"GitLab Advanced SAST rules: JavaScript"
- Tier: Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
Rules used by GitLab Advanced SAST to detect vulnerabilities in JavaScript code.
| Rule ID | Rule description | CWE | OWASP Top 10 |
|---|---|---|---|
javascript-axios-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-bent-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-electron-misconfiguration-allow-http-atomic |
Cleartext Transmission of Sensitive Information | CWE-319 | A6:2017, A05:2021 |
javascript-electron-misconfiguration-blink-integration-atomic |
Least privilege violation | CWE-272 | A6:2017, A05:2021 |
javascript-electron-misconfiguration-context-isolation-atomic |
Improperly controlled modification of object prototype attributes ('Prototype Pollution') | CWE-1321 | A6:2017, A05:2021 |
javascript-electron-misconfiguration-disable-websecurity-atomic |
Origin validation error | CWE-346 | A6:2017, A05:2021 |
javascript-electron-misconfiguration-experimental-features-atomic |
Least privilege violation | CWE-272 | A6:2017, A05:2021 |
javascript-electron-misconfiguration-nodejs-integration-atomic |
Least privilege violation | CWE-272 | A6:2017, A05:2021 |
javascript-grpc-deserialization-insecure-connection-atomic |
Deserialization of Untrusted Data | CWE-502 | A8:2017, A08:2021 |
javascript-handlebars-xss-noescape-taint |
Improper neutralization of script-related HTML tags in a web page (basic XSS) | CWE-80 | A7:2017, A03:2021 |
javascript-handlebars-xss-safestring-taint |
Improper neutralization of input during web page generation (Cross-site Scripting) | CWE-79 | A7:2017, A03:2021 |
javascript-helmet-misconfiguration-security-feature-disabled-atomic |
Improperly implemented security check for standard | CWE-358 | A6:2017, A05:2021 |
javascript-jquery-xss-taint |
Improper neutralization of input during web page generation ('Cross-site Scripting') | CWE-79 | A7:2017, A03:2021 |
javascript-knex-sqli-taint |
Improper neutralization of special elements used in an SQL command (SQL Injection) | CWE-89 | A1:2017, A03:2021 |
javascript-lang-cmdi-dangerous-spawn-shell-taint |
Improper neutralization of special elements used in an OS command('OS Command Injection') | CWE-78 | A1:2017, A03:2021 |
javascript-lang-cmdi-detect-child-process-cmdi-taint |
Improper neutralization of special elements used in an OS command('OS Command Injection') | CWE-78 | A1:2017, A03:2021 |
javascript-lang-cmdi-detect-dynamic-method-taint |
Improper usage of user input to execute dynamic method calls | CWE-913 | A1:2017, A03:2021 |
javascript-lang-cmdi-detect-eval-taint |
Improper neutralization of directives in dynamically evaluated code ('Eval Injection') | CWE-95 | A1:2017, A03:2021 |
javascript-lang-cmdi-shelljs-os-command-exec-taint |
Improper neutralization of special elements used in an OS command ('OS Command Injection') | CWE-78 | A1:2017, A03:2021 |
javascript-lang-codei-sandbox-taint |
Improper control of generation of code (Code Injection) | CWE-94 | A1:2017, A03:2021 |
javascript-lang-codei-user-taint |
Improper control of generation of code ('Code Injection') | CWE-94 | A1:2017, A03:2021 |
javascript-lang-codei-vm2-taint |
Improper control of generation of code (Code Injection) | CWE-94 | A1:2017, A03:2021 |
javascript-lang-crlfi-header-injection-taint |
Improper neutralization of CRLF sequences in HTTP headers ('HTTP Request/Response Splitting') | CWE-113 | A1:2017, A03:2021 |
javascript-lang-crypto-hardcoded-jwt-secret-atomic |
Use of hard-coded credentials | CWE-798 | A3:2017, A02:2021 |
javascript-lang-crypto-insecure-random-generator-atomic |
Use of cryptographically weak pseudo-random number generator (PRNG) | CWE-338 | A3:2017, A02:2021 |
javascript-lang-crypto-jwt-not-revoked-atomic |
Insufficiently protected credentials | CWE-522 | A3:2017, A02:2021 |
javascript-lang-crypto-md5-atomic |
Use of weak hash | CWE-328 | A3:2017, A02:2021 |
javascript-lang-crypto-node-aes-ecb-atomic |
Use of a broken or risky cryptographic algorithm | CWE-327 | A3:2017, A02:2021 |
javascript-lang-crypto-node-libcurl-ssl-verification-disable-taint |
Missing validation of OpenSSL certificate | CWE-599 | A6:2017, A05:2021 |
javascript-lang-crypto-pseudo-random-bytes-atomic |
