Contents
ET2
- QAK-6415 PARSE ERROR para fichero PL/SQL
- QAK-6433 Rule definition for OPT.PHP.AvoidExitorDie references to an invalid URL
- QAK-6434 Rule definition for OPT.PHP.AvoidSQLQueriesWithinLoop references to an invalid URL
- QAK-6436 Parsing error file in PL/SQL in CREATE sentence
- QAK-6444 PARSE ERROR for Transact-SQL with OVER(...) No,Name sentence
- QAK-6450 PARSE ERROR for file PL/SQL
- QAK-6451 Parsing errors in Transact-SQL files
- QAK-6453 PARSE ERROR in PL/SQL file when use IS NOT NULL in case statement
- QAK-6455 ERROR java.lang.NullPointerException on OPT.JAVA.SEC_JAVA.InsecureSSL
- QAK-6462 Parsing errors Transact-SQL when PERSISTED keyword is used
- QAK-6480 Parsing errors in PHP interface function definition
ET4
- QAK-5037 QAK-4864 Posibles mejoras para CWE:404
- QAK-5038 QAK-4864 Posibles mejoras para CWE:459
- QAK-5050 QAK-4864 Posibles mejoras para CWE:80
- QAK-5051 QAK-4864 Nuevas reglas para CWE:81
- QAK-5058 QAK-4864 Mejoras para OPT.JAVA.NullDereference
- QAK-5208 Name rule OPT.VB6.VBCD.ACGE
- QAK-5275 Implement CSRF protection in Java Spring for Java configuration
- QAK-5415 Review TS support for TS 4
- QAK-5672 New .NET rule (Subverting X509Certificate.Equals )
- QAK-6127 Clean unused criteria
- QAK-6280 QAK-6279 Remove groovy-rules jars from engine
- QAK-6374 Improve "InsecureTransport" rules to check for ftp connections too
- QAK-6380 Review VBNet unreachable checker
- QAK-6435 PARSE error para fichero SQL
- QAK-6508 Update Kotlin language level to 1.4
- QAK-6514 QAK-5921 Review and merge changes in QAK.5921 branch into development
- QAK-6516 False Propagation Path HttpRequestWrapper class
- QAK-6517 Update Swift language level to 5.3
- QAK-6518 Update Java language level to Java 15
- QAK-6519 Update Python language level to 3.9
- QAK-6524 Update C# language to 9
- QAK-6525 Timeout Error While analyzing ReactJS files
- QAK-6530 Unparse typescript/javascript file
- QAK-6534 Control/flow graph building does not terminate in COBOL
- QAK-6535 Parse errors in COBOL app
- QAK-6539 Kiuwan Local Analyzer: "Timeout - killed the sub-process
- QAK-6540 PARSE ERROR Cobol files
- QAK-6542 Optimize Cobol's ConditionNeutralizationProcessor
- QAK-6543 [LTA - 70.000$] FN in rule OPT.CPP.CERTC.ARR35 "iterate beyond the end of an array"
- QAK-6546 QAK-6246 VBNet -> Datapath - Incorrect method call
- QAK-6548 Include/Exclude patterns do not work well with projects where a (large) list of files to scan should be used instead
- QAK-6551 QAK-6246 Kotin -> Datapath - Incorrect method call
- QAK-6558 FP in OPT.JAVA.SEC_JAVA.ServerSideRequestForgeryRule and OPT.JAVA.SEC_JAVA.MailCommandInjection
- QAK-6560 FP OPT.SWIFT.SECURITY.HardcodedUsernamePassword
- QAK-6561 [Easirun] Parsing Error in .vb files
- QAK-6562 Parse Error in .sql File
- QAK-6563 Timeout Error While analyzing Java files
- QAK-6564 Cobol parse errors
- QAK-6566 [Telefonica] Possible FP in rule OPT.JAVA.SEC_JAVA.RegexInjectionRule
- QAK-6567 QAK-6563 OPT.JAVA.SEC_JAVA.PotentialInfiniteLoop FPs
- QAK-6568 QAK-6563 Disable OPT.JAVA.APackageDoesNotDependOnLessStablePackages from CQM
- QAK-6569 C++ Rule for detecting suspect usages of std::forward
- QAK-6570 Map C++ rules to the C++ Core Guidelines
- QAK-6572 Wrong InjectionPoint in python
- QAK-6576 QAK-6279 Remove groovy-rules jars from devwan
- QAK-6577 java.lang.StackOverflowError OPT.JAVA.STR.CMPCH
- QAK-6583 NPE IndirectTaintingSitesTask(csharp)
- SAS-5438 heapdumps in local analyzer accumulate and fill the local filesystem
- SAS-5439 Improve contents of the .diagnosis.txt files after an unrecoverable error during analysis in KLA
- SAS-5481 Remove the groovy tech extensions from the LanguageInfo.properties file
- SAS-5483 Cannot execute CPP analysis (KLA)
MT4
- SAS-5239 BUG en endpoint DELETE /applications
- SAS-5361 ERROR when pressing chrome back button in Kiuwan main page new user account
- SAS-5488 Analysis with uploaded zip file does not work with new KLA
Other
- SAS-4852 Insights - Support to add custom artifacts and vulnerabilities
- SAS-5181 Use class attributes with user data in singleton beans
- SAS-5399 Language combobox in the Add Custom Component window should not be editable
- SAS-5401 Requires fields with blank spaces
- SAS-5403 Label of the Is fixed version checkbox
- SAS-5404 Performance in Mute Vulnerabilities tab
- SAS-5405 Delete Affected Component is not working properly
- SAS-5408 /insights/custom/component/list is not working properly
- SAS-5409 Create custom component - group parameter
- SAS-5411 NPE - Delete custom component
- SAS-5412 Without wrong message - delete custom component
- SAS-5415 NPE modifying licenses component
- SAS-5424 Insights regression - Licenses without name
- SAS-5429 No custom vulnerabilities taking account
- SAS-5444 Redo the layout of mute vulnerabilities screen
- SAS-5456 INSIGHTS: The vulnerabilities are not being updated correctly
- SAS-5457 Wrong language adding custom component via API