Static Analysis

Uploaded by

masszwaker

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

23 views10 pages

Static Analysis

Uploaded by

masszwaker

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 10

NO ISSUE SEVERITY STANDARDS FILES

1 Files may warning CWE: Show Files Suppress

contain CWE-312: coil/request/ImageRequest.java android_h
hardcoded Cleartext coil/request/ImageResult.java com.thep
sensitive Storage of coil/request/Parameters.java Suppress
information like Sensitive coil/util/ImageLoaderOptions.java android_h
usernames, Information com/amplitude/android/migration/ com.thep
passwords, OWASP Top RemnantDataMigration.java these file
keys etc. 10: M9: com/amplitude/id/FileIdentityStorage.java
Reverse com/amplitude/id/IdentityConfiguration.java
Engineering com/azure/core/http/ProxyOptions.java
OWASP com/azure/core/http/netty/implementation/
MASVS: AzureNettyHttpClientContext.java
MSTG- com/azure/core/http/policy/
STORAGE-14 AddHeadersFromContextPolicy.java
com/azure/core/http/policy/DefaultRedirectStrategy.java
com/azure/core/http/policy/UserAgentPolicy.java
com/azure/core/implementation/http/policy/
InstrumentationPolicy.java
com/azure/core/implementation/jackson/
JacksonVersion.java
com/azure/core/implementation/jackson/
ResponseErrorDeserializer.java
com/azure/core/implementation/logging/LoggingKeys.java
com/azure/core/util/Configuration.java
com/azure/core/util/logging/LoggingEventBuilder.java
com/azure/core/util/tracing/Tracer.java
com/azure/core/util/tracing/Utils.java
com/azure/storage/common/
StorageSharedKeyCredential.java
com/azure/storage/common/implementation/Constants.java
com/azure/storage/common/implementation/
StorageImplUtils.java
com/azure/storage/internal/avro/implementation/
AvroConstants.java
com/bumptech/glide/load/Option.java
com/bumptech/glide/load/engine/DataCacheKey.java
com/bumptech/glide/load/engine/EngineResource.java
com/bumptech/glide/load/engine/ResourceCacheKey.java
com/ctc/wstx/shaded/msv_core/reader/trex/ng/
RELAXNGReader.java
com/ctc/wstx/shaded/msv_core/reader/xmlschema/
XMLSchemaReader.java
com/ctc/wstx/shaded/msv_core/verifier/identity/
IDConstraintChecker.java
com/kyn/BuildConfig.java
com/kyn/domain/model/response/AreaBasedResponse.java
com/kyn/domain/model/response/AreaByIdResponse.java
com/kyn/domain/model/response/CreatedBy.java
com/kyn/domain/model/response/
LocationAreasResponse.java
com/kyn/domain/model/response/ZoneBasedResponse.java
com/kyn/model/home/Category.java
com/kyn/model/home/CategoryTest.java
com/kyn/model/home/Location.java
com/kyn/model/home/UserRole.java
com/kyn/models/Category.java
com/kyn/models/CategoryByVideo.java
com/kyn/models/CategoryInfo.java
com/kyn/models/Location.java
com/kyn/models/LocationBlog.java
com/kyn/models/LocationByVideo.java
com/kyn/models/PaginationState.java
com/kyn/models/Role.java
NO ISSUE SEVERITY STANDARDS FILES
com/kyn/models/RoleByVideo.java
com/kyn/models/User.java
com/kyn/models/UserProfileRole.java
com/kyn/models/UserRole.java
com/kyn/models/analytics/MixPanelCommentInfo.java
com/kyn/models/analytics/MixPanelOtherUserInfo.java
com/kyn/models/events/FilterLocation.java
com/kyn/models/post/create/CategoryReq.java
com/kyn/models/post/create/LocationReq.java
com/kyn/models/profile/Category.java
com/kyn/models/profile/Locations.java
com/kyn/models/profile/RequestType.java
com/kyn/models/profile/RequestTypes.java
com/kyn/models/profile/UserProfileData.java
com/kyn/models/profile/UserRole.java
com/kyn/models/profile/categorys.java
com/kyn/models/register/RegisterRequest.java
com/kyn/models/register/UserRole.java
com/kyn/models/report/ReportData.java
com/kyn/models/report/ReportReason.java
com/kyn/models/video/videos/VideoCategoryList.java
com/kyn/sealed/DeepLinkActions.java
com/kyn/sealed/GenderSealed.java
com/kyn/sealed/LoginType.java
com/kyn/sealed/UserType.java
com/kyn/ui/Follower/FollowerFragmentDirections.java
com/kyn/ui/comments/model/ContentInfo.java
com/kyn/ui/components/models/FollowerUiModel.java
com/kyn/ui/components/models/LikelistUiModel.java
com/kyn/ui/home/HomePageFragmentDirections.java
com/kyn/ui/home/UiAction.java
com/kyn/ui/klips/KlipListFragmentDirections.java
