CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
Documentation
API Reference
Start Here
  • What is CodeAnt?
  • Join Community
Setup
  • Github
  • GitHub Enterprise
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • Quality gates
  • Automated scans
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
      • Biometrics-and-auth
      • Commoncrypto
      • Cryptoswift
      • Insecure-communication
      • Lang
        • Background
        • Clipboard
        • Crypto
        • Forbidden
        • Ns
          • Keyedarchiver
            • Swift keyedarchiver
          • Nscoding
          • Nspredicate-injection
        • Storage
        • Storage
        • String
        • Xml
      • Pathtraversal
      • Sql
      • Sqllite
      • Webview
      • Webview
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Keyedarchiver

Swift keyedarchiver

swift-keyedarchiver

The application was found to use NSKeyedArchiver without utilizing requiringSecureCoding, which is not considered secure. This can allow for deserialization vulnerabilities, and the application should always ensure requiringSecureCoding is set to true.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-502: Deserialization of Untrusted Data
OWASP:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures
Swift forbidden ios apisSwift nscoding
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.