elixir
Directory Listing - Elixir
Need Prevent unauthorized listing of directory contents that could reveal sensitive information or application structure. Context Usage of Elixir (v1.11+) for building scalable and fault-tolerant applications Usage of Plug.Static library for serving ...
Email Flooding - Elixir
Need Prevent uncontrolled email sending that can lead to inbox saturation or spamming. Context Usage of Elixir (version 1.11 and above) for building scalable and fault-tolerant applications Usage of Bamboo library for sending emails Description Non ...
Improper Dependency Pinning - Elixir
Need Prevent installation of unsupported or vulnerable dependencies. Context Usage of Elixir (v1.11+) for building scalable and concurrent applications Usage of Mix for managing assets in Laravel Description Non compliant code defp deps do [ {:plug, ...
Metadata with Sensitive Information - Elixir
Need Prevent exposure of sensitive information through metadata. Context Usage of Elixir (v1.11+) for building scalable and fault-tolerant applications Usage of Logger module for logging and debugging purposes Description Non compliant code defmodule ...
Asymmetric Denial of Service - Elixir
Need Prevent single requests from overwhelming the application by using excessive resources, thus causing denial of service. Context Usage of Elixir 1.13.0 for building scalable and fault-tolerant applications Usage of Plug and Cowboy for request ...
Symmetric Denial of Service - Elixir
Need Prevent a sequence of repeated requests from consuming excessive resources, leading to denial of service. Context Usage of Elixir 1.13.0 for building scalable and fault-tolerant applications Usage of Plug and Cowboy for request management Usage ...
Cross-Site Request Forgery - Elixir
Need Prevent attackers from tricking authenticated users into executing actions without their consent. Context Usage of Elixir 1.13.0 for functional programming and building scalable applications Usage of Plug for request management Usage of ...
Reflected Cross-Site Scripting (XSS) - Elixir
Need Prevent injection of malicious scripts into dynamically generated web content Context Usage of Elixir 1.13.0 for building scalable and fault-tolerant applications Usage of Plug for request management Dynamic content generation Description Non ...
Stored Cross-Site Scripting (XSS) - Elixir
Need Prevent persistent injection of malicious scripts into application fields Context Usage of Elixir 1.13.0 for building scalable and fault-tolerant applications Usage of Ecto for database query and manipulation Usage of Phoenix.HTML for building ...
XPath Injection Vulnerability - Elixir
Need Prevent unauthorized data access through XPath Injection Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of sweet_xml for parsing and manipulating XML data Usage of XML data manipulation Description ...
Lack of Data Validation - URL - Elixir
Need To prevent unauthorized access to user data Context Usage of Elixir (version 1.12 and above) for building scalable and fault-tolerant applications Usage of Phoenix framework for building real-time web applications User authentication ...
Insecure or unset HTTP headers - X-Frame Options - Elixir
Need To prevent clickjacking attacks Context Usage of Elixir (v1.12+) for building scalable and fault-tolerant applications Usage of Plug.Router for handling HTTP requests Description Non compliant code defmodule MyApp.Router do use Plug.Router plug ...
Insecure or unset HTTP headers - Accept - Elixir
Need To prevent unexpected behaviors due to content type misinterpretations Context Usage of Elixir (v1.12+) for building scalable and concurrent applications Usage of Plug.Router for handling HTTP requests Description Non compliant code defmodule ...
Time-based SQL Injection - Elixir
Need To prevent SQL injection attacks Context Usage of Elixir (v1.12+) for building scalable and fault-tolerant applications Usage of Ecto.Repo for interacting with databases Description Non compliant code defmodule MyApp.UserController do use ...
Unauthorized access to files - Elixir
Need To prevent unauthorized access to files Context Usage of Elixir (v1.12+) for building scalable and fault-tolerant applications Usage of Ecto.Repo for interacting with databases Description Non compliant code defmodule MyApp.UserController do use ...
Insufficient data authenticity validation - Elixir
Need To prevent injection of potentially malicious characters into application fields Context Usage of Elixir (version 1.12 and above) for building scalable and fault-tolerant applications Usage of Ecto.Repo for interacting with databases Description ...
Unauthorized File Creation - Elixir
Need Prevent unauthorized users from creating files Context Usage of Elixir for building scalable and fault-tolerant applications Usage of Phoenix web framework for building web applications Description Non compliant code defmodule ...
Insecure functionality - Password management - Elixir
Need Secure password management Context Usage of Elixir (v1.12+) for building scalable and fault-tolerant applications Usage of Phoenix framework for web application development Description Non compliant code def update_password(conn, %{"id" => id, ...
Insecure functionality - Masking - Elixir
Need Ensure confidentiality and integrity of sensitive user data Context Usage of Elixir (v1.12+) for building scalable and fault-tolerant applications Usage of Plug and Cowboy for HTTP request and response handling Description Non compliant code ...
Insecure functionality - Fingerprint - Elixir
Need Ensure that only authorized fields can be updated by the user Context Usage of Elixir (v1.12+) for building scalable and fault-tolerant applications Usage of Ecto for data persistence Description Non compliant code defmodule UserController do ...
Insecure object reference - Personal information - Elixir
Need Prevent unauthorized modification of other user's information Context Usage of Elixir (version 1.12 and above) for building scalable and fault-tolerant applications Usage of Phoenix Framework for building web applications Usage of Plug for ...
