Versions Compared

Old Version 2

changes.mady.by.user Wara Hermosa Fernández

Saved on

compared with

New Version 3

changes.mady.by.user Wara Hermosa Fernández

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Contents

Table of Contents

Engine

  • QAK-
5221     
  • 5221 OPT.VB6.VBDC.VGNU low performance for one analysis.
  • QAK-
5593     
  • 5593 XML detected wrongfully as oracle forms.
  • QAK-
5615     
  • 5615 New rule CWE-759-Use of a One-Way Hash without a Salt.
  • QAK-
5683     
  • 5683 C files not parsed correctly.
  • QAK-
5735     
  • 5735 False Negative in "Guarantee that copies are made into storage of sufficient size" rule.
  • QAK-
5921     
  • 5921 False positive in OPT.CSHARP.PathTraversal and rule documentation improvement
  • QAK-
5922     
  • 5922 Other language with the DUP code rule.
  • QAK-
5926     
  • 5926 OPT.HTML.ObsoleteElements rule improvement.
  • QAK-
5928     
  • 5928 OPT.HTML.AddLabelForInputField rule improvement.
  • QAK-
6024     
  • 6024 CORS coverage improvement.
  • QAK-
6162     
  • 6162 @Override considered in the "Always use specific exceptions in the throws clause" rule.
  • QAK-
6277     
  • 6277 KLA crash with Java analysis over JSP files.
  • QAK-
6347     
  • 6347 False negatives in Everis-IT_Cpp.
  • QAK-
6365     
  • 6365 A log warning is shown when CCN is below the threshold and may lead to a low performance.
  • QAK-
6414     
  • 6414 OPT.JSP.SEC_JSP.TargetBlankVulnerability rule improvements.
  • QAK-
6416     
  • 6416 False positives in OPT.PYTHON.DJANGO.InsecureDirectObjectReferences rule.
  • QAK-
6417     
  • 6417 OPT.JAVA.SEC_JAVA.OpenRedirectRule improvement.
  • QAK-
6418     
  • 6418 Incorrect JSP/Razor (cshtml) data path lines.
  • QAK-
6419     
  • 6419 False positive in OPT.C.CERTC.MEM00 rule.
  • QAK-
6422     
  • 6422  Removed metafiles DTD files for specific technologies.
  • QAK-
6425     
  • 6425 CWE:400 'Regex Injection' instead of CWE:185.
  • QAK-
6426     
  • 6426 False positive in OPT.PLSQL.GEN_PLSQL.NDFexception.
  • QAK-
6427     
  • 6427 False negative in OPT.JAVASCRIPT.CrossSiteScripting.
  • QAK-
6430     
  • 6430 False negative in OPT.C.CERTC.EXP34 rule.
  • QAK-
6437     
  • 6437 False negative in OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule.
  • QAK-
6440     
  • 6440 OPT.PHP.HttpSplitting rule enhancement.
  • QAK-
6445     
  • 6445 Rule OPT.XML.XSLT_MAN.NOUSEDPARAM only shows the last defect.
  • QAK-
6446     
  • 6446 Typescript not parsed correctly.
  • QAK-
6447     
  • 6447 Possible regression problems when analyzing Java files.
  • QAK-
6448     
  • 6448 Nullpointer in custom rule using com.als.core.rule.MetricThresholdsRule.
  • QAK-
6452     
  • 6452 Issue when analyzing with the rule OPT.COBOL.MAN_COBOL.VLIN: VALUES not aligned.
  • QAK-
6454     
  • 6454 False positive in the OPT.JAVA.IO.CS OPT.JAVA.IO.CS rule.
  • QAK-
6456     
  • 6456 Tainting propagation in method arguments improvement (.NET).
  • QAK-
6457     
  • 6457 Missing DataPath in OPT.CSHARP.OpenRedirect.
  • QAK-
6458     
  • 6458 .NET custom metadata malfunction for static method calls definitions.
  • QAK-
6459     
  • 6459 False positive in OPT.PYTHON.RELIABILITY.UnreachableCode.
  • QAK-
6460     
  • 6460 False positive "Avoid calling magic methods" in Python rule.
  • QAK-
6463     
  • 6463 C# parsing error in CSHTML files “MismatchedTokenException” has been fixed.
  • QAK-
6464     
  • 6464 Possible false positive in OPT.JAVA.CONV.ObjectTypeVerification.
  • QAK-
6465     
  • 6465 Kiuwan Local Analyzer does not execute JavaScript rules when there are only JSP files in basedir.
  • QAK-
6468     
  • 6468 OPT.ASPNET.CredentialsMisconfiguration error causes hardcoded password visibility.
  • QAK-
6469     
  • 6469 OPT.XML.XSLT_MAN.NONUSEDVARIABLES enhancement.
  • QAK-
6470     
  • 6470 OPT.JAVA.SEC_JAVA.SqlInjectionRule and metadata libraries support improvement.
  • QAK-
6471     
  • 6471 False negative in OPT.XML.XSLT_MAN.EFFICIENTUSEOFCHOOSE.
  • QAK-
6473     
  • 6473 False negative in OPT.VBNET.VBnet.RemoveUnusedLocals.
  • QAK-
6477     
  • 6477 False negative in OPT.JAVA.SEC_JAVA.XmlEntityInjectionRule.
  • QAK-
6478     
  • 6478 False negative in OPT.JAVASCRIPT.ERRORCOMUN.UnusedLocalVar.
  • QAK-
6479     
  • 6479 OPT.JSP.SEC_JSP.SpecifyIntegrityAttribute rule improvement.
  • QAK-
6483     
  • 6483 Unable to analyze application due timeout killed the sub-process java.lang.NullPointerException and high ccn complexity in several files.
  • QAK-
6485     
  • 6485 JavaScript not parsed correctly.
  • QAK-
6486     
  • 6486 Two validations done in integration tests should be moved to standard rule test, and testImplementationClassExist() should test something.
  • QAK-
6487     
  • 6487 Swift 5 Language supported version enhancement.
  • QAK-
6489     
  • 6489 RPG not parsed correctly when using EndSr opcode as the user identifier.
  • QAK-
6490     
  • 6490 False positives in OPT.JAVA.RGME.EAOF.
  • QAK-
6491     
  • 6491 Upgrade support for C# from v7 to v8.
  • QAK-
6492     
  • 6492 Add support for MatchKind.fullsignature in VB.NET CallSignature.getMethodPredicate().
  • QAK-
6495     
  • 6495 COBOL file not parsed correctly.
  • QAK-
6496     
  • 6496 Parsing error in Cobol caused by the SWCOPY command.
  • QAK-
6497     
  • 6497 SQL file not parsed correctly.
  • QAK-
6498     
  • 6498 VB file not parsed correctly.
  • QAK-
6500     
  • 6500 CS file not parsed correctly.
  • QAK-
6501     
  • 6501 COBOL parsing error: “TYPE clause in data-description entry”.
  • QAK-
6502     
  • 6502 False positive in OPT.PLSQL.SEC.WeakSymmetricEncryptionAlgorithm.
  • QAK-
6503     
  • 6503 NPE and OOM error while analyzing C++ and Java application.
  • QAK-
6504     
  • 6504 TypeScript Technology not parsed correctly.
  • QAK-
6505     
  • 6505 Few .tsx files not parsed correctly.
  • QAK-
6506     
  • 6506 False positive in GamoraDevOps application.
  • QAK-
6509     
  • 6509 False positive in Helios application.
  • QAK-
6512     
  • 6512 Strict dataflow analysis limit in OPT.COBOL.SEC.DynamicStorageLeakRule when complexity threshold exceeded.
  • QAK-
6513     
  • 6513 Add support for 'this
"
  • ' receiver paramenter (Java 8).
  • QAK-
6526     
  • 6526 OOM errors when analyzing Typescript.
  • QAK-
6533     
  • 6533 StackOverflowError IndirectTaintingSitesTask.   

