Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Contents

Table of Contents

ET2   

  • QAK-6415     PARSE PARSE ERROR para fichero PL/SQL
  • QAK-6433     Rule Rule definition for OPT.PHP.AvoidExitorDie references to an invalid URL
  • QAK-6434     Rule Rule definition for OPT.PHP.AvoidSQLQueriesWithinLoop references to an invalid URL
  • QAK-6436     Parsing Parsing error file in PL/SQL in CREATE sentence
  • QAK-6444     PARSE PARSE ERROR for Transact-SQL with OVER(...) No,Name sentence
  • QAK-6450     PARSE PARSE ERROR for file PL/SQL
  • QAK-6451     Parsing Parsing errors in Transact-SQL files
  • QAK-6453     PARSE PARSE ERROR in PL/SQL file when use IS NOT NULL in case statement
  • QAK-6455     ERROR ERROR java.lang.NullPointerException on OPT.JAVA.SEC_JAVA.InsecureSSL
  • QAK-6462     Parsing Parsing errors Transact-SQL when PERSISTED keyword is used
  • QAK-6480     Parsing Parsing errors in PHP interface function definition

ET4   

  • QAK-5037     QAK QAK-4864 Posibles mejoras para CWE:404
  • QAK-5038     QAK QAK-4864 Posibles mejoras para CWE:459
  • QAK-5050     QAK QAK-4864 Posibles mejoras para CWE:80
  • QAK-5051     QAK QAK-4864 Nuevas reglas para CWE:81
  • QAK-5058     QAK QAK-4864 Mejoras para OPT.JAVA.NullDereference
  • QAK-5208     Name Name rule OPT.VB6.VBCD.ACGE
  • QAK-5275     Implement Implement CSRF protection in Java Spring for Java configuration
  • QAK-5415     Review Review TS support for TS 4
  • QAK-5672     New New .NET rule (Subverting X509Certificate.Equals )
  • QAK-6127     Clean Clean unused criteria
  • QAK-6280     QAK QAK-6279 Remove groovy-rules jars from engine
  • QAK-6374     Improve Improve "InsecureTransport" rules to check for ftp connections too
  • QAK-6380     Review Review VBNet unreachable checker
  • QAK-6435     PARSE PARSE error para fichero SQL
  • QAK-6508     Update Update Kotlin language level to 1.4
  • QAK-6514     QAK QAK-5921 Review and merge changes in QAK.5921 branch into development
  • QAK-6516     False False Propagation Path HttpRequestWrapper class
  • QAK-6517     Update Update Swift language level to 5.3
  • QAK-6518     Update Update Java language level to Java 15
  • QAK-6519     Update Update Python language level to 3.9
  • QAK-6524     Update Update C# language to 9
  • QAK-6525     Timeout Timeout Error While analyzing ReactJS files
  • QAK-6530     Unparse Unparse typescript/javascript file
  • QAK-6534     Control Control/flow graph building does not terminate in COBOL
  • QAK-6535     Parse Parse errors in COBOL app
  • QAK-6539     Kiuwan Kiuwan Local Analyzer: "Timeout - killed the sub-process
  • QAK-6540     PARSE PARSE ERROR Cobol files
  • QAK-6542     Optimize Optimize Cobol's ConditionNeutralizationProcessor
  • QAK-6543      [LTA - 70.000$] FN in rule OPT.CPP.CERTC.ARR35 "iterate beyond the end of an array"
  • QAK-6546     QAK QAK-6246 VBNet -> Datapath - Incorrect method call
  • QAK-6548     Include Include/Exclude patterns do not work well with projects where a (large) list of files to scan should be used instead
  • QAK-6551     QAK QAK-6246 Kotin -> Datapath - Incorrect method call
  • QAK-6558     FP FP in OPT.JAVA.SEC_JAVA.ServerSideRequestForgeryRule and OPT.JAVA.SEC_JAVA.MailCommandInjection
  • QAK-6560     FP FP OPT.SWIFT.SECURITY.HardcodedUsernamePassword
  • QAK-6561     [Easirun] Parsing Error in .vb files
  • QAK-6562     Parse Parse Error in .sql File
  • QAK-6563     Timeout Timeout Error While analyzing Java files
  • QAK-6564     Cobol Cobol parse errors
  • QAK-6566      [Telefonica] Possible FP in rule OPT.JAVA.SEC_JAVA.RegexInjectionRule
  • QAK-6567     QAKQAK-6563 OPT.JAVA.SEC_JAVA.PotentialInfiniteLoop FPs
  • QAK-6568     QAK QAK-6563 Disable OPT.JAVA.APackageDoesNotDependOnLessStablePackages from CQM
  • QAK-6569     C C++ Rule for detecting suspect usages of std::forward
  • QAK-6570     Map Map C++ rules to the C++ Core Guidelines
  • QAK-6572     Wrong Wrong InjectionPoint in python
  • QAK-6576     QAK QAK-6279 Remove groovy-rules jars from devwan
  • QAK-6577     java java.lang.StackOverflowError OPT.JAVA.STR.CMPCH
  • QAK-6583     NPE NPE IndirectTaintingSitesTask(csharp)
  • SAS-5438     heapdumps heapdumps in local analyzer accumulate and fill the local filesystem
  • SAS-5439     Improve Improve contents of the .diagnosis.txt files after an unrecoverable error during analysis in KLA
  • SAS-5481     Remove Remove the groovy tech extensions from the LanguageInfo.properties file
  • SAS-5483     Cannot Cannot execute CPP analysis (KLA)

MT4

  • SAS-5239    BUG 5239 BUG en endpoint DELETE /applications
  • SAS-5361    ERROR 5361 ERROR when pressing chrome back button in Kiuwan main page new user account
  • SAS-5488     Analysis Analysis with uploaded zip file does not work with new KLA

Other    

  • SAS-4852    Insights 4852 Insights - Support to add custom artifacts and vulnerabilities
  • SAS-5181    Use 5181 Use class attributes with user data in singleton beans
  • SAS-5399    Language 5399 Language combobox in the Add Custom Component window should not be editable
  • SAS-5401    Requires 5401 Requires fields with blank spaces
  • SAS-5403    Label 5403 Label of the Is fixed version checkbox
  • SAS-5404    Performance 5404 Performance in Mute Vulnerabilities tab
  • SAS-5405    Delete 5405 Delete Affected Component is not working properly
  • SAS-5408    5408 /insights/custom/component/list is not working properly
  • SAS-5409    Create 5409 Create custom component - group parameter
  • SAS-5411    NPE 5411 NPE - Delete custom component
  • SAS-5412    Without 5412 Without wrong message - delete custom component
  • SAS-5415    NPE 5415 NPE modifying licenses component
  • SAS-5424    Insights 5424 Insights regression - Licenses without name
  • SAS-5429    No 5429 No custom vulnerabilities taking account
  • SAS-5444    Redo 5444 Redo the layout of mute vulnerabilities screen
  • SAS-5456    INSIGHTS5456 INSIGHTS: The vulnerabilities are not being updated correctly
  • SAS-5457    Wrong 5457 Wrong language adding custom component via API

...