Checker | Guideline |
|---|
| VNA00-J. Ensure visibility when accessing shared primitive variables | HTTP_Response_Splitting | IDS00-J. Sanitize untrusted data passed across a trust boundaryPrevent SQL injection |
| Log_Forging | IDS03-J. Do not log unsanitized user input |
| Missing_Check_against_Null | EXP01-J. Never dereference null pointersDo not use a null in a case where an object is required |
| Missing_XML_Validation | IDS16-J. Prevent XML Injection |
| Missing_XML_Validation | IDS00IDS17-J. Sanitize untrusted data passed across a trust boundaryPrevent XML External Entity Attacks |
| Null_Dereference | EXP01-J. Never dereference null pointersDo not use a null in a case where an object is required |
| Password_Management | MSC03-J. Never hard code sensitive information |
| Password_Management__Hardcoded_Password | MSC03-J. Never hard code sensitive information |
| Path_Manipulation | IDS02FIO16-J. Canonicalize path names before validating them | Process_Control | IDS01-J. Normalize strings before validating them |
| Redundant_Null_Check | EXP01-J. Never dereference null pointersDo not use a null in a case where an object is required |
| SQL_Injection | IDS00-J. Sanitize untrusted data passed across a trust boundaryPrevent SQL injection |
| SQL_Injection__Persistence | IDS00-J. Sanitize untrusted data passed across a trust boundaryPrevent SQL injection |