com/kyn/ui/like/LikelistFragmentDirections.java
com/kyn/ui/main/presentation/screen/
SplashScreenFragmentDirections.java
com/kyn/ui/notices/presentation/
BlogDetailFragmentDirections.java
com/kyn/ui/postdetails/PostDetailsFragmentDirections.java
com/kyn/ui/profile/presentation/ProfileFragmentArgs.java
com/kyn/ui/profile/presentation/
ProfileFragmentDirections.java
com/kyn/ui/registration/models/UserRegistrationUIModel.java
com/kyn/ui/search/model/SearchProfileUIModel.java
com/kyn/ui/search/presentation/screen/
SearchFragmentDirections.java
com/kyn/ui/video/VideoDetailFragmentDirections.java
com/kyn/ui/video/view_all_videos/presentation/
ViewAllVideosFragmentDirections.java
com/kyn/utils/CommonUtils.java
com/kyn/utils/Env.java
com/kyn/utils/KynConst.java
com/microsoft/azure/storage/CloudStorageAccount.java
com/microsoft/azure/storage/Constants.java
com/microsoft/azure/storage/StorageErrorCodeStrings.java
com/microsoft/azure/storage/core/SR.java
com/microsoft/azure/storage/table/TableConstants.java
com/moengage/core/config/NetworkDataSecurityConfig.java
com/moengage/core/internal/CoreConstants.java
com/moengage/core/internal/data/reports/
BatchHelperKt.java
com/moengage/core/internal/data/reports/
ReportsConstantsKt.java
com/moengage/core/internal/model/logging/LogData.java
NO ISSUE SEVERITY STANDARDS FILES
com/moengage/core/internal/rest/Request.java
com/moengage/core/internal/rest/RestConstantsKt.java
com/moengage/core/internal/rest/interceptor/
EncryptionInterceptorKt.java
com/moengage/core/internal/storage/database/contract/
KeyValueStoreContractKt.java
com/moengage/core/internal/storage/preference/
SharedPrefKeysKt.java
com/moengage/core/internal/utils/RestUtilKt.java
com/moengage/inapp/internal/repository/remote/
ApiManagerKt.java
com/moengage/inapp/internal/repository/remote/
ResponseParserKt.java
com/moengage/richnotification/internal/
RichPushConstantsKt.java
com/moengage/trigger/evaluator/internal/repository/local/
MapperKt.java
com/mux/stats/sdk/core/model/CustomerPlayerData.java
com/mux/stats/sdk/core/model/SessionTag.java
io/grpc/PersistentHashArrayMappedTrie.java
io/grpc/internal/DnsNameResolver.java
io/grpc/internal/PickFirstLoadBalancerProvider.java
io/grpc/internal/TransportFrameUtil.java
io/netty/handler/codec/http/HttpHeaders.java
io/netty/handler/proxy/Socks4ProxyHandler.java
io/netty/handler/proxy/Socks5ProxyHandler.java
io/netty/handler/ssl/PemPrivateKey.java
io/netty/handler/ssl/SslMasterKeyHandler.java
io/netty/util/DomainWildcardMappingBuilder.java
reactor/core/scheduler/SchedulerMetricDecorator.java
reactor/netty/transport/ProxyProvider.java
2 The App logs info CWE: Show Files Suppress
information. CWE-532: com/amplitude/common/android/LogcatLogger.java android_l
Sensitive Insertion of com/amplitude/common/jvm/ConsoleLogger.java com.thep
information Sensitive com/appsflyer/internal/AFf1cSDK.java Suppress
should never Information com/appsflyer/internal/AFf1fSDK.java android_l
be logged. into Log File com/appsflyer/internal/AFf1gSDK.java com.thep
OWASP com/appsflyer/internal/AFf1uSDK.java these file
MASVS: com/appsflyer/internal/AFg1dSDK.java
MSTG- com/appsflyer/share/LinkGenerator.java
STORAGE-3 com/azure/core/implementation/logging/DefaultLogger.java
com/bumptech/glide/Glide.java
com/bumptech/glide/disklrucache/DiskLruCache.java
com/bumptech/glide/gifdecoder/GifHeaderParser.java
com/bumptech/glide/gifdecoder/StandardGifDecoder.java
com/bumptech/glide/load/data/AssetPathFetcher.java
com/bumptech/glide/load/data/HttpUrlFetcher.java
com/bumptech/glide/load/data/LocalUriFetcher.java
com/bumptech/glide/load/data/mediastore/
ThumbFetcher.java
com/bumptech/glide/load/data/mediastore/
ThumbnailStreamOpener.java
com/bumptech/glide/load/engine/DecodeJob.java
com/bumptech/glide/load/engine/DecodePath.java
com/bumptech/glide/load/engine/Engine.java
com/bumptech/glide/load/engine/GlideException.java
com/bumptech/glide/load/engine/SourceGenerator.java
com/bumptech/glide/load/engine/bitmap_recycle/
LruArrayPool.java
com/bumptech/glide/load/engine/bitmap_recycle/
LruBitmapPool.java
com/bumptech/glide/load/engine/cache/
NO ISSUE SEVERITY STANDARDS FILES
DiskLruCacheWrapper.java
