Release 2.0.7.0
Release Date: 29th October’21
Improvements and Bug fixes
- We have added 4 C++ checks.
- unvalidated parameter as index
- Non-POD memory operation
- unvalidated loop boundary
- unconditional pointer dereference
- We have added 2 CPP checks that map to * CWE
Sr.No | CPP checks | CWE tags |
|---|---|---|
Unchecked Input for Loop Condition | CWE-606 | |
Loop with Unreachable Exit Condition | CWE-835 |
- Upgraded versions and added new checks for below linters such as:
Sr.No | Linter Name | Old version | Upgraded version | Changes |
|---|---|---|---|---|
staticcheck | 0.1.2 | 0.2.1 | — | |
gosec | 2.6.1 | 2.8.1 | — | |
brakeman | 5.0.0 | 5.1.1 | — | |
PMD | 6.26.0 | 6.39.0 | 16 | |
PYLINT | 2.4.4 | 2.11.1 | 22 | |
Solhint | 3.3.6 | 3.3.6 | 41 |
- We have added 5 Java vulnerability checks that map to CWE
Sr.No | Java checks | CWE tags |
|---|---|---|
Non Serializable In Session | CWE- 579 | |
Public Static Field Should Be Final | CWE- 500 | |
Empty Synchronized Block | CWE- 585 | |
Return In Finally Block | CWE- 584 | |
Explicit Call To Finalize | CWE- 586 |
Updated about 2 months ago