Page tree
Skip to end of metadata
Go to start of metadata

Contents:

ET5 (Kiuwan Engine)

  • QAK-5991    [New rule] Forms without captcha
  • QAK-6009    New security ASP.net rule (or XSS improve)
  • QAK-6080    Error from [org.codenarc.rule.size.AbcComplexityRule] java.lang.NoClassDefFoundError
  • QAK-6441    Preprocessing .dtsx files to parse as sql
  • QAK-6520    False positives validation Loop with Unreachable Exit Condition ('Infinite Loop')
  • QAK-6521    [FP] OPT.CPP.CERTC.EXP33
  • QAK-6528    False positive for OPT.ABAP.ADR.NamingConventions
  • QAK-6531    False positive OPT.JAVASCRIPT.ESTILO.NeverUseHistory
  • QAK-6536    False positive OPT.SWIFT.SECURITY.ThirdPartyKeyboardAllowed
  • QAK-6538    [FP] OPT.RPG4.REL.CallParameterMismatch
  • QAK-6550    [FP] OPT.JAVA.SEC_JAVA.ExecutionAfterRedirect
  • QAK-6552    ENHANCEMENT New rule PATH RELATIVE STYLE SHEET IMPORT
  • QAK-6554    False positive found during python code analysis
  • QAK-6557    [FP] OPT.CSHARP.MVCNonActionPublicMethods
  • QAK-6571    Inconsistent results of OPT.JAVA.SPRING.AvoidBeansWithTheSameIdAcrossDiferentDescriptors
  • QAK-6574    Update PHP language level to 8
  • QAK-6575    PARSE ERROR for file PL/SQL
  • QAK-6578    PARSE ERROR for PL/SQL files
  • QAK-6579    FP OPT.JAVA.ANDROID.UseASafeCipher
  • QAK-6587    Defects copied from one file to another in rule OPT.JSP.SEC_JSP.TargetBlankVulnerability
  • QAK-6588    Review suspicious code at OPT.JAVA.CONV.ObjectTypeVerification rule
  • QAK-6589    Allow empty values in parameter rule OPT.JSP.SEC_JSP.TargetBlankVulnerability
  • QAK-6590    [FP] OPT.CPP.CERTC.EXP33 using 'auto' keyword
  • QAK-6591    Parsing Error in .cs Files (Csharp Technology)
  • QAK-6592    False negatives for OPT.JAVA.SEC_JAVA.HardcodedUsernamePassword and OPT.PYTHON.SECURITY.HardcodedCryptoKey
  • QAK-6593    FP in typical example in rule OPT.HTML.SpecifyCharacterEncoding
  • QAK-6594    Kiuwan does not detect hardcoded passwords in XML
  • QAK-6595    Custom Neutralization not working for Java rule in latest release
  • QAK-6596    Parsing error C# in CSHTML files: MismatchedTokenException
  • QAK-6597    PARSE ERROR para 4GL files
  • QAK-6602    [FP] OPT.JAVASCRIPT.ESTILO.NeverUseHistory
  • QAK-6603    False positive in OPT.PYTHON.DJANGO.MissingBrowserXssFilter
  • QAK-6604    False positive OPT.VBNET.VBnet.RemoveUnusedLocals
  • QAK-6605    OPT.COBOL.SQL_COBOL.AvoidSelectAsterisk wrong defect code in copys
  • QAK-6606    False positive In rule OPT.CSHARP.ResourceLeakStream due to scope of disposal in C# v8
  • QAK-6609    False positive in OPT.JAVASCRIPT.TYPESCRIPT.UseTypeAnnotations rule
  • QAK-6612    False positive OPT.JAVA.SEC_JAVA.XmlEntityInjectionRule
  • QAK-6613    False positive OPT.JAVA.SEC_JAVA.FormatStringInjectionRule
  • QAK-6615   False positive in OPT.JAVA.SEC_JAVA.HttpSplittingRule
  • QAK-6617    False positive OPT.JAVASCRIPT.ERRORCOMUN.UnusedLocalVar
  • QAK-6619    Parse error in COBOL Tandem source
  • QAK-6620    False positive OPT.JAVA.CNU.UI
  • QAK-6621    False positive OPT.JAVASCRIPT.SensitiveInfoInConfigurationFile
  • QAK-6622    False positive detecting XSS in Java types
  • QAK-6623    PARSE ERROR for file ASP.NET VB.NET
  • QAK-6626    ERROR while analyzing CS file with SQL query
  • QAK-6629    StackOverflowError while doing analysis of Swift Technology
  • QAK-6630    Possible false positive in rule OPT.CSHARP.NullDereference
  • QAK-6631    COBOL parse error in XML GENERATE statement
  • QAK-6639    RPG parse error due to left margin and ? character at indicator column (column 6)
  • SAS-5442    Kiuwan support for Expression Language Injection with Thymeleaf & Spring
  • SAS-5543    java.lang.NoSuchMethodError Executing clone detection