com/bumptech/glide/load/engine/cache/
MemorySizeCalculator.java
com/bumptech/glide/load/engine/executor/
GlideExecutor.java
com/bumptech/glide/load/engine/executor/
RuntimeCompat.java
com/bumptech/glide/load/engine/prefill/
BitmapPreFillRunner.java
com/bumptech/glide/load/model/ByteBufferEncoder.java
com/bumptech/glide/load/model/ByteBufferFileLoader.java
com/bumptech/glide/load/model/FileLoader.java
com/bumptech/glide/load/model/ResourceLoader.java
com/bumptech/glide/load/model/ResourceUriLoader.java
com/bumptech/glide/load/model/StreamEncoder.java
com/bumptech/glide/load/resource/
DefaultOnHeaderDecodedListener.java
com/bumptech/glide/load/resource/bitmap/
BitmapEncoder.java
com/bumptech/glide/load/resource/bitmap/
BitmapImageDecoderResourceDecoder.java
com/bumptech/glide/load/resource/bitmap/
DefaultImageHeaderParser.java
com/bumptech/glide/load/resource/bitmap/
Downsampler.java
com/bumptech/glide/load/resource/bitmap/
DrawableToBitmapConverter.java
com/bumptech/glide/load/resource/bitmap/
HardwareConfigState.java
com/bumptech/glide/load/resource/bitmap/
TransformationUtils.java
com/bumptech/glide/load/resource/bitmap/
VideoDecoder.java
com/bumptech/glide/load/resource/gif/
ByteBufferGifDecoder.java
com/bumptech/glide/load/resource/gif/
GifDrawableEncoder.java
com/bumptech/glide/load/resource/gif/
StreamGifDecoder.java
com/bumptech/glide/manager/
DefaultConnectivityMonitorFactory.java
com/bumptech/glide/manager/RequestTracker.java
com/bumptech/glide/manager/
SingletonConnectivityReceiver.java
com/bumptech/glide/module/ManifestParser.java
com/bumptech/glide/request/SingleRequest.java
com/bumptech/glide/request/target/CustomViewTarget.java
com/bumptech/glide/request/target/ViewTarget.java
com/bumptech/glide/signature/
ApplicationVersionSignature.java
com/bumptech/glide/util/ContentLengthInputStream.java
com/bumptech/glide/util/pool/FactoryPools.java
com/ctc/wstx/compat/QNameCreator.java
com/ctc/wstx/shaded/msv_core/datatype/regexp/REUtil.java
com/ctc/wstx/shaded/msv_core/datatype/regexp/
RangeToken.java
com/ctc/wstx/shaded/msv_core/driver/textui/
ReportErrorHandler.java
com/ctc/wstx/shaded/msv_core/reader/xmlschema/
XMLSchemaReader.java
com/ctc/wstx/shaded/msv_core/scanner/dtd/DTDParser.java
com/ctc/wstx/shaded/msv_core/verifier/Verifier.java
com/ctc/wstx/shaded/msv_core/verifier/identity/
NO ISSUE SEVERITY STANDARDS FILES
FieldMatcher.java
com/ctc/wstx/shaded/msv_core/verifier/identity/
FieldsMatcher.java
com/ctc/wstx/shaded/msv_core/verifier/identity/
IDConstraintChecker.java
com/ctc/wstx/shaded/msv_core/verifier/identity/
SelectorMatcher.java
com/ctc/wstx/shaded/msv_core/verifier/regexp/
ContentModelAcceptor.java
com/ctc/wstx/shaded/msv_core/verifier/regexp/
ExpressionAcceptor.java
com/ctc/wstx/shaded/msv_core/verifier/regexp/xmlschema/
XSAcceptor.java
com/ctc/wstx/shaded/msv_core/writer/relaxng/
PatternWriter.java
com/ctc/wstx/sw/EncodingXmlWriter.java
com/kyn/
EventAnalytics$triggerCustomMixPanelEvents$1.java
com/kyn/
EventAnalytics$triggerCustomMoengageEvents$1.java
com/kyn/EventAnalytics$updateAppFlyerEvent$2.java
com/kyn/EventAnalytics.java
com/kyn/MainActivity$navigateTo$1.java
com/kyn/MainActivity.java
com/kyn/adapters/HomeAdapterLatest.java
com/kyn/adapters/
ReportAdapter$loadMoreDataWhenPageEnds$1.java
com/kyn/adapters/ReportAdapter.java
com/kyn/auth/FirebaseHelper.java
com/kyn/custom/views/GenericBottomSheetFragment.java
com/kyn/data/SafeApiCallKt$safeApiCall$2.java
com/kyn/data/repository/
LiveStreamRepositoryImpl$fetchUpcomingLiveStreams$2.java
com/kyn/data/repository/
ProfileRepository$getPostsByUserId$2.java
com/kyn/data/repository/
ProfileRepository$getScheduledKlips$2.java
com/kyn/helpers/
AzureBlobStorageManager$uploadVideo$2.java
com/kyn/helpers/ImageManager.java
com/kyn/helpers/KynApplication$appsflyerDeeplink$1.java
com/kyn/helpers/KynApplication.java
com/kyn/interceptor/LoggingInterceptor.java
com/kyn/models/home/ContentActionsViewModel.java
com/kyn/network/Connectivity.java
com/kyn/network/RefreshTokenManager.java
com/kyn/network/RestClient.java
com/kyn/network/interceptor/
NetworkConnectivityInterceptor.java
com/kyn/network/interceptor/
SendSavedTokenInterceptor.java