Insecure object reference - Corporate information - Elixir
Need Prevent unauthorized modification of third-party company's employee information Context Usage of Elixir (v1.12+) for building scalable and fault-tolerant applications Usage of Phoenix Framework for building web applications Usage of Ecto for ...
Insecure Object Reference in Credit Card Inquiry - Elixir
Need Prevent unauthorized access to sensitive user information Context Usage of Elixir 1.12 for functional programming on the Erlang virtual machine Usage of Phoenix Framework 1.6 for web development Description Non compliant code defmodule ...
Insecure Session Management After Password Change - Elixir
Need Ensure security after password change Context Usage of Elixir 1.12 for functional programming Usage of Phoenix Framework 1.6 for web development Description Non compliant code defmodule MyApp.Accounts do def change_password(user, new_password) ...
Authentication Mechanism Absence or Evasion - Redirect - Elixir
Need Prevent unauthorized access by implementing proper authentication Context Usage of Elixir 1.12 for building scalable and concurrent applications Usage of Phoenix Framework 1.6 for web development Description Non compliant code defmodule ...
Concurrent Sessions Control Bypass - Elixir
Need Prevent concurrent sessions from a single user account to maintain traceability Context Usage of Elixir 1.12 for building scalable and fault-tolerant applications Usage of Phoenix Framework 1.6 for web development Description Non compliant code ...
Insecure Functionality - Session Management - Elixir
Need Prevent reuse of expired session tokens to ensure session integrity Context Usage of Elixir 1.12 for building scalable and concurrent applications Usage of Phoenix Framework 1.6 for web development Usage of Guardian library for authentication ...
Security Controls Bypass or Absence - Data Creation - Elixir
Need Prevent the creation of more than four beneficiaries per policy Context Usage of Elixir 1.12 for building scalable and concurrent applications Usage of Phoenix Framework 1.6 for web development Description Non compliant code def create(conn, ...
Insecure Object Reference - Files - Elixir
Need Prevent unauthorized users from accessing or manipulating information Context Usage of Elixir 1.12 for functional programming Usage of Phoenix Framework 1.6 for web development Description Non compliant code def show(conn, %{"id" => id}) do file ...
Insecure Object Reference - Data - Elixir
Need Prevent unauthorized users from accessing or manipulating other stores' data Context Usage of Elixir 1.12 for functional programming and building scalable applications Usage of Phoenix Framework 1.6 for web development Description Non compliant ...
Insecurely Generated Token - JWT - Elixir
Need To ensure tokens are generated securely, preventing unauthorized access Context Usage of Elixir 1.12 for functional programming and building scalable applications Usage of Phoenix Framework 1.6 for web development Usage of Guardian 2.0 for ...
Improper Resource Allocation - Memory Leak - Elixir
Need To avoid exhausting system resources due to memory leaks Context Usage of Elixir 1.12 for building scalable and concurrent applications Usage of Phoenix Framework 1.6 for web development Description Non compliant code defmodule MemoryLeak do def ...
Insecurely Generated Token - Validation - Elixir
Need To prevent unauthorized user creation and protect the integrity of user data Context Usage of Elixir 1.12 for building scalable and fault-tolerant applications Usage of Phoenix Framework 1.6 for web development Usage of Guardian 2.0 for ...
Insecurely Generated Token - Lifespan - Elixir
Need To prevent unauthorized user data modifications by ensuring token's expiry time is reasonable Context Usage of Elixir 1.12 for functional programming and building scalable applications Usage of Phoenix Framework 1.6 for web development Usage of ...
Insecure Functionality - User Management - Elixir
Need To ensure that sensitive vulnerability data is only accessible by registered and authorized users Context Usage of Elixir 1.12 for functional programming and building scalable applications Usage of Phoenix Framework 1.6 for web development ...
Insecure Object Reference - Session Management - Elixir
Need To prevent unauthorized users from closing sessions of other users Context Usage of Elixir 1.12 for building scalable and fault-tolerant applications Usage of Phoenix Framework 1.6 for web development Description Non compliant code defmodule ...
Insecure or Unset HTTP Headers - Content-Type - Elixir
Need To prevent unexpected behaviors due to content type misinterpretations Context Usage of Elixir 1.12 for functional programming on the Erlang virtual machine Usage of Phoenix Framework 1.6 for web development Description Non compliant code ...
Insecure Session Management - CSRF Fixation - Elixir
Need To prevent CSRF attacks that can spoof an authenticated user and execute critical transactions Context Usage of Elixir 1.12 for functional programming and building scalable applications Usage of Phoenix Framework 1.6 for web development Usage of ...
Security Controls Bypass or Absence - Session Invalidation - Elixir
Need To ensure proper session management and invalidate sessions appropriately Context Usage of Elixir 1.12 for building scalable and concurrent applications Usage of Plug.Session for HTTP session management Description Non compliant code defmodule ...
Insecure object reference - User deletion - Elixir
Need Protecting user data and ensuring application integrity Context Usage of Elixir (v1.10+) for building scalable and fault-tolerant applications Usage of Plug and Cowboy for HTTP request and response handling Usage of Ecto for data persistence ...
Next page