Support
Dashboard
Dashboard

Join Community

Start Here

What is CodeAnt?

Setup

Github
Bitbucket
Gitlab
Azure Devops

Pull Request Review

Features
Customize Review
Quality Gates
Integrations

Scan center

Code Security
Code Quality
Cloud Security
Engineering Productivity

Integrations

Jira
Test Coverage
CI/CD

IDE

Setup
Review
Enhancements

Rule Reference

Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
  - Biometrics-and-auth
  - Commoncrypto
  - Cryptoswift
  - Insecure-communication
    - Ats
      - Ats-ct
      - Ats-insecure-website-load
      - Ats-load
      - Ats-local
      - Ats-media-load
      - Ats-pfs
        ATS disables PFS
      - Ats-pinning
      - Ats-pins
      - Ats-tls
    - Sect
  - Lang
  - Pathtraversal
  - Sql
  - Sqllite
  - Webview
  - Webview
- Terraform
- Typescript
- Yaml

Resources

Open Source
Blogs

Ats-pfs

ATS disables PFS

ATS-disables-PFS

The application’s App Transport Security (ATS) configuration disables Perfect Forward Secrecy (PFS) for one or more domains. PFS is a cryptographic technique to ensure the confidentiality of prior communications, even if the long-term secret keys are compromised in the future.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

ATS insecure media loads ATS consider pinning

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.