You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Contents

Engine

QAK-5221      OPT.VB6.VBDC.VGNU low performance for one analysis.

QAK-5593      XML detected wrongfully as oracle forms.

QAK-5615      New rule CWE-759-Use of a One-Way Hash without a Salt.

QAK-5683      C files not parsed correctly.

QAK-5735      False Negative in "Guarantee that copies are made into storage of sufficient size" rule.

QAK-5921      False positive in OPT.CSHARP.PathTraversal and rule documentation improvement

QAK-5922      Other language with the DUP code rule.

QAK-5926      OPT.HTML.ObsoleteElements rule improvement.

QAK-5928      OPT.HTML.AddLabelForInputField rule improvement.

QAK-6024      CORS coverage improvement.

QAK-6162      @Override considered in the "Always use specific exceptions in the throws clause" rule.

QAK-6277      KLA crash with Java analysis over JSP files.

QAK-6347      False negatives in Everis-IT_Cpp.

QAK-6365      A log warning is shown when CCN is below the threshold and may lead to a low performance.

QAK-6414      OPT.JSP.SEC_JSP.TargetBlankVulnerability rule improvements.

QAK-6416      False positives in OPT.PYTHON.DJANGO.InsecureDirectObjectReferences rule.

QAK-6417      OPT.JAVA.SEC_JAVA.OpenRedirectRule improvement.

QAK-6418      Incorrect JSP/Razor (cshtml) data path lines.

QAK-6419      False positive in OPT.C.CERTC.MEM00 rule.

QAK-6422      Removed metafiles DTD files for specific technologies.

QAK-6425      CWE:400 'Regex Injection' instead of CWE:185.

QAK-6426      False positive in OPT.PLSQL.GEN_PLSQL.NDFexception.

QAK-6427      False negative in OPT.JAVASCRIPT.CrossSiteScripting.

QAK-6430      False negative in OPT.C.CERTC.EXP34 rule.

QAK-6437      False negative in OPT.JAVA.SEC_JAVA.CrossSiteScriptingRule.

QAK-6440      OPT.PHP.HttpSplitting rule enhancement.

QAK-6445      Rule OPT.XML.XSLT_MAN.NOUSEDPARAM only shows the last defect.

QAK-6446      Typescript not parsed correctly.

QAK-6447      Possible regression problems when analyzing Java files.

QAK-6448      Nullpointer in custom rule using com.als.core.rule.MetricThresholdsRule.

QAK-6452      Issue when analyzing with the rule OPT.COBOL.MAN_COBOL.VLIN: VALUES not aligned.

QAK-6454      False positive in the OPT.JAVA.IO.CS OPT.JAVA.IO.CS rule.

QAK-6456      Tainting propagation in method arguments improvement (.NET).

QAK-6457      Missing DataPath in OPT.CSHARP.OpenRedirect.

QAK-6458      .NET custom metadata malfunction for static method calls definitions.

QAK-6459      False positive in OPT.PYTHON.RELIABILITY.UnreachableCode.

QAK-6460      False positive "Avoid calling magic methods" in Python rule.

QAK-6463      C# parsing error in CSHTML files “MismatchedTokenException” has been fixed.

QAK-6464      Possible false positive in OPT.JAVA.CONV.ObjectTypeVerification.

QAK-6465      Kiuwan Local Analyzer does not execute JavaScript rules when there are only JSP files in basedir.

QAK-6468      OPT.ASPNET.CredentialsMisconfiguration error causes hardcoded password visibility.

QAK-6469      OPT.XML.XSLT_MAN.NONUSEDVARIABLES enhancement.

QAK-6470      OPT.JAVA.SEC_JAVA.SqlInjectionRule and metadata libraries support improvement.

QAK-6471      False negative in OPT.XML.XSLT_MAN.EFFICIENTUSEOFCHOOSE.

QAK-6473      False negative in OPT.VBNET.VBnet.RemoveUnusedLocals.

QAK-6477      False negative in OPT.JAVA.SEC_JAVA.XmlEntityInjectionRule.

QAK-6478      False negative in OPT.JAVASCRIPT.ERRORCOMUN.UnusedLocalVar.

QAK-6479      OPT.JSP.SEC_JSP.SpecifyIntegrityAttribute rule improvement.

QAK-6483      Unable to analyze application due timeout killed the sub-process java.lang.NullPointerException and high ccn complexity in several files.

QAK-6485      JavaScript not parsed correctly.

QAK-6486      Two validations done in integration tests should be moved to standard rule test, and testImplementationClassExist() should test something.

QAK-6487      Swift 5 Language supported version enhancement.

QAK-6489      RPG not parsed correctly when using EndSr opcode as the user identifier.

QAK-6490      False positives in OPT.JAVA.RGME.EAOF.

QAK-6491      Upgrade support for C# from v7 to v8.

QAK-6492      Add support for MatchKind.fullsignature in VB.NET CallSignature.getMethodPredicate().

QAK-6495      COBOL file not parsed correctly.

QAK-6496      Parsing error in Cobol caused by the SWCOPY command.

QAK-6497      SQL file not parsed correctly.

QAK-6498      VB file not parsed correctly.

QAK-6500      CS file not parsed correctly.

QAK-6501      COBOL parsing error: “TYPE clause in data-description entry”.

QAK-6502      False positive in OPT.PLSQL.SEC.WeakSymmetricEncryptionAlgorithm.

QAK-6503      NPE and OOM error while analyzing C++ and Java application.

QAK-6504      TypeScript Technology not parsed correctly.

QAK-6505      Few .tsx files not parsed correctly.

QAK-6506      False positive in GamoraDevOps application.

QAK-6509      False positive in Helios application.

QAK-6512      Strict dataflow analysis limit in OPT.COBOL.SEC.DynamicStorageLeakRule when complexity threshold exceeded.

QAK-6513      Add support for 'this"receiver paramenter (Java 8).

QAK-6526      OOM errors when analyzing Typescript.

QAK-6533      StackOverflowError IndirectTaintingSitesTask.   

KLA

QAK-5593      rules_oracleforms.key error does not exist.

QAK-6511      Cobol file not parsed correctly.

SAS-4155       KLA filter rules by priority.     

Kiuwan    

SAS-5152       When user deletes an analysis without label, many are hidden in the list

SAS-5184       After the user logins for the first time, it's required to change the default password.

SAS-5213       Compare of Models is not matching correctly when the user "manually" returns the default values.

SAS-5321       After installing custom rule, the rule active status is NOK.

SAS-5323       Error when uploading only a jar file of custom rules.

SAS-5325       Error when downloading defects PDF in apps with large amounts of defects.

SAS-5326       Error in Insights checkpoint and partial delivery.

SAS-5390       Error in email notification after creating a new user.

SAS-5434       Explanation with invalid character cannot be inserted into DB.

SAS-5435       High memory consumption in session.

SAS-5437       Many alert notification sent when cannot connect to REDIS cluster.

SAS-5446       Distribution request to MongoDB from the mongo client in Kiuwan.

SAS-5450       The Endpoint /apps/list takes 116 seconds.

 

  • No labels