code security test#323
8 new alerts including 2 critical severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 2 critical
- 2 high
- 4 medium
See annotations below for details.
Annotations
Check failure on line 27 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Query built from user-controlled sources High test
Check failure on line 42 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Uncontrolled command line Critical test
Check failure on line 57 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Server-side request forgery Critical test
Check failure on line 80 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Uncontrolled data used in path expression High test
Check warning on line 31 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Information exposure through an error message Medium test
Check warning on line 46 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Information exposure through an error message Medium test
Check warning on line 61 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Information exposure through an error message Medium test
Check warning on line 84 in base/src/main/java/com/tinyengine/it/test/VulnerableTest.java
Code scanning / CodeQL
Information exposure through an error message Medium test