MT5 (Kiuwan general bug fixing)

  • SAS-5320    ENHANCEMENT insights report
  • SAS-5357    Cannot create username if similar username existed
  • SAS-5397    ENHANCEMENT encoded HTTP auth when indicating username of lDP in agent.properties file
  • SAS-5478    Compare of different Models is not matching correctly
  • SAS-5479    Set "Effort=0" in a rule makes report processing to fail
  • SAS-5499    Last part of email in update user in REST-API can only be lowercase
  • SAS-5525    Normative Filter is not working sometimes for defects in Life Cycle

MT6  (Kiuwan general bug fixing)

  • SAS-5349    Security / Analysis / Insights links are not working properly
  • SAS-5355    ERROR in exclude.patterns and supported.technologies Jenkins Plugin not updated
  • SAS-5369    ERROR readlink illegal option --f in rdev.sh MacOS Catalina
  • SAS-5425    ERROR in URL audit fail checkpoint detail
  • SAS-5426    Mismatch in Lines of Code
  • SAS-5458    User cannot create a new portfolio
  • SAS-5489    KLA Copy-paste options don't properly work in MacOS
  • SAS-5494    ERROR while promoting delivery to baseline java.lang.NullPointerException
  • SAS-5496    NPE viewing checkpoint detail with user custom rules
  • SAS-5501    Error generating insight security csv report
  • SAS-5506    INSIGHTS Obsolescense wrong date in component org.ow2.asm:asm version 8.0.1
  • SAS-5530    INSIGHTS Obsolescense wrong date in component org.ow2.asm:asm
  • SAS-5549    BUG prefijos de normativas no listados causan que no se muestren al exportar a csv
  • SAS-5571    NPEs when calculating customerID for jobs in queue
  • SAS-5578    Error updating artifacts in KOP insights batch

Oauth2/OIDC Integration

  • SAS-5449    OAuth SSO project
  • SAS-5467    Refactor SAML Dependencies out of main flows
  • SAS-5468    Create Oauth2 configuration model
  • SAS-5469    Create Oauth configuration GUI and integrate model
  • SAS-5470    Configure SPRING SECURITY to handle Oauth2 login
  • SAS-5523    Change password screen appeared for SSO logged in user into application
  • SAS-5531    Unable to log in with SSO=on on ADFS AD server 16
  • SAS-5532    Reconfiguring/updating SSO configuration on Successfully activated SSO is throwing error "incorrect result size"
  • SAS-5545    Unable to Update the values for OAuth-OpenID SSO configuration
  • SAS-5568    OIDC redirect_uri protocol does not match with the configured one in Azure
  • SAS-5569    OAuth SSO settings are not saved in KLA
  • SAS-5575    NoClassDefFoundError when launching KLA after Oauth and MT5 integration
  • SAS-5577    User deletion fails
  • SAS-5579    OIDC with KLA does not complete
  • SAS-5581    Intermittent error in KLA with OIDC

 

  • No labels