CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
Documentation
API Reference
Start Here
  • What is CodeAnt?
  • Join Community
Setup
  • Github
  • GitHub Enterprise
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
      • Biometrics-and-auth
      • Commoncrypto
      • Cryptoswift
      • Insecure-communication
      • Lang
        • Background
        • Clipboard
        • Crypto
        • Forbidden
        • Ns
          • Keyedarchiver
          • Nscoding
          • Nspredicate-injection
            • Swift predicate injection
        • Storage
        • Storage
        • String
        • Xml
      • Pathtraversal
      • Sql
      • Sqllite
      • Webview
      • Webview
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Nspredicate-injection

Swift predicate injection

swift-predicate-injection

User input was observed to be included in the construction of Predicate logic, potentically allowing for predicate injection, where the logic of the predicate itself can be manipulated. If the predicate is used for security sensitive decisions, the impact will be notably higher.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-807: Reliance on Untrusted Inputs in a Security Decision
Swift nscodingStorage
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.