Use of cryptographically weak pseudo-random number generator (PRNG) | CWE-338 | A3:2017, A02:2021 |
javascript-lang-crypto-sequelize-tls-atomic |
Cleartext transmission of sensitive information | CWE-319 | A3:2017, A02:2021 |
javascript-lang-crypto-sequelize-tls-cert-validation-atomic |
Improper certificate validation | CWE-295 | A3:2017, A02:2021 |
javascript-lang-crypto-sequelize-weak-tls-atomic |
Selection of Less-Secure Algorithm During Negotiation (Algorithm Downgrade) | CWE-757 | A3:2017, A02:2021 |
javascript-lang-crypto-sha1-atomic |
Use of weak hash | CWE-328 | A3:2017, A02:2021 |
javascript-lang-crypto-timing-taint |
Observable timing discrepancy | CWE-208 | A3:2017, A02:2021 |
javascript-lang-crypto-tls-reject-atomic |
Improper Certificate Validation | CWE-295 | A3:2017, A02:2021 |
javascript-lang-dos-regex-taint |
Incorrect regular expression | CWE-185 | A6:2017, A05:2021 |
javascript-lang-dos-regexp-taint |
Regular expression with non-literal value | CWE-185 | A1:2017, A03:2021 |
javascript-lang-headeri-host-header-injection-taint |
Use of less trusted source | CWE-348 | A1:2017, A03:2021 |
javascript-lang-js-yaml-deserialization-taint |
Deserialization of Untrusted Data | CWE-502 | A8:2017, A08:2021 |
javascript-lang-lfi-require-taint |
Inclusion of Functionality from Untrusted Control Sphere | CWE-829 | A1:2017, A03:2021 |
javascript-lang-misconfiguration-cookie-httpyonly-atomic |
Sensitive cookie without 'HttpOnly' flag | CWE-1004 | A6:2017, A05:2021 |
javascript-lang-misconfiguration-cookie-no-domain-atomic |
Insufficiently protected credentials | CWE-522 | A6:2017, A05:2021 |
javascript-lang-misconfiguration-cookie-no-maxage-atomic |
Insufficient session expiration | CWE-613 | A6:2017, A05:2021 |
javascript-lang-misconfiguration-cookie-samesite-atomic |
Sensitive cookie with improper SameSite attribute | CWE-1275 | A6:2017, A05:2021 |
javascript-lang-misconfiguration-cookie-secure-atomic |
Sensitive cookie in HTTPS session without 'Secure' attribute | CWE-614 | A6:2017, A05:2021 |
javascript-lang-misconfiguration-cookie-session-default-atomic |
Insufficiently protected credentials | CWE-522 | A6:2017, A05:2021 |
javascript-lang-misconfiguration-cookie-session-no-path-atomic |
Insufficiently protected credentials | CWE-522 | A6:2017, A05:2021 |
javascript-lang-misconfiguration-timing-attack-atomic |
Observable timing discrepancy | CWE-208 | A6:2017, A05:2021 |
javascript-lang-openredirect-taint |
URL redirection to untrusted site 'open redirect' | CWE-601 | A1:2017, A03:2021 |
javascript-lang-overflow-read-buffer-noassert-atomic |
Out-of-bounds read | CWE-125 | A6:2017, A05:2021 |
javascript-lang-overflow-write-buffer-noassert-atomic |
Out-of-bounds write | CWE-787 | A6:2017, A05:2021 |
javascript-lang-pathtraversal-admzip-path-overwrite-atomic |
Improper limitation of a pathname to a restricted directory ('Path Traversal') | CWE-22 | A5:2017, A01:2021 |
javascript-lang-pathtraversal-join-resolve-taint |
Improper limitation of a pathname to a restricted directory ('Path Traversal') | CWE-22 | A5:2017, A01:2021 |
javascript-lang-pathtraversal-taint |
Path traversal | CWE-22 | A5:2017, A01:2021 |
javascript-lang-pathtraversal-tar-path-overwrite-atomic |
Improper limitation of a pathname to a restricted directory ('Path Traversal') | CWE-22 | A5:2017, A01:2021 |
javascript-lang-serializetojs-deserialization-taint |
Deserialization of Untrusted Data | CWE-502 | A8:2017, A08:2021 |
javascript-lang-sqli-taint |
Improper neutralization of special elements used in an SQL command (SQL Injection) | CWE-89 | A1:2017, A03:2021 |
javascript-lang-ssti-compile-taint |
Improper neutralization of special elements used in a template engine | CWE-1336 | A1:2017, A03:2021 |
javascript-lang-xpathi-taint |
Improper neutralization of data within XPath expressions (XPath Injection) | CWE-643 | A1:2017, A03:2021 |
javascript-lang-xss-disable-mustache-escape-atomic |
Improper encoding or escaping of output | CWE-116 | A7:2017, A03:2021 |
javascript-lang-xss-req-params-to-resp-taint |
Improper neutralization of input during web page generation ('Cross-site Scripting') | CWE-79 | A7:2017, A03:2021 |
javascript-lang-xss-serialize-atomic |
Improper neutralization of script-related HTML tags in a web page (basic XSS) | CWE-80 | A7:2017, A03:2021 |
