Security
ocamllint-tempfile
ocamllint-tempfile
Filename.temp_file might lead to race conditions, since the file could be altered or replaced by a symlink before being opened.
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 3
- 6
- 7
- :
-
- T
- i
- m
- e
- -
- o
- f
- -
- c
- h
- e
- c
- k
-
- T
- i
- m
- e
- -
- o
- f
- -
- u
- s
- e
-
- (
- T
- O
- C
- T
- O
- U
- )
-
- R
- a
- c
- e
-
- C
- o
- n
- d
- i
- t
- i
- o
- n
ocamllint-exec
ocamllint-exec
Executing external programs might lead to comand or argument injection vulnerabilities.
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 7
- 8
- :
-
- O
- S
-
- C
- o
- m
- m
- a
- n
- d
-
- I
- n
- j
- e
- c
- t
- i
- o
- n
ocamllint-unsafe
ocamllint-unsafe
Unsafe functions do not perform boundary checks or have other side effects, use with care.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 2
- 4
- 2
- :
-
- U
- s
- e
-
- o
- f
-
- I
- n
- h
- e
- r
- e
- n
- t
- l
- y
-
- D
- a
- n
- g
- e
- r
- o
- u
- s
-
- F
- u
- n
- c
- t
- i
- o
- n
-
- (
- 4
- .
- 1
- 2
- )
ocamllint-digest
ocamllint-digest
Digest uses MD5 and should not be used for security purposes. Consider using SHA256 instead.
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 3
- 2
- 8
- :
-
- U
- s
- e
-
- o
- f
-
- W
- e
- a
- k
-
- H
- a
- s
- h
-
- (
- 4
- .
- 1
- 2
- )
ocamllint-hashtable-dos
ocamllint-hashtable-dos
Creating a Hashtbl without the optional random number parameter makes it prone to DoS attacks when attackers are able to fill the table with malicious content. Hashtbl.randomize or the R flag in the OCAMLRUNPARAM are other ways to randomize it.
Likelihood: LOW
Confidence: LOW
CWE:
- C
- W
- E
- -
- 3
- 9
- 9
- :
-
- R
- e
- s
- o
- u
- r
- c
- e
-
- M
- a
- n
- a
- g
- e
- m
- e
- n
- t
-
- E
- r
- r
- o
- r
- s
-
- (
- 4
- .
- 1
- 2
- )
ocamllint-filenameconcat
ocamllint-filenameconcat
When attacker supplied data is passed to Filename.concat directory traversal attacks might be possible.
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 3
- 5
- :
-
- P
- a
- t
- h
-
- T
- r
- a
- v
- e
- r
- s
- a
- l
ocamllint-marshal
ocamllint-marshal
Marshaling is currently not type-safe and can lead to insecure behaviour when untrusted data is marshalled. Marshalling can lead to out-of-bound reads as well.
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 5
- 0
- 2
- :
-
- D
- e
- s
- e
- r
- i
- a
- l
- i
- z
- a
- t
- i
- o
- n
-
- o
- f
-
- U
- n
- t
- r
- u
- s
- t
- e
- d
-
- D
- a
- t
- a