High
Showing all detectors for the Ruby language with high severity.
User input may run unintended SQL commands.
Potentially dividing by zero without proper handling.
Issue found with request.get?
block, potential unexpected behavior.
The credentials provided are not adequately protected against security threats.
Neglecting sensitive information can lead to severe data leaks and breaches.
User input is deserialized.
Input from the user may be logged, giving false data.
Objects that parse or handle XML can lead to XML External Entity (XXE) attacks when misconfigured.
User input may lead to opening unintended files.
Hardcoded download and writing of potentially harmful file.
Possible unintended system commands could be executed through user input.
Improper neutralization of input during web page generation ('Cross-site Scripting')
Non-static variables used to open files.
Improper input validation can lead to security vulnerabilities and data breaches.
Stack trace shows software architecture.
Lack of validation of a security certificate can lead to host impersonation and sensitive data leaks.
External Control of File Name or Path.
Setting potentially harmful access rights
User input decides output information.