com/kyn/network/interceptor/UnauthorizedInterceptor.java
com/kyn/notification/BlogByIdViewModel.java
com/kyn/notification/FirebaseMessageReceiver.java
com/kyn/notification/KlipsByIdViewModel.java
com/kyn/notification/MyInAppListener.java
com/kyn/notification/PostByIdViewModel.java
com/kyn/notification/VideoByIdViewModel.java
com/kyn/ui/Follower/
FollowerViewModel$getFollowers$1.java
com/kyn/ui/Follower/FollowerViewModel$getFollowing$1.java
com/kyn/ui/activity/BaseActivity.java
com/kyn/ui/campaign/CampaignViewmodel.java
NO ISSUE SEVERITY STANDARDS FILES
com/kyn/ui/campaign/CreateHashTagViewmodel.java
com/kyn/ui/campaign/
HashTagPageViewModel$onShareAction$1.java
com/kyn/ui/campaign/HashTagPageViewModel.java
com/kyn/ui/campaign/
HashtagPublish$initViewModelKlipsPublish$1.java
com/kyn/ui/campaign/
HashtagPublish$initViewModelPostPublish$1.java
com/kyn/ui/campaign/HashtagPublish.java
com/kyn/ui/campaign/HashtagViewModel.java
com/kyn/ui/campaign/HashtagViewModelVideoView.java
com/kyn/ui/categoryevents/CategoryEventsListFragment.java
com/kyn/ui/components/models/FollowerUiModelKt.java
com/kyn/ui/components/models/LikelistUiModelKt.java
com/kyn/ui/eventdetails/EventDetailsFragment.java
com/kyn/ui/fragments/BaseFragment.java
com/kyn/ui/home/
BottomSheetDialogReport$initViewModel$1.java
com/kyn/ui/home/
HomePageFragmentKt$TrackVisibility$1.java
com/kyn/ui/home/HomePageFragmentKt.java
com/kyn/ui/home/HomePageViewModel$verifyOtp$2.java
com/kyn/ui/home/HomePageViewModel.java
com/kyn/ui/home/ReportViewmodel.java
com/kyn/ui/home/
UsernameUpdateViewModel$updateDefaultLocation$1.java
com/kyn/ui/home/
UsernameUpdateViewModel$updateUserDetails$1.java
com/kyn/ui/home/UsernameUpdateViewModel.java
com/kyn/ui/interest/EditProfileCategoryBottomSheet.java
com/kyn/ui/interest/InterestScreenBottomSheet.java
com/kyn/ui/interest/InterestScreenViewmodel.java
com/kyn/ui/klips/KlipListViewModel$onShareAction$2.java
com/kyn/ui/klips/KlipListViewModel$preCacheVideo$2.java
com/kyn/ui/klips/KlipListViewModel.java
com/kyn/ui/location/
AddLocationScreen$initViewModelLocation$1.java
com/kyn/ui/location/AddLocationScreen.java
com/kyn/ui/location/LocationScreenViewmodel.java
com/kyn/ui/location/presentation/viewmodel/
LocationViewModel$upsertGuestUserLocation$2.java
com/kyn/ui/location/presentation/viewmodel/
LocationViewModel$upsertRegisteredUserLocation$2.java
com/kyn/ui/login/LoginActivitityViewmodel.java
com/kyn/ui/login/LoginViewModel$createFCMToken$1.java
com/kyn/ui/login/LoginViewModel$createLogin$1.java
com/kyn/ui/login/LoginViewModel$fetchAdvertisingId$1.java
com/kyn/ui/login/LoginViewModel$verifyOtp$1.java
com/kyn/ui/login/LoginViewModel.java
com/kyn/ui/notices/viewmodel/
BlogDetailViewModel$onShareAction$2.java
com/kyn/ui/notices/viewmodel/BlogDetailViewModel.java
com/kyn/ui/postdetails/
PostDetailsViewModel$onShareAction$2.java
com/kyn/ui/postdetails/PostDetailsViewModel.java
com/kyn/ui/profile/BlogDeleteViewModel.java
com/kyn/ui/profile/
EditProfileActivity$initUsernameSuggestionsViewModel$1.java
com/kyn/ui/profile/EditProfileActivity.java
com/kyn/ui/profile/KlipsDeleteViewModel.java
com/kyn/ui/profile/PostDeleteViewModel.java
com/kyn/ui/profile/ProfileViewModel.java
com/kyn/ui/profile/VideoDeleteViewModel.java
NO ISSUE SEVERITY STANDARDS FILES
com/kyn/ui/profile/presentation/
ProfileFragment$observeNavigation$1.java
com/kyn/ui/profile/viewmodel/
ProfileViewModel$onShareAction$1.java
com/kyn/ui/profile/viewmodel/ProfileViewModel.java
com/kyn/ui/register/RegisterActivityViewmodel.java
com/kyn/ui/register/UsernameSuggestionsViewModel.java
com/kyn/ui/search/viewmodel/
SearchViewModel$fetchSearchData$1.java
com/kyn/ui/search/viewmodel/
SearchViewModel$onShareAction$2.java
com/kyn/ui/search/viewmodel/SearchViewModel.java
com/kyn/ui/settings/DeleteAccountViewModel.java
com/kyn/ui/settings/KYNFluencerActivity.java
com/kyn/ui/settings/SettingsActivity.java
com/kyn/ui/settings/viewmodel/
SettingsViewModel$createFCMRegister$1.java
com/kyn/ui/settings/viewmodel/
SettingsViewModel$initViewModelFcmRegister$1.java
com/kyn/ui/settings/viewmodel/SettingsViewModel.java
com/kyn/ui/video/VideoDetailViewModel.java
com/kyn/ui/video/VideoViewmodel.java
