CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
  • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
        • Aws-lambda
        • Aws-sdk-core
        • Cassandra
        • Excon
        • Faraday
        • Jwt
        • Lang
          • Security
        • Mongo
        • Mysql2
        • Octokit
        • Pg
        • Rails
        • Redis
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
      • Typescript
      • Yaml
    Lang

    Security

    Checks if code allows cookies to be deserialized using Marshal. If the attacker can craft a valid cookie, this could lead to remote code execution. The hybrid check is just to warn users to migrate to :json for best practice.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Use of eval with user-controllable input detected. This can lead to attackers running arbitrary code. Ensure external data does not reach here, otherwise this is a security vulnerability. Consider other ways to do this without eval.
    Likelihood: HIGH
    Confidence: MEDIUM
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Detected non-static command inside PIPE.Audittheinputto′PIPE. Audit the input to 'PIPE.Audittheinputto′PIPE’. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Checks for calls to without_protection during mass assignment (which allows record creation from hash values). This can lead to users bypassing permissions protections. For Rails 4 and higher, mass protection is on by default. Fix: Don’t use :without_protection => true. Instead, configure attr_accessible to control attribute access.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
    OWASP:
    - A08:2021 - Software and Data Integrity Failures

    Detected SSL that will accept an unverified connection. This makes the connections susceptible to man-in-the-middle attacks. Use ‘OpenSSL::SSL::VERIFY_PEER’ instead.
    Likelihood: HIGH
    Confidence: MEDIUM
    CWE:
    - CWE-295: Improper Certificate Validation
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A07:2021 - Identification and Authentication Failures

    Detected non-static command inside .... If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    ‘syscall’ is essentially unsafe and unportable. The DL (https://apidock.com/ruby/Fiddle) library is preferred for safer and a bit more portable programming.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    It looks like MD5 is used as a password hash. MD5 is not considered a secure password hash because it can be cracked by an attacker in a short amount of time. Instead, use a suitable password hashing function such as bcrypt. You can use the bcrypt gem.
    Likelihood: HIGH
    Confidence: MEDIUM
    CWE:
    - CWE-327: Use of a Broken or Risky Cryptographic Algorithm
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Should not use SHA1 to generate hashes. There is a proven SHA1 hash collision by Google, which could lead to vulnerabilities. Use SHA256, SHA3 or other hashing functions instead.
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - CWE-328: Use of Weak Hash
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Unsafe deserialization from YAML. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with YAML can potentially be dangerous. Use JSON in a secure fashion instead. However, loading YAML from a static file is not dangerous and should not be flagged.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-502: Deserialization of Untrusted Data
    OWASP:
    - A08:2017 - Insecure Deserialization
    - A08:2021 - Software and Data Integrity Failures

    Special requests can determine whether a file exists on a filesystem that’s outside the Rails app’s root directory. To fix this, set config.serve_static_assets = false.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
    OWASP:
    - A05:2017 - Broken Access Control
    - A01:2021 - Broken Access Control

    Checks for strong parameter bypass through usage of create_with. Create_with bypasses strong parameter protection, which could allow attackers to set arbitrary attributes on models. To fix this vulnerability, either remove all create_with calls or use the permit function to specify tags that are allowed to be set.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
    OWASP:
    - A08:2021 - Software and Data Integrity Failures

    Detected a possible ZeroDivisionError.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-369: Divide By Zero

    Detected hardcoded password used in basic authentication in a controller class. Including this password in version control could expose this credential. Consider refactoring to use environment variables or configuration files.
    Likelihood: MEDIUM
    Confidence: HIGH
    CWE:
    - CWE-798: Use of Hard-coded Credentials
    OWASP:
    - A07:2021 - Identification and Authentication Failures

    Checks for configuration setting of force_ssl to false. Force_ssl forces usage of HTTPS, which could lead to network interception of unencrypted application traffic. To fix, set config.force_ssl = true.
    Likelihood: LOW
    Confidence: HIGH
    CWE:
    - CWE-311: Missing Encryption of Sensitive Data
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A04:2021 - Insecure Design

