Java Security Rules

Reshift Scans your custom Java code for security bugs, below are the security issues Reshift detects.

Security Issues

Severity

CWE

OWASP Top 10

AWS Query Injection

A1

Code Execution

A1

Command Injection

A1

Reflected Cross-site Scripting

A7

DOM Cross-site Scripting

A7

Stored Cross-site Scripting

A7

Cross Site Request Forgery

Denial of Service

Insecure Crypto

A3

Template Injection

A1

Hardcoded Key

A3

Header Injection

A1

HTTP Parameter Pollution

HTTP Response Splitting

Information Leakage

A3

Insecure Data Storage

A3

Insecure Deserialization

A8

Insecure Logging

A10

LDAP Injection

90

A1

JSP Include Injection

A1

JSP Spring Eval

A1

Padding Oracle

A3

Parameter Tampering

A5

Path Tampering

RegEx Denial of Service

RSA No Padding

A3

Sensitive Data Exposure

A3

SQL Injection

89

A1

Server Side Request Forgery

Timing Attacks

Unvalidated Redirect

Using ECB Mode

A3

Weak Hashing

A3

XPath Injection

A1

XML External Entity Injection

A4