com/kyn/ui/video/kyn_live/ViewModelKynLive.java
com/kyn/ui/video/kyn_live/viewmodel/
LiveStreamViewModel.java
com/kyn/ui/video/videos/VideoCategoryViewModel.java
com/kyn/ui/video/videos/viewmodel/
VideoListViewModel$fetchVideosByCategories$1.java
com/kyn/ui/video/videos/viewmodel/
VideoListViewModel$onShareAction$2.java
com/kyn/ui/video/videos/viewmodel/
VideoListViewModel.java
com/kyn/ui/video/view_all_videos/viewmodel/
ViewAllVideosViewModel$onShareAction$2.java
com/kyn/ui/video/view_all_videos/viewmodel/
ViewAllVideosViewModel.java
com/kyn/utils/AppLogger.java
com/kyn/utils/CommonUtils.java
com/kyn/utils/SimpleExoPlayerCache.java
com/kyn/viewmodel/MainActivitityViewmodel.java
com/kyn/viewmodel/
MainViewModel$fetchAdvertisingId$1.java
com/kyn/viewmodel/
MainViewModel$fetchDefaultGuestUserToken$1.java
com/kyn/viewmodel/MainViewModel.java
com/microsoft/azure/storage/core/Logger.java
com/miui/referrer/commons/LogUtils.java
com/mixpanel/android/mpmetrics/AnalyticsMessages.java
com/mixpanel/android/mpmetrics/ConfigurationChecker.java
com/mixpanel/android/mpmetrics/MPConfig.java
com/mixpanel/android/mpmetrics/MPDbAdapter.java
com/mixpanel/android/mpmetrics/MixpanelAPI.java
com/mixpanel/android/mpmetrics/PersistentIdentity.java
com/mixpanel/android/mpmetrics/ResourceReader.java
com/mixpanel/android/mpmetrics/SessionMetadata.java
com/mixpanel/android/mpmetrics/SystemInformation.java
com/mixpanel/android/util/HttpService.java
com/mixpanel/android/util/MPLog.java
com/moengage/core/internal/logger/LogUtilKt.java
com/moengage/datatype/MOEDatetime.java
com/mux/stats/sdk/muxstats/MuxBaseExoPlayer.java
defpackage/FileDownloadCallback.java
io/grpc/android/AndroidChannelBuilder.java
NO ISSUE SEVERITY STANDARDS FILES
io/grpc/okhttp/internal/Platform.java
io/netty/util/Version.java
io/netty/util/internal/logging/MessageFormatter.java
junit/runner/BaseTestRunner.java
junit/runner/Version.java
junit/textui/TestRunner.java
org/slf4j/helpers/Util.java
reactor/netty/internal/shaded/reactor/pool/
SimpleDequePool.java
3 This App uses secure OWASP Show Files Suppress
SSL certificate MASVS: com/kyn/di/NetworkModule.java android_s
pinning to MSTG- com/kyn/network/RestClient.java com.thep
detect or NETWORK-4 io/grpc/okhttp/OkHttpChannelBuilder.java Suppress
prevent MITM io/grpc/okhttp/OkHttpServerBuilder.java android_s
attacks in io/grpc/util/AdvancedTlsX509TrustManager.java com.thep
secure io/netty/handler/ssl/JdkSslClientContext.java these file
communication io/netty/handler/ssl/JdkSslServerContext.java
channel. io/netty/handler/ssl/
ReferenceCountedOpenSslClientContext.java
io/netty/handler/ssl/
ReferenceCountedOpenSslServerContext.java
io/netty/handler/ssl/SslContext.java
io/netty/handler/ssl/util/FingerprintTrustManagerFactory.java
io/netty/handler/ssl/util/
FingerprintTrustManagerFactoryBuilder.java
4 Debug high CWE: com/kyn/config/BuildConfig.java Suppress
configuration CWE-919: android_a
enabled. Weaknesses in com.th
Production in Mobile Suppress
builds must not Applications android_a
be debuggable. OWASP Top in com.th
10: M1: from thes
Improper
Platform
Usage
OWASP
MASVS:
MSTG-
RESILIENCE-2
5 The App uses warning CWE: Show Files Suppress
an insecure CWE-330: Use com/amplitude/core/utilities/EventsFileManager.java android_i
Random of com/appsflyer/internal/AFb1gSDK.java com.thep
Number Insufficiently com/appsflyer/internal/AFc1iSDK.java Suppress
Generator. Random com/microsoft/azure/storage/RetryExponentialRetry.java android_i
Values com/mux/stats/sdk/core/util/UUID.java com.thep
OWASP Top io/grpc/internal/DnsNameResolver.java these file
10: M5: io/grpc/internal/ExponentialBackoffPolicy.java
Insufficient io/grpc/internal/PickFirstLoadBalancer.java
Cryptography io/grpc/internal/RetriableStream.java
OWASP io/grpc/okhttp/OkHttpClientTransport.java
MASVS: io/grpc/util/OutlierDetectionLoadBalancer.java
MSTG- io/grpc/util/RoundRobinLoadBalancer.java
CRYPTO-6 io/netty/handler/ssl/util/ThreadLocalInsecureRandom.java
io/netty/util/internal/PlatformDependent.java
io/netty/util/internal/ThreadLocalRandom.java
org/junit/runner/manipulation/Ordering.java
reactor/netty/internal/shaded/reactor/pool/introspection/
