Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Lang
- Best practice
- Correctness
- Correctness
- Security
- Command-injection
- Rce-code
- Rce-eex
- Sql-injection
- Traversal-file
- Traversal-send-download
- Traversal-send-file
- Unsafe-atom-interpolation
- Unsafe-binary-to-term
- Xss-content-type
- Xss-controller-html
- Xss-raw
- Phoenix
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Unsafe-binary-to-term
Unsafe binary to term
Untrusted input might be injected into the Erlang function binary_to_term
, which can lead to a remote code execution or memory exhaustion. To prevent this vulnerability, replace functionality with the Plug.Crypto.non_executable_binary_to_term
function.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-94: Improper Control of Generation of Code (‘Code Injection’)
OWASP:
- A03:2021 - Injection