java
Security controls bypass or absence - Fingerprint - Java
Need Enhancement of security controls for fingerprint identification Context Usage of Java for building robust and scalable applications Usage of javax.servlet for Java web application development Usage of javax.servlet.http for handling HTTP ...
Use of software with known vulnerabilities in environments - Java
Need Regular patching and updating of software and dependencies to address known vulnerabilities Context Usage of Java 8 for developing applications with enhanced features and performance improvements Usage of javax.servlet-api for building Java web ...
Inappropriate coding practices - relative path command - Java
Need Enforce secure coding practices to prevent the use of relative path commands Context Usage of Java for building robust and scalable applications Usage of javax.servlet for building Java web applications with Servlet technology Usage of java.io ...
Inappropriate coding practices - invalid file - Java
Need Enforcement of proper file validation and verification Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for Java Servlet development Usage of java.io for input and output ...
Server side cross-site scripting - Java
Need Prevention of server-side cross-site scripting attacks Context Usage of Java for building cross-platform applications Usage of javax.servlet for Java web application development Usage of javax.servlet.http for handling HTTP requests and ...
Server side template injection - Java
Need Prevention of server-side template injection vulnerabilities Context Usage of Java for building cross-platform applications and enterprise-level software Usage of javax.servlet for building Java web applications with servlets Usage of java.io ...
Insecure encryption algorithm - Insecure Elliptic Curve - Java
Need Secure encryption algorithm - Strong Elliptic Curve Context Usage of Java 8 for developing applications with enhanced features and performance improvements Usage of javax.crypto for cryptographic operations in Java Usage of javax.servlet.http ...
Password reset poisoning - Java
Need Secure password reset functionality Context Usage of Java for building robust and scalable applications Usage of javax.servlet.http.* for handling HTTP requests and responses in Java Servlets Usage of java.io.IOException for handling ...
Account Takeover - Java
Need Prevention of unauthorized access and control of user accounts Context Usage of Java for building cross-platform applications Usage of javax.servlet for Java web application development Usage of javax.servlet.http for handling HTTP requests and ...
Insecure encryption algorithm - Default encryption - Java
Need Implementation of customer-controlled keys for encryption Context Usage of Java for building cross-platform applications Usage of javax.crypto.Cipher for encryption and decryption operations Usage of javax.crypto.spec.SecretKeySpec for ...
Excessive privileges - Access Mode - Java
Need Restrict access privileges to system files and directories Context Usage of Java 8 for developing applications with enhanced features and performance improvements Usage of HttpServletRequest for handling HTTP requests in Java Servlets Usage of ...
OS Command Injection - Java
Need Prevention of OS command injection attacks Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for building Java web applications with Servlets Description Non compliant code ...
Insecure authentication method - LDAP - Java
Need Implementation of a secure and robust authentication method Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.naming for accessing naming and directory services in Java Usage of ...
Insecure generation of random numbers - Static IV - Java
Need Secure generation of random numbers and dynamic initialization vectors Context Usage of Java for building cross-platform applications Usage of javax.crypto.Cipher for encryption and decryption operations Usage of IvParameterSpec for specifying ...
Use of software with known vulnerabilities in development - Java
Need Mitigation of software vulnerabilities in development environments Context Usage of Java 8 for developing applications with enhanced features and performance improvements Usage of javax.servlet-api for developing Java web applications with ...
Inappropriate coding practices - Unused properties - Java
Need Elimination of unused properties in the codebase Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for Java Servlet development Description Non compliant code import ...
Insecure authentication method - NTLM - Java
Need Secure authentication method implementation Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for developing Java web applications with Servlets Usage of commons-codec for ...
Inappropriate coding practices - Wildcard export - Java
Need Enforce explicit exports in code to avoid wildcard exports Context Usage of Java for building cross-platform applications Usage of javax.servlet for Java web application development Description Non compliant code package com.example; import ...
Insecurely generated token - OTP - Java
Need Secure generation and transmission of OTP tokens Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for building Java web applications with Servlets Description Non compliant ...