    Found the use of an hardcoded passphrase for RSA. The passphrase can be easily discovered, and therefore should not be stored in source-code. It is recommended to remove the passphrase from source-code, and use system environment variables or a restricted configuration file.
    Likelihood: MEDIUM
    Confidence: HIGH
    CWE:
    - CWE-798: Use of Hard-coded Credentials
    OWASP:
    - A07:2021 - Identification and Authentication Failures

    Detected non-static command inside EXEC.Audittheinputto′EXEC. Audit the input to 'EXEC.Audittheinputto′EXEC’. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Checks for models that do not use attr_accessible. This means there is no limiting of which variables can be manipulated through mass assignment. For newer Rails applications, parameters should be allowlisted using strong parameters. For older Rails versions, they should be allowlisted using strong_attributes.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
    OWASP:
    - A08:2021 - Software and Data Integrity Failures

    Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead.
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-502: Deserialization of Untrusted Data
    OWASP:
    - A08:2017 - Insecure Deserialization
    - A08:2021 - Software and Data Integrity Failures

    Checks for dangerous permitted attributes that can lead to mass assignment vulnerabilities. Query parameters allowed using permit and attr_accessible are checked for allowance of dangerous attributes admin, banned, role, and account_id. Also checks for usages of params.permit!, which allows everything. Fix: don’t allow admin, banned, role, and account_id using permit or attr_accessible.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
    OWASP:
    - A08:2021 - Software and Data Integrity Failures

    Checks for unsafe deserialization. Objects in Ruby can be serialized into strings, then later loaded from strings. However, uses of load and object_load can cause remote code execution. Loading user input with MARSHAL or CSV can potentially be dangerous. Use JSON in a secure fashion instead.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-502: Deserialization of Untrusted Data
    OWASP:
    - A08:2017 - Insecure Deserialization
    - A08:2021 - Software and Data Integrity Failures

    Checks if HTML escaping is globally disabled for JSON output. This could lead to XSS.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
    OWASP:
    - A07:2017 - Cross-Site Scripting (XSS)
    - A03:2021 - Injection

    Detected non-static command inside ‘open’. Audit the input to ‘open’. If unverified user data can reach this call site, this is a code injection vulnerability. A malicious actor can inject a malicious script to execute arbitrary code.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    The RSA key size $SIZE is insufficent by NIST standards. It is recommended to use a key length of 2048 or higher.
    Likelihood: HIGH
    Confidence: HIGH
    CWE:
    - CWE-326: Inadequate Encryption Strength
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Checks for unsafe use of Object#send, try, send, and public_send. These only account for unsafe use of a method, not target. This can lead to arbitrary calling of exit, along with arbitrary code execution. Please be sure to sanitize input in order to avoid this.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-94: Improper Control of Generation of Code (‘Code Injection’)
    OWASP:
    - A03:2021 - Injection

    Checks for use of action in Ruby routes. This can cause Rails to render an arbitrary view if an attacker creates an URL accurately. Affects 3.0 applications. Can avoid the vulnerability by providing additional constraints.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-1021: Improper Restriction of Rendered UI Layers or Frames
    OWASP:
    - A04:2021 - Insecure Design

    Detected controller which does not enable cross-site request forgery protections using ‘protect_from_forgery’. Add ‘protect_from_forgery :with => :exception’ to your controller class.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-352: Cross-Site Request Forgery (CSRF)
    OWASP:
    - A01:2021 - Broken Access Control

    Should not use md5 to generate hashes. md5 is proven to be vulnerable through the use of brute-force attacks. Could also result in collisions, leading to potential collision attacks. Use SHA256 or other hashing functions instead.
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - CWE-328: Use of Weak Hash
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Mass assignment protection disabled for ‘$MODEL’. This could permit assignment to sensitive model fields without intention. Instead, use ‘attr_accessible’ for the model or disable mass assigment using ‘config.active_record.whitelist_attributes = true’. ‘:without_protection => true’ must be removed for this to take effect.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes
    OWASP:
    - A08:2021 - Software and Data Integrity Failures

    AuditRuby mongo empty password
    twitterlinkedin
    Powered by Mintlify