SamplingAllocationStrategy.java
6 App creates warning CWE: Show Files Suppress
temp file. CWE-276: io/netty/handler/codec/http/multipart/ android_t
Sensitive Incorrect AbstractDiskHttpData.java com.thep
NO ISSUE SEVERITY STANDARDS FILES
information Default io/netty/handler/ssl/util/SelfSignedCertificate.java Suppress
should never Permissions io/netty/util/internal/NativeLibraryLoader.java android_t
be written into OWASP Top io/netty/util/internal/PlatformDependent.java com.thep
a temp file. 10: M2: org/junit/rules/TemporaryFolder.java these file
Insecure Data
Storage
OWASP
MASVS:
MSTG-
STORAGE-2
7 IP Address warning CWE: Show Files Suppress
disclosure CWE-200: com/azure/storage/common/implementation/ android_i
Information connectionstring/StorageEmulatorConnectionString.java com.thep
Exposure com/microsoft/azure/storage/CloudStorageAccount.java Suppress
OWASP io/grpc/okhttp/OkHttpClientTransport.java android_i
MASVS: io/grpc/okhttp/OkHttpServerTransport.java com.thep
MSTG- io/netty/channel/epoll/LinuxSocket.java these file
CODE-2 io/netty/handler/codec/http2/HttpConversionUtil.java
io/netty/handler/codec/socksx/v4/Socks4ServerDecoder.java
io/netty/handler/codec/socksx/v5/
Socks5CommandRequestDecoder.java
io/netty/handler/ssl/util/
OpenJdkSelfSignedCertGenerator.java
io/netty/resolver/dns/
DefaultDnsServerAddressStreamProvider.java
8 MD5 is a weak warning CWE: Show Files Suppress
hash known to CWE-327: Use com/azure/storage/common/implementation/ in com.th
have hash of a Broken or UploadUtils.java Suppress
collisions. Risky com/microsoft/azure/storage/blob/BlobInputStream.java in com.th
Cryptographic com/microsoft/azure/storage/blob/BlobOutputStream.java from thes
Algorithm com/microsoft/azure/storage/blob/CloudPageBlob.java
OWASP Top com/microsoft/azure/storage/core/Utility.java
10: M5: com/microsoft/azure/storage/file/CloudFile.java
Insufficient com/microsoft/azure/storage/file/FileInputStream.java
Cryptography com/microsoft/azure/storage/file/FileOutputStream.java
OWASP io/netty/handler/codec/http/websocketx/WebSocketUtil.java
MASVS:
MSTG-
CRYPTO-4
9 SHA-1 is a warning CWE: io/netty/handler/codec/http/websocketx/WebSocketUtil.java Suppress
weak hash CWE-327: Use in com.th
known to have of a Broken or Suppress
hash collisions. Risky in com.th
Cryptographic from thes
Algorithm
OWASP Top
10: M5:
Insufficient
Cryptography
OWASP
MASVS:
MSTG-
CRYPTO-4
10 App uses warning CWE: Show Files Suppress
SQLite CWE-89: com/mixpanel/android/mpmetrics/MPDbAdapter.java android_s
Database and Improper com/moengage/core/internal/storage/database/ com.thep
execute raw Neutralization BaseDao.java Suppress
SQL query. of Special com/moengage/core/internal/storage/database/ android_s
Untrusted user Elements DatabaseHelper.java com.thep
input in raw used in an com/moengage/core/internal/storage/database/ these file
SQL queries SQL DatabaseUtilsKt.java
NO ISSUE SEVERITY STANDARDS FILES
can cause SQL Command
Injection. Also ('SQL
sensitive Injection')
information OWASP Top
should be 10: M7: Client
encrypted and Code Quality
written to the
database.
11 App can read/ warning CWE: Show Files Suppress
write to CWE-276: com/kyn/helpers/AzureBlobStorageManager.java android_r
External Incorrect com/kyn/ui/campaign/HashtagPublish.java com.thep
Storage. Any Default com/kyn/ui/create/CreateContentFragment.java Suppress
App can read Permissions com/kyn/ui/profile/EditProfileActivity.java android_r
data written to OWASP Top com/kyn/ui/profile/presentation/EditProfileFragment.java com.thep
External 10: M2: com/kyn/utils/CommonUtils.java these file
Storage. Insecure Data
Storage
OWASP
MASVS:
MSTG-
STORAGE-2
12 This App info OWASP com/moengage/core/internal/utils/CoreUtils.java Suppress
copies data to MASVS: android_c
clipboard. MSTG- com.thep
Sensitive data STORAGE-10 Suppress
should not be android_c
copied to com.thep
clipboard as these file
other
applications
can access it.
13 App can write info CWE: com/amplitude/android/utilities/AndroidStorage.java Suppress
to App CWE-276: android_w
Directory. Incorrect com.thep
Sensitive Default Suppress
Information Permissions android_w
should be OWASP com.thep
encrypted. MASVS: these file
MSTG-
STORAGE-14

