CodeAnt AI home page

Support
Dashboard
Dashboard

Start Here

What is CodeAnt?
Join Community

Setup

Github
GitHub Enterprise
Bitbucket
Gitlab
Azure Devops

Pull Request Review

Features
Customize Review
Quality Gates
Integrations

Scan center

Code Security
Code Quality
Cloud Security
Engineering Productivity

Integrations

Jira
Test Coverage
CI/CD

IDE

Setup
Review
Enhancements

Rule Reference

Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
  - Biometrics-and-auth
  - Commoncrypto
  - Cryptoswift
  - Insecure-communication
    - Ats
    - Sect
      - Sect-misuse
        Sectrustevaluate misuse
  - Lang
  - Pathtraversal
  - Sql
  - Sqllite
  - Webview
  - Webview
- Terraform
- Typescript
- Yaml

Resources

Open Source
Blogs

Sect-misuse

Sectrustevaluate misuse

sectrustevaluate-misuse

The application should check the trust result of the SecTrustEvaluate API call to ensure that the connection is trusted. Failure to do so may allow connections to proceed under insecure circumstances, resulting in a reduction in transport layer security guarantees.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 2
- 9
- 5
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- C
- e
- r
- t
- i
- f
- i
- c
- a
- t
- e
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n
OWASP:
- A03:2017 - Sensitive Data Exposure
- A07:2021 - Identification and Authentication Failures

ATS minimum tls version Swift conceal data when backgrounding

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.