Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Lang
- Correctness
- Security
- Containers
- Crypto
- Filesystem
- Format-string
- Ldap
- Libraries
- Memory
- Misc
- Rng
- Sql
- Strings
- System-command
- Uri
- Http-url
- Url-manipulation-generic
- Use-after-free
- Libxml2
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Http-url
Http url
The application may be making an insecure HTTP request which may allow attackers to intercept plaintext information. Instead, the URL should use HTTPS to ensure that the request is encrypted.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-319: Cleartext Transmission of Sensitive Information
OWASP:
- A02:2021 - Cryptographic Failures
- A03:2017 - Sensitive Data Exposure