Medium
Showing all detectors for the TypeScript language with medium severity.
An integer overflow might cause security issues when it is used for resource management or execution control.
Use of new Function()
can be dangerous if used to evaluate dynamic content.
Missing pagination on a paginated call can lead to inaccurate results.
Overriding environment variables that are reserved by AWS Lambda might lead to unexpected behavior.
Cross-origin resource sharing policies that are too permissive could lead to security vulnerabilities.
Improper input validation can enable attacks and lead to unwanted behavior.
Checks if nan is used is comparison.
An object attribute constructed from a user-provided input should not be passed directly to a method.
Using pseudorandom number generators (PRNGs) is security-sensitive.
Swallowing exceptions, without rethrowing or logging them, can make it hard to understand why your application is failing.
New Object() has been used for object creation instead of {}.
Hardcoding an IP address can cause security problems.
Improper filtering of Amazon Machine Images (AMIs) can result in loading an untrusted image, which is a potential security vulnerability.
Obsolete, broken, or weak hashing algorithms can lead to security vulnerabilities.
An improper buffer read operation might lead to a BufferOverflowException
.
Type confusion occurs when an application accesses a resource using a type that is incompatible with its original type.
A batch request that doesn't check for failed items can lead to loss of data.
Insecure ways of creating temporary files and directories can lead to race conditions, privilege escalation, and other security vulnerabilities.
A batch request that doesn't check for failed records can lead to loss of data.
The elevated privilege level should be dropped immediately after the operation is performed.
Checks if the extension of a file uploaded by a user is validated before the file is saved.
Allocated resources are not released properly.
To always return the subscription ARN, set the ReturnSubscriptionArn
argument to True
.
Updating object attributes obtained from external sources is security sensitive.
Failing to set the AuthenticateOnUnsubscribe
flag to True
when confirming an SNS subscription can lead to unauthenticated cancellations.
Do not fetch sensitive information from a GET request.
Do not bind the SNS Publish operation with the SNS Subscribe or Create Topic operation.
Stack traces can be hard to use for debugging.
Allowing hidden files while serving files from a given root directory can cause information leakage.
Checks for lazy module loading.
The software does not restrict or incorrectly restrict access to a resource from an unauthorized actor.
Encryption that is dependent on conditional logic, such as an if...then
clause, might cause unencrypted sensitive data to be stored.
Recreating AWS clients in each Lambda function invocation is expensive.