Support
Dashboard
Dashboard

Join Community

Start Here

What is CodeAnt?

Setup

Github
Bitbucket
Gitlab
Azure Devops

Pull Request Review

Features
Customize Review
Quality Gates
Integrations

Scan center

Code Security
Code Quality
Cloud Security
Engineering Productivity

Integrations

Jira
Test Coverage
CI/CD

IDE

Setup
Review
Enhancements

Rule Reference

Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
  - Biometrics-and-auth
  - Commoncrypto
  - Cryptoswift
  - Insecure-communication
    - Ats
      - Ats-ct
      - Ats-insecure-website-load
      - Ats-load
      - Ats-local
        ATS local networking
      - Ats-media-load
      - Ats-pfs
      - Ats-pinning
      - Ats-pins
      - Ats-tls
    - Sect
  - Lang
  - Pathtraversal
  - Sql
  - Sqllite
  - Webview
  - Webview
- Terraform
- Typescript
- Yaml

Resources

Open Source
Blogs

Ats-local

ATS local networking

ATS-local-networking

The application’s App Transport Security (ATS) configuration allows for local networking, which in some iOS versions is blocked by default in ATS. Consider whether or not the application requires this in release builds, or for development reasons only. This follows the principle of least privelege, reducing the attack surface if local networking is not required.
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 7
- 2
- :
-

- L
- e
- a
- s
- t
-

- P
- r
- i
- v
- i
- l
- e
- g
- e
-

- V
- i
- o
- l
- a
- t
- i
- o
- n

ATS arbitrary loads ATS insecure media loads

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.