit Cards - Elixir
Need Prevent credit card information from being exposed in responses Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Phoenix Framework for building web applications (version 1.5.0 and above) ...
Business Information Leak - Credentials - Elixir
Need Prevent leakage of sensitive credentials Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Plug (1.11.0 and above) for building composable web applications in Elixir Description Non ...
Business Information Leak - JWT - Elixir
Need Prevent leakage of sensitive business information through JWTs Context Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications Usage of Guardian for authentication and authorization Description Non compliant code ...
Asymmetric Denial of Service - ReDoS - Elixir
Need Prevent server crashes by avoiding expensive regular expression operations Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Regex module for regular expressions Description Non compliant code ...
Traceability Loss - Elixir
Need Traceability and monitoring of system events Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Logger library for logging Description Non compliant code defmodule MyApp.Service do def ...
Lack of Data Validation - Emails - Elixir
Need Prevent usage of disposable email addresses for user registration Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Ecto for data validation and changesets Description Non compliant code defmodule ...
Lack of Data Validation - Out of Range - Elixir
Need Prevent unauthorized access to restricted functionalities Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug for request routing Description Non compliant code defmodule ...
Lack of Data Validation - Numbers - Elixir
Need Prevent transactions with invalid values to ensure business logic integrity Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Phoenix Framework for request handling Description Non compliant code ...
Lack of Data Validation - Dates - Elixir
Need Prevent unauthorized changes to product data by validating permissions and data before processing requests Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Phoenix Framework for request handling ...
Lack of Data Validation - Headers - Elixir
Need Prevent potential attacks via HTTP headers by validating the data received Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Phoenix Framework for request handling Description Non compliant code ...
Lack of Data Validation - Input Length - Elixir
Need Prevent overlong content in user input, which can lead to resource exhaustion or other vulnerabilities Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Phoenix Framework for request handling ...
Lack of Data Validation - Host Header Injection - Elixir
Need Prevent unintended redirects due to manipulation of the host header Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug.Conn for request handling Description Non compliant code defmodule ...
Lack of Data Validation - Reflected Parameters - Elixir
Need Prevent XSS vulnerabilities due to unvalidated user input in server error responses Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Phoenix framework for request handling Description Non compliant ...
Lack of data validation - Responses - Elixir
Need Maintain data integrity by server-side validation of input data Context Usage of Elixir (1.12 and above) for building scalable and fault-tolerant applications Usage of Plug for request handling Description Non compliant code defmodule ...
Lack of data validation - Session Cookie - Elixir
Need Prevent unauthorized modification of session cookies Context Usage of Elixir (1.12 and above) for building scalable and fault-tolerant applications Usage of Plug for request handling Usage of Plug.Session for HTTP session management Description ...
Lack of data validation - Content Spoofing - Elixir
Need Prevent unauthorized file replacement Context Usage of Elixir (1.12 and above) for building scalable and concurrent applications Usage of Plug and Cowboy for HTTP request and response handling Description Non compliant code defmodule ...
Lack of data validation - Source Code - Elixir
Need Prevent server crashes caused by the use of dangerous regular expressions Context Usage of Elixir (1.10 and above) for building scalable and fault-tolerant applications Usage of custom-made text processing functionality Description Non compliant ...
Lack of data validation - Web Service - Elixir
Need Prevent injection attacks, server resource exhaustion, and improve the overall security by applying server-side data validation Context Usage of Elixir (1.10 and above) for building scalable and fault-tolerant applications Usage of Plug and ...
Lack of data validation - Header x-amzn-RequestId - Elixir
Need Prevent unauthorized or malicious data injection and Denial of Service (DoS) attacks through the x-amzn-RequestId Header Context Usage of Elixir (1.10 and above) for building scalable and fault-tolerant applications Usage of Plug and Cowboy for ...
Lack of Data Validation - Elixir
Need Prevent injection of malicious characters Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Phoenix framework for building web applications Description Non compliant code defmodule ...
Debugging Enabled in Production - Elixir
Need Prevent sensitive information disclosure Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug.Debugger for debugging Elixir applications Description Non compliant code defmodule MyApp do use ...
Use of Insecure Channel - FTP in Applications - Elixir
Need Secure transmission of customer information Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug for request handling Usage of Phoenix framework for building scalable web applications Usage of ftp ...
Excessive Privileges in Temporary Files in Applications - Elixir
Need Prevent unauthorized access to temporary files Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug for request handling Usage of Phoenix framework for building web applications Description Non ...
Excessive Privileges in Applications - Elixir
Need Prevent unauthorized privilege escalation Context Usage of Elixir (version 1.10 and above) for building scalable and fault-tolerant applications Usage of Plug for request handling Usage of Phoenix framework for building web applications Usage of ...
Log Injection - Elixir
Need Prevent compromising log integrity or system safety by log injection Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug for request handling Usage of Phoenix framework for building web ...
Lack of Protection Against Brute Force Attacks - Elixir
Need Prevent automated attacks designed to guess credentials Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug for request handling Usage of Phoenix framework for building web applications ...
Insecure File Upload - Elixir
Need Prevent upload of files with double extensions or unsafe extensions Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug.Upload for file handling Description Non compliant code def ...
Uncontrolled External Site Redirect - Elixir
Need Prevent unauthorized redirection to potentially malicious external sites Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug.Conn for handling requests Description Non compliant code def ...
SQL Injection via Headers - Elixir
Need Ensure integrity and confidentiality of data and prevent unauthorized database operations Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug.Conn for handling requests Usage of Ecto for database ...
Use of Insecure SMTP Channel - Elixir
Need Ensure confidentiality and integrity of data during transmission Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Swoosh library for email sending Description Non compliant code def ...
SQL Injection - Elixir
Need Prevent unauthorized extraction or manipulation of data in the database Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of PostgreSQL database for data storage and retrieval Usage of Ecto for database ...
Inappropriate coding practices - Cyclomatic complexity - Elixir
Need Enhance maintainability and security of the code Context Usage of Elixir (v1.11+) for building scalable and fault-tolerant applications Usage of Phoenix Framework for building web applications with Elixir Description Non compliant code defmodule ...
Sensitive information in source code - API Key - Elixir
Need Prevent exposure of sensitive data in the source code Context Usage of Elixir (v1.11+) for building scalable and fault-tolerant applications Usage of HTTPoison for making HTTP requests in Elixir Description Non compliant code defmodule MyApp do ...
Insecure or unset HTTP headers - Cache Control - Elixir
Need Prevent caching of sensitive data by client browsers and intermediate proxies Context Usage of Elixir (v1.11+) for building scalable and fault-tolerant applications Usage of Plug for HTTP request and response handling Description Non compliant ...
Next page