Support
Dashboard
Dashboard

Documentation

API Reference

Start Here

What is CodeAnt?
Join Community

Setup

Github
GitHub Enterprise
Bitbucket
Gitlab
Azure Devops

Pull Request Review

Features
Customize Review
Quality Gates
Integrations

Scan center

Code Security
Code Quality
Cloud Security
Engineering Productivity

Integrations

Jira
Test Coverage
Quality gates
Automated scans

IDE

Setup
Review
Enhancements

Rule Reference

Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
  - Biometrics-and-auth
  - Commoncrypto
  - Cryptoswift
  - Insecure-communication
  - Lang
    - Background
    - Clipboard
    - Crypto
    - Forbidden
    - Ns
    - Storage
    - Storage
    - String
    - Xml
      - Should-resolve-xxe
        Swift xxe prevention
  - Pathtraversal
  - Sql
  - Sqllite
  - Webview
  - Webview
- Terraform
- Typescript
- Yaml

Resources

Open Source
Blogs

Should-resolve-xxe

Swift xxe prevention

swift-xxe-prevention

Usage of Apple’s native XML Parser was observed where the parser is explicitly instructed to resolve external entities. This can lead to XXE attacks if untrusted input is parsed. Consider disabling this functionality where feasible.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-611: Improper Restriction of XML External Entity Reference
OWASP:
- A04:2017 - XML External Entities (XXE)
- A05:2021 - Security Misconfiguration

Swift format string Swift path traversal

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.