|
Page:
CodeSonar
CodeSonar
|
David Svoboda |
Mar 12, 2025
1741804740770
|
0
|
0
|
0
|
0
|
0
|
0
|
0
|
0
|
0
|
0
|
|
Page:
DRD01-X. Limit the accessibility of an app's sensitive content provider
DRD01-X. Limit the accessibility of an app's sensitive content provider
|
Carol J. Lallier |
Jun 17, 2013
1371506935000
|
0
|
1
|
1
|
1
|
0
|
0
|
0
|
0
|
0
|
0
|
|
Page:
DRD22. Do not cache sensitive information
DRD22. Do not cache sensitive information
|
Fred Long |
Aug 19, 2014
1408473255000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
1
|
1
|
1
|
|
Page:
DRD18. Do not use the default behavior in a cryptographic library if it does not use recommended practices
DRD18. Do not use the default behavior in a cryptographic library if it does not use recommended practices
|
lflynn |
Mar 28, 2014
1396043913000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
1
|
1
|
0
|
|
Page:
DRD17-J. Do not use the Android cryptographic security provider encryption default for AES
DRD17-J. Do not use the Android cryptographic security provider encryption default for AES
|
lflynn |
Mar 28, 2014
1396036174000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
0
|
1
|
0
|
|
Page:
DRD13. Do not provide addJavascriptInterface method access in a WebView which could contain untrusted content. (API level JELLY_BEAN or below)
DRD13. Do not provide addJavascriptInterface method access in a WebView which could contain untrusted content. (API level JELLY_BEAN or below)
|
Fred Long |
Jan 22, 2014
1390409597000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
1
|
1
|
0
|
|
Page:
DRD00. Do not store sensitive information on external storage (SD card) unless encrypted first
DRD00. Do not store sensitive information on external storage (SD card) unless encrypted first
|
Carol J. Lallier |
Jun 17, 2013
1371503609000
|
0
|
1
|
1
|
1
|
0
|
0
|
0
|
1
|
0
|
1
|
|
Page:
DRD12. Do not trust data that is world writable
DRD12. Do not trust data that is world writable
|
Fred Long |
Nov 27, 2013
1385573321000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
1
|
0
|
1
|
|
Page:
DRD11. Ensure that sensitive data is kept secure
DRD11. Ensure that sensitive data is kept secure
|
Fred Long |
Nov 27, 2013
1385572683000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
1
|
1
|
1
|
|
Page:
DRD07-X. Protect exported services with strong permissions
DRD07-X. Protect exported services with strong permissions
|
Fred Long |
Aug 12, 2013
1376335160000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
0
|
0
|
0
|
|
Page:
DRD04-J. Do not log sensitive information
DRD04-J. Do not log sensitive information
|
David Svoboda |
Jun 27, 2013
1372366117000
|
0
|
1
|
1
|
1
|
0
|
0
|
0
|
0
|
0
|
1
|
|
Page:
DRD21-J. Always pass explicit intents to a PendingIntent
DRD21-J. Always pass explicit intents to a PendingIntent
|
Fred Long |
Aug 01, 2014
1406914954000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
0
|
1
|
0
|
|
Page:
DRD06. Do not act on malicious intents
DRD06. Do not act on malicious intents
|
Fred Long |
Aug 12, 2013
1376329767000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
1
|
0
|
0
|
|
Page:
DRD03-J. Do not broadcast sensitive information using an implicit intent
DRD03-J. Do not broadcast sensitive information using an implicit intent
|
Fred Long |
Aug 08, 2013
1375975242000
|
0
|
1
|
1
|
1
|
0
|
0
|
0
|
0
|
0
|
0
|
|
Page:
DRD02-J. Do not allow WebView to access sensitive local resource through file scheme
DRD02-J. Do not allow WebView to access sensitive local resource through file scheme
|
Carol J. Lallier |
Jun 17, 2013
1371507994000
|
0
|
1
|
1
|
1
|
0
|
0
|
0
|
0
|
0
|
0
|
|
Page:
DRD23-J. Do not use loopback when handling sensitive data
DRD23-J. Do not use loopback when handling sensitive data
|
Fred Long |
Aug 25, 2014
1408993109000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
0
|
1
|
0
|
|
Page:
DRD19. Properly verify server certificate on SSL/TLS
DRD19. Properly verify server certificate on SSL/TLS
|
lflynn |
Apr 01, 2014
1396388093000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
1
|
1
|
0
|
|
Page:
DRD20-C. Specify permissions when creating files via the NDK
DRD20-C. Specify permissions when creating files via the NDK
|
eazebu |
Jul 29, 2014
1406642158000
|
0
|
1
|
1
|
1
|
0
|
0
|
0
|
0
|
0
|
0
|
|
Page:
DRD16-X. Explicitly define the exported attribute for private components
DRD16-X. Explicitly define the exported attribute for private components
|
lflynn |
Mar 14, 2014
1394775975000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
0
|
1
|
0
|
|
Page:
DRD14-J. Check that a calling app has appropriate permissions before responding
DRD14-J. Check that a calling app has appropriate permissions before responding
|
Fred Long |
Jan 31, 2014
1391184455000
|
0
|
1
|
1
|
1
|
0
|
0
|
1
|
0
|
1
|
0
|
