Support
Dashboard
Dashboard

Join Community

Start Here

What is CodeAnt?

Setup

Github
Bitbucket
Gitlab
Azure Devops

Pull Request Review

Features
Customize Review
Quality Gates
Integrations

Scan center

Code Security
Code Quality
Cloud Security
Engineering Productivity

Integrations

Jira
Test Coverage
CI/CD

IDE

Setup
Review
Enhancements

Rule Reference

Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
  - Biometrics-and-auth
  - Commoncrypto
  - Cryptoswift
  - Insecure-communication
  - Lang
    - Background
    - Clipboard
    - Crypto
    - Forbidden
    - Ns
      - Keyedarchiver
        Swift keyedarchiver
      - Nscoding
      - Nspredicate-injection
    - Storage
    - Storage
    - String
    - Xml
  - Pathtraversal
  - Sql
  - Sqllite
  - Webview
  - Webview
- Terraform
- Typescript
- Yaml

Resources

Open Source
Blogs

Keyedarchiver

Swift keyedarchiver

swift-keyedarchiver

The application was found to use NSKeyedArchiver without utilizing requiringSecureCoding, which is not considered secure. This can allow for deserialization vulnerabilities, and the application should always ensure requiringSecureCoding is set to true.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-502: Deserialization of Untrusted Data
OWASP:
- A08:2017 - Insecure Deserialization
- A08:2021 - Software and Data Integrity Failures

Swift forbidden ios apis Swift nscoding

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.