Non-encrypted confidential information - Hexadecimal - Java
Need Secure encryption of confidential information Context Usage of Java for building cross-platform applications Usage of javax.servlet for building Java web applications Usage of java.io for input and output operations in Java programming ...
Security controls bypass or absence - Tampering Protection - Java
Need Enforcement of tampering protection controls Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for developing Java web applications with Servlets Description Non compliant code ...
Use of an insecure channel - HTTP - Java
Need Secure transmission of client information Context Usage of Java for building cross-platform applications Usage of javax.servlet for building Java web applications with servlet technology Usage of java.io for input and output operations in Java ...
DOM-Based cross-site scripting (XSS) - Java
Need Prevention of client-side execution of malicious scripts Context Usage of Java for building cross-platform applications and software solutions Usage of javax.servlet for building Java web applications with Servlet technology Usage of ...
Insecure object reference - User deletion - Java
Need Secure user deletion process and session management Context Usage of Java 8 for developing applications with enhanced features and performance improvements. Usage of javax.servlet-api for Java Servlet development Description Non compliant code ...
Authentication mechanism absence or evasion - Response tampering - Java
Need Implementation of a secure and reliable authentication mechanism Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for developing Java web applications with servlets Description ...
Weak credential policy - Temporary passwords - Java
Need Implementation of a strong credential policy for temporary passwords Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet for building Java web applications with Servlet technology ...
Weak credential policy - Password strength - Java
Need Implementation of a strong password policy Context Usage of Java for building scalable and robust applications Usage of javax.servlet for building Java web applications Usage of javax.servlet.http for handling HTTP requests and responses in Java ...
Technical information leak - Content response - Java
Need Prevention of unauthorized disclosure of technical information Context Usage of Java for building robust and scalable applications Usage of HttpServletResponse for handling HTTP responses in Java Servlets Usage of javax.servlet.http.HttpServlet ...
Sensitive information in source code - Credentials - Java
Need Protection of sensitive information in source code Context Usage of Java for building cross-platform applications Usage of javax.servlet for building Java web applications with servlets Usage of javax.servlet.http for handling HTTP requests and ...
Insufficient data authenticity validation - Checksum verification - Java
Need Enhanced data authenticity validation and checksum verification Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for developing Java web applications with Servlets Usage of ...
Insecure file upload - Files Limit - Java
Need Enforce file upload limits and implement proper file management Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for building Java web applications with Servlets Description ...
Lack of data validation - Token - Java
Need Secure and reliable token validation mechanism Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for developing Java web applications using Servlet technology Usage of ...
Technical information leak - Credentials - Java
Need Protection of sensitive credentials from being exposed Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for building Java web applications with Servlets Description Non ...
Security controls bypass or absence - Session Invalidation - Java
Need Implementation of proper session invalidation mechanism Context Usage of Java for building scalable and robust applications Usage of javax.servlet.http.HttpSession for managing user sessions in Java web applications Description Non compliant ...
Lack of data validation - Non Sanitized Variables - Java
Need Implementation of proper data validation and sanitization techniques Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for developing Java web applications with servlets Usage ...
Lack of data validation - OTP - Java
Need Implementation of proper data validation for OTP tokenCode parameter Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for developing Java web applications with Servlets ...
Lack of data validation - Special Characters - Java
Need Implementation of robust data validation to prevent the entry of special characters in fields where they are not allowed. Context Usage of Java for building robust and scalable applications Usage of javax.servlet for Java Servlet development ...
Insecure session management - CSRF Fixation - Java
Need Secure session management and protection against CSRF Fixation Context Usage of Java 8 for developing applications with enhanced features and performance Usage of javax.servlet-api for building Java web applications with Servlets Description Non ...
Business information leak - Corporate information - Java
Need Protection of sensitive corporate information from unauthorized access Context Usage of Java 1.8 for running Java applications Usage of javax.servlet for building Java web applications with Servlet technology Usage of java.io for input and ...
Use of insecure channel - Source code - Java
Need Secure transmission of customer information Context Usage of Java for building robust and scalable applications Usage of javax.servlet for building Java web applications Usage of java.io for input and output operations in Java Description Non ...
Next page