CodeAnt AI home page

Dashboard
Dashboard

Demo Call with CEO

Get Started

CodeAnt AI
Setup
Control Center
Pull Request Review
IDE
Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
  - Insecure-transport
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml

Insecure-transport

Ruby stdlib

net-telnet-request

Checks for creation of telnet servers or attempts to connect through telnet. This is insecure as the telnet protocol supports no encryption, and data passes through unencrypted.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A
- 0
- 3
- :
- 2
- 0
- 1
- 7
-

- -
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- D
- a
- t
- a
-

- E
- x
- p
- o
- s
- u
- r
- e

net-http-request

Checks for requests sent to http:// URLs. This is dangerous as the server is attempting to connect to a website that does not encrypt traffic with TLS. Instead, only send requests to https:// URLs.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A
- 0
- 3
- :
- 2
- 0
- 1
- 7
-

- -
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- D
- a
- t
- a
-

- E
- x
- p
- o
- s
- u
- r
- e

net-ftp-request

Checks for outgoing connections to ftp servers with the ‘net/ftp’ package. FTP does not encrypt traffic, possibly leading to PII being sent plaintext over the network. Instead, connect via the SFTP protocol.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A
- 0
- 3
- :
- 2
- 0
- 1
- 7
-

- -
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- D
- a
- t
- a
-

- E
- x
- p
- o
- s
- u
- r
- e

openuri-request

Checks for requests to http and ftp (unencrypted) sites using OpenURI.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A
- 0
- 3
- :
- 2
- 0
- 1
- 7
-

- -
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- D
- a
- t
- a
-

- E
- x
- p
- o
- s
- u
- r
- e

http-client-requests

Checks for requests to http (unencrypted) sites using some of ruby’s most popular REST/HTTP libraries, including httparty and restclient.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A
- 0
- 3
- :
- 2
- 0
- 1
- 7
-

- -
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- D
- a
- t
- a
-

- E
- x
- p
- o
- s
- u
- r
- e

Assistant

Responses are generated using AI and may contain mistakes.

twitter linkedin

Powered by Mintlify