Java 17 Backend Development: Design backend systems using Spring Boot, Docker, Kafka, Eureka, Redis, and Tomcat
From Everand
Java 17 Backend Development: Design backend systems using Spring Boot, Docker, Kafka, Eureka, Redis, and Tomcat
Elara Drevyn
No ratings yet
Java Algorithms for Beginners: A Practical Guide with Examples
From Everand
Java Algorithms for Beginners: A Practical Guide with Examples
William E. Clark
No ratings yet
Node.js Design Patterns - Second Edition
From Everand
Node.js Design Patterns - Second Edition
Mario Casciaro
4.5/5 (4)
Scaling Apache Solr
From Everand
Scaling Apache Solr
Hrishikesh Vijay Karambelkar
No ratings yet
Object-Oriented JavaScript - Third Edition
From Everand
Object-Oriented JavaScript - Third Edition
Stoyan Stefanov
4/5 (1)
Learning Selenium Testing Tools - Third Edition
From Everand
Learning Selenium Testing Tools - Third Edition
Raghavendra Prasad MG
No ratings yet
Java SE 21 Developer Study Guide
From Everand
Java SE 21 Developer Study Guide
Esteban Herrera
5/5 (1)
OCP: Java SE 17 Developer Study Guide
From Everand
OCP: Java SE 17 Developer Study Guide
Esteban Herrera
No ratings yet
Mastering Edge Computing: Scalable Application Development with Azure
From Everand
Mastering Edge Computing: Scalable Application Development with Azure
Peter Jones
No ratings yet
Mastering Java: A Comprehensive Guide to Programming Excellence Category
From Everand
Mastering Java: A Comprehensive Guide to Programming Excellence Category
Kameron Hussain
No ratings yet
Mastering JVM Performance Tuning and Optimization: Unlock the Secrets of Expert-Level Skills
From Everand
Mastering JVM Performance Tuning and Optimization: Unlock the Secrets of Expert-Level Skills
Larry Jones
No ratings yet
The JVM Handbook: A Developer’s Guide to Java Virtual Machine
From Everand
The JVM Handbook: A Developer’s Guide to Java Virtual Machine
Robert Johnson
No ratings yet
JDK Tutorials - Herong's Tutorial Examples
From Everand
JDK Tutorials - Herong's Tutorial Examples
Herong Yang
No ratings yet
Java Performance Optimization: From Basics to Expert Proficiency
From Everand
Java Performance Optimization: From Basics to Expert Proficiency
William Smith
No ratings yet
Java Performance Optimization: Expert Strategies for Enhancing JVM Efficiency
From Everand
Java Performance Optimization: Expert Strategies for Enhancing JVM Efficiency
Adam Jones
No ratings yet
Mastering Efficient Memory Management in Java: Unlock the Secrets of Expert-Level Skills
From Everand
Mastering Efficient Memory Management in Java: Unlock the Secrets of Expert-Level Skills
Larry Jones
No ratings yet
Java Concurrency and Multithreading: Unlock the Secrets of Expert-Level Skills
From Everand
Java Concurrency and Multithreading: Unlock the Secrets of Expert-Level Skills
Larry Jones
No ratings yet
Java Programming for Beginners: Programming
From Everand
Java Programming for Beginners: Programming
Stephanie Mwaniki
No ratings yet
Tomcat 6 Developer's Guide
From Everand
Tomcat 6 Developer's Guide
Damodar Chetty
4/5 (1)
Mastering SaltStack
From Everand
Mastering SaltStack
Joseph Hall
No ratings yet
Java Exception Handling Demystified: A Practical Guide with Examples
From Everand
Java Exception Handling Demystified: A Practical Guide with Examples
William E. Clark
No ratings yet
Learning Yeoman
From Everand
Learning Yeoman
Jonathan Spratley
No ratings yet
Java Fundamentals Made Easy: A Practical Guide with Examples
From Everand
Java Fundamentals Made Easy: A Practical Guide with Examples
William E. Clark
No ratings yet
IGNOU PGDCA MCS 206 Object Oriented Programming using Java Previous Years solved Papers
From Everand
IGNOU PGDCA MCS 206 Object Oriented Programming using Java Previous Years solved Papers
Manish Soni
No ratings yet
Mastering Core Java: From Basics to Expert Proficiency
From Everand
Mastering Core Java: From Basics to Expert Proficiency
William Smith
No ratings yet
JavaScript for .NET Developers
From Everand
JavaScript for .NET Developers
Ovais Mehboob Ahmed Khan
No ratings yet
Enterprise Application Development with Ext JS and Spring
From Everand
Enterprise Application Development with Ext JS and Spring
Gerald Gierer
No ratings yet
Mastering Java Reflection and Metaprogramming: Unlock the Secrets of Expert-Level Skills
From Everand
Mastering Java Reflection and Metaprogramming: Unlock the Secrets of Expert-Level Skills
Larry Jones
No ratings yet
Mastering Java Concurrency: Threads, Synchronization, and Parallel Processing
From Everand
Mastering Java Concurrency: Threads, Synchronization, and Parallel Processing
Peter Jones
No ratings yet
Tomcat Administration and Deployment: Definitive Reference for Developers and Engineers
From Everand
Tomcat Administration and Deployment: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
Object-Oriented Programming Made Simple: A Practical Guide with Java Examples
From Everand
Object-Oriented Programming Made Simple: A Practical Guide with Java Examples
William E. Clark
No ratings yet
Targets
No ratings yet
Targets
11 pages
Oracle Coherence 3.5
From Everand
Oracle Coherence 3.5
Aleksandar Seovic
4/5 (1)
WildFly Configuration, Deployment, and Administration - Second Edition
From Everand
WildFly Configuration, Deployment, and Administration - Second Edition
Christopher Ritchie
No ratings yet
DWR Java AJAX Applications
From Everand
DWR Java AJAX Applications
Sami Salkosuo
No ratings yet
PyQt6 101: A Beginner’s guide to PyQt6
From Everand
PyQt6 101: A Beginner’s guide to PyQt6
Edward Chang
No ratings yet
JavaScript. A Comprehensive manual for creating dynamic, responsive websites and applications: Suitable For Both Novice And Experts.
From Everand
JavaScript. A Comprehensive manual for creating dynamic, responsive websites and applications: Suitable For Both Novice And Experts.
Abdulrazak Nugwa Ibrahim
5/5 (1)
Sodapdf
No ratings yet
Sodapdf
1 page
Getting Started with Oracle WebLogic Server 12c: Developer’s Guide
From Everand
Getting Started with Oracle WebLogic Server 12c: Developer’s Guide
Fabio Mazanatti Nunes
No ratings yet
The Ultimate Django Guide: From Beginner to Advanced Web Development
From Everand
