CodeAnt AI home page

Dashboard
Dashboard

Demo Call with CEO

Get Started

CodeAnt AI
Setup
Control Center
Pull Request Review
IDE
Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
  - Android
  - Aws-lambda
  - Castor
  - Java-jwt
  - Jax-rs
  - Jboss
    - Security
  - Jdo
  - Jedis
  - Jjwt
  - Jsch
  - Kryo
  - Lang
  - Micronaut
  - Mongo
  - Mongodb
  - Mysql
  - Okhttp
  - Rmi
  - Servlets
  - Spring
  - Thymeleaf
  - Xstream
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Open Source

Jboss

Security

find-sql-string-concatenation

In

METHOD,

X is used to construct a SQL query via string concatenation.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
OWASP:
- A01:2017 - Injection
- A03:2021 - Injection

seam-log-injection

Seam Logging API support an expression language to introduce bean property to log messages. The expression language can also be the source to unwanted code execution. In this context, an expression is built with a dynamic value. The source of the value(s) should be verified to avoid that unfiltered values fall into this risky code evaluation.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval Injection’)
OWASP:
- A03:2021 - Injection

Security Hardcoded connection password

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.