Release 2.0.7.0

Release Date: 29th October’21
Improvements and Bug fixes

  • We have added 4 C++ checks.
  1. unvalidated parameter as index
  2. Non-POD memory operation
  3. unvalidated loop boundary
  4. unconditional pointer dereference
  • We have added 2 CPP checks that map to * CWE

Sr.No

CPP checks

CWE tags

Unchecked Input for Loop Condition

CWE-606

Loop with Unreachable Exit Condition

CWE-835

  • Upgraded versions and added new checks for below linters such as:

Sr.No

Linter Name

Old version

Upgraded version

Changes

staticcheck

0.1.2

0.2.1

gosec

2.6.1

2.8.1

brakeman

5.0.0

5.1.1

PMD

6.26.0

6.39.0

16

PYLINT

2.4.4

2.11.1

22

Solhint

3.3.6

3.3.6

41

  • We have added 5 Java vulnerability checks that map to CWE

Sr.No

Java checks

CWE tags

Non Serializable In Session

CWE- 579

Public Static Field Should Be Final

CWE- 500

Empty Synchronized Block

CWE- 585

Return In Finally Block

CWE- 584

Explicit Call To Finalize

CWE- 586