The Ultimate Django Guide: From Beginner to Advanced Web Development
Jiho Seok
No ratings yet
Django Unleashed: Building Web Applications with Python's Framework
From Everand
Django Unleashed: Building Web Applications with Python's Framework
Kameron Hussain
No ratings yet
Java EE 7 Development with WildFly
From Everand
Java EE 7 Development with WildFly
Francesco Marchioni
No ratings yet
Java OOP Simplified: A Practical Guide with Examples
From Everand
Java OOP Simplified: A Practical Guide with Examples
William E. Clark
No ratings yet
IGNOU BCA Object-Oriented Technologies and Java Programming Previous Year Solved Papers MCS 024
From Everand
IGNOU BCA Object-Oriented Technologies and Java Programming Previous Year Solved Papers MCS 024
Manish Soni
No ratings yet
Mastering Java Generics: Type Safety and Performance
From Everand
Mastering Java Generics: Type Safety and Performance
Peter Jones
No ratings yet
Mastering Java Concurrency: Essential Techniques
From Everand
Mastering Java Concurrency: Essential Techniques
Ed A Norex
No ratings yet
JAVA PROGRAMMING FOR BEGINNERS: Master Java Fundamentals and Build Your Own Applications (2023 Crash Course)
From Everand
JAVA PROGRAMMING FOR BEGINNERS: Master Java Fundamentals and Build Your Own Applications (2023 Crash Course)
Theo Houle
No ratings yet
Java 17 Backend Development
From Everand
Java 17 Backend Development
Elara Drevyn
No ratings yet
Java Programming: 24-Hour Trainer
From Everand
Java Programming: 24-Hour Trainer
Yakov Fain
No ratings yet
Java Programming
From Everand
Java Programming
Brian Evenson
No ratings yet
GlassFish Administration
From Everand
GlassFish Administration
Xuekun Kou
No ratings yet
Next.js: Navigating the Future of Web Development
From Everand
Next.js: Navigating the Future of Web Development
Kameron Hussain
No ratings yet
ReadMe Manuel Functions
No ratings yet
ReadMe Manuel Functions
6 pages
JavaScript Unleashed: Harnessing the Power of Web Scripting
From Everand
JavaScript Unleashed: Harnessing the Power of Web Scripting
Kameron Hussain
No ratings yet
Modern Programming in Java
From Everand
Modern Programming in Java
Akhilesh Ghritlahare
No ratings yet
Sinon.js Essentials: Definitive Reference for Developers and Engineers
From Everand
Sinon.js Essentials: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
Modular Programming with JavaScript: Modularize your JavaScript code for better readability, greater maintainability, and enhanced testability
From Everand
Modular Programming with JavaScript: Modularize your JavaScript code for better readability, greater maintainability, and enhanced testability
Sasan Seydnejad
No ratings yet
Java Data Structures Explained: A Practical Guide with Example
From Everand
Java Data Structures Explained: A Practical Guide with Example
William E. Clark
No ratings yet
How to a Developers Guide to 4k: Developer edition, #3
From Everand
How to a Developers Guide to 4k: Developer edition, #3
Xinc Cyberwizard
No ratings yet
Mastering the Craft of JAVA Programming: Unraveling the Secrets of Expert-Level Programming
From Everand
Mastering the Craft of JAVA Programming: Unraveling the Secrets of Expert-Level Programming
Steve Jones
No ratings yet
CA v1.0 Skills Assessment
No ratings yet
CA v1.0 Skills Assessment
4 pages
Research Group 7.docx Final 1
No ratings yet
Research Group 7.docx Final 1
23 pages
Evidence-Based Security: Christopher Frenz & Jonathan Reiber
100% (2)
Evidence-Based Security: Christopher Frenz & Jonathan Reiber
45 pages
Detect & Respond To Ransomware With Veeam ONE
No ratings yet
Detect & Respond To Ransomware With Veeam ONE
21 pages
Dahua Campus Safety Management Solution
No ratings yet
Dahua Campus Safety Management Solution
30 pages
Authentication Mechanisms
No ratings yet
Authentication Mechanisms
2 pages
Impact of Digital Payments New FINAL
No ratings yet
Impact of Digital Payments New FINAL
57 pages
Syllabus VPN
No ratings yet
Syllabus VPN
8 pages
The Texas Cybersecurity Framework and Information Security Plans
No ratings yet
The Texas Cybersecurity Framework and Information Security Plans
42 pages
100percent Updated 1
No ratings yet
100percent Updated 1
13 pages
FO8 Audit Report - 27001 2022 - v4.0
No ratings yet
FO8 Audit Report - 27001 2022 - v4.0
31 pages
Privileged Access Security Data Sheet PDF
No ratings yet
Privileged Access Security Data Sheet PDF
2 pages
TWD Venture A4 10
No ratings yet
TWD Venture A4 10
19 pages
The Dark Web and Cybercrime: Identifying Threats and Anticipating Emerging Trends
No ratings yet
The Dark Web and Cybercrime: Identifying Threats and Anticipating Emerging Trends
14 pages
Aanand Kumar Yadav
No ratings yet
Aanand Kumar Yadav
15 pages
CSI Linux - Connecting To Tor
No ratings yet
CSI Linux - Connecting To Tor
3 pages
ISF - Threat Horizon 2024 - Executive Summary
No ratings yet
ISF - Threat Horizon 2024 - Executive Summary
4 pages
Cyber Security Diploma Outlines
No ratings yet
Cyber Security Diploma Outlines
3 pages
infoPLC Net 04-Rockwell-Automation
No ratings yet
infoPLC Net 04-Rockwell-Automation
33 pages
Phone Script - T Mobile 5
No ratings yet
Phone Script - T Mobile 5
5 pages
User Management in RedHat Linux
100% (1)
User Management in RedHat Linux
6 pages
Blockchain Syllabus - Sem VII - Mumbai University
No ratings yet
Blockchain Syllabus - Sem VII - Mumbai University
3 pages
Ahmed Wahba Ebrahim - Resume
No ratings yet
Ahmed Wahba Ebrahim - Resume
2 pages
Ds Web Gateway Reverse Proxy
No ratings yet
Ds Web Gateway Reverse Proxy
3 pages
Syber Crime
No ratings yet
Syber Crime
6 pages
IELTS Problem Solution Essays
No ratings yet
IELTS Problem Solution Essays
6 pages
Investigatory Project by Rajat Chaudhary
No ratings yet
Investigatory Project by Rajat Chaudhary
30 pages
Cybersecurity Aviation
100% (1)
Cybersecurity Aviation
16 pages
Bolt - New Technical Implementation Explained
No ratings yet
Bolt - New Technical Implementation Explained
12 pages
Prelim Exam - Attempt Review
No ratings yet
Prelim Exam - Attempt Review
14 pages

Static Analysis

Uploaded by

Static Analysis

Uploaded by

NO ISSUE SEVERITY STANDARDS FILES

1 Files may warning CWE: Show Files Suppress

You might also like