...
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC03-J | high | likely | low | P27 | L1 |
Automated Detection
Static taint analysis addresses part of this guideline, by tracking which data is known to be untainted. Useful taint analyses can also enforce rules such as "only untainted data inside doPrivileged blocks.
All static taint analysis depends on the strength of the methods that clean potentially tainted data.TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
...