KLA

  • QAK-
5593     
  • 5593 rules_oracleforms.key error does not exist.
  • QAK-
6511     
  • 6511 Cobol file not parsed correctly.
  • SAS-
4155      
  • 4155 KLA filter rules by priority.     

Kiuwan    

  • SAS-
5152      
  • 5152 When user deletes an analysis without label, many are hidden in the list
  • SAS-
5184      
  • 5184 After the user logins for the first time, it's required to change the default password.
  • SAS-
5213      
  • 5213 Compare of Models is not matching correctly when the user "manually" returns the default values.
  • SAS-
5321      
  • 5321 After installing custom rule, the rule active status is NOK.
  • SAS-
5323      
  • 5323 Error when uploading only a jar file of custom rules.
  • SAS-
5325      
  • 5325 Error when downloading defects PDF in apps with large amounts of defects.
  • SAS-
5326      
  • 5326 Error in Insights checkpoint and partial delivery.
  • SAS-
5390      
  • 5390 Error in email notification after creating a new user.
  • SAS-
5434      
  • 5434 Explanation with invalid character cannot be inserted into DB.
  • SAS-
5435      
  • 5435 High memory consumption in session.
  • SAS-
5437      
  • 5437 Many alert notification sent when cannot connect to REDIS cluster.
  • SAS-
5446      
  • 5446 Distribution request to MongoDB from the mongo client in Kiuwan.
  • SAS-
5450      
  • 5450 The Endpoint /apps/list takes 116 seconds.