javascript-lang-xxe-libxmljs-taint |
Improper restriction of XML external entity reference ('XXE') | CWE-611 | A4:2017, A05:2021 |
javascript-lang-xxe-node-entity-expansion-taint |
Improper restriction of recursive entity references in DTDs (XML Entity Expansion) | CWE-776 | A4:2017, A05:2021 |
javascript-lusca-xss-header-atomic |
Improperly implemented security check for standard | CWE-358 | A6:2017, A05:2021 |
javascript-mongodb-nosqli-injection-findone-taint |
Improper neutralization of special elements in data query logic | CWE-943 | A1:2017, A03:2021 |
javascript-mongodb-nosqli-injection-taint |
Improper neutralization of special elements in data query logic | CWE-943 | A1:2017, A03:2021 |
javascript-mustache-xss-markup-escape-atomic |
Improper neutralization of input during web page generation (XSS) | CWE-79 | A7:2017, A03:2021 |
javascript-mysql-sqli-taint |
Improper neutralization of special elements used in an SQL command (SQL Injection) | CWE-89 | A1:2017, A03:2021 |
javascript-needle-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-node-codei-vm-taint |
Improper control of generation of code (Code Injection) | CWE-94 | A1:2017, A03:2021 |
javascript-node-crypto-aes-noiv-atomic |
Generation of weak initialization vector (IV) | CWE-1204 | A3:2017, A02:2021 |
javascript-node-crypto-jwt-none-alg-atomic |
Use of a broken or risky cryptographic algorithm | CWE-327 | A3:2017, A02:2021 |
javascript-node-crypto-weak-crypto-alg-atomic |
Use of a broken or risky cryptographic algorithm | CWE-327 | A3:2017, A02:2021 |
javascript-node-csrf-express-cors-atomic |
Origin validation error | CWE-346 | A6:2017, A05:2021 |
javascript-node-dos-layer7-taint |
Unchecked input for loop condition | CWE-606 | A6:2017, A05:2021 |
javascript-node-dos-new-buffer-atomic |
Allocation of resources without limits or throttling | CWE-770 | A9:2017, A06:2021 |
javascript-node-misconfiguration-express-cors-atomic |
Permissive cross-domain policy with untrusted domains | CWE-942 | A6:2017, A05:2021 |
javascript-node-pathtraversal-express-hbs-lfr-taint |
Path Traversal | CWE-23 | A5:2017, A01:2021 |
javascript-node-pathtraversal-express-hbs-lfr-warning-taint |
Relative path traversal | CWE-23 | A5:2017, A01:2021 |
javascript-node-pathtraversal-fs-non-literal-taint |
Improper limitation of a pathname to a restricted directory ('Path Traversal') | CWE-22 | A5:2017, A01:2021 |
javascript-node-serialize-deserialization-taint |
Deserialization of Untrusted Data | CWE-502 | A8:2017, A08:2021 |
javascript-node-ssrf-generic-one-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A10:2021 |
javascript-node-ssrf-generic-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-pg-sqli-taint |
Improper neutralization of special elements used in an SQL command ('SQL Injection') | CWE-89 | A1:2017, A03:2021 |
javascript-phantom-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-playwright-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-puppeteer-ssrf-evaluate-code-injection-taint |
Detects potential SSRF and RCE in Puppeteer's evaluate methods | CWE-94 | A1:2017, A10:2021 |
javascript-puppeteer-ssrf-goto-injection-taint |
Detects potential SSRF in Puppeteer's page.goto() method | CWE-918 | A1:2017, A10:2021 |
javascript-puppeteer-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-react-xss-dangerouslysetinnerhtml-atomic |
Improper neutralization of input during web page generation ('Cross-site Scripting') | CWE-79 | A7:2017, A03:2021 |
javascript-sequelize-sqli-taint |
Detects potential SQL injection vulnerabilities in Sequelize queries | CWE-89 | A1:2017, A03:2021 |
javascript-serialize-to-js-deserialization-untrusted-data-taint |
Detects potential insecure deserialization in serialize-to-js usage | CWE-502 | A8:2017, A08:2021 |
javascript-squirrelly-xss-autoescape-atomic |
Improper neutralization of input during web page generation ('Cross-site Scripting') | CWE-79 | A7:2017, A03:2021 |
javascript-urllib-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A03:2021 |
javascript-wkhtmltoimage-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A10:2021 |
javascript-wkhtmltopdf-ssrf-taint |
Server-side request forgery (SSRF) | CWE-918 | A1:2017, A10:2021 |