CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
      • Biometrics-and-auth
      • Commoncrypto
      • Cryptoswift
      • Insecure-communication
      • Lang
        • Background
        • Clipboard
        • Crypto
        • Forbidden
        • Ns
          • Keyedarchiver
            • Swift keyedarchiver
          • Nscoding
          • Nspredicate-injection
        • Storage
        • Storage
        • String
        • Xml
      • Pathtraversal
      • Sql
      • Sqllite
      • Webview
      • Webview
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Keyedarchiver

Swift keyedarchiver

swift-keyedarchiver

The application was found to use NSKeyedArchiver without utilizing requiringSecureCoding, which is not considered secure. This can allow for deserialization vulnerabilities, and the application should always ensure requiringSecureCoding is set to true.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-502: Deserialization of Untrusted Data
OWASP:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures
Swift forbidden ios apisSwift nscoding
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.