...
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC15-J | medium | likely | high | P6 | L2 |
Automated Detection
TODOThe general case of automated detection appears to be infeasible, as determining which specific data may be passed through the socket is not statically computable. An approach that introduces a custom API for passing sensitive data via secure sockets may be feasible. User tagging of sensitive data would be a necessary requirement for such an approach.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
...