You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The list below presents the 10 most relevant findings that need your attention. To view information on the remaining findings, navigate to the Mend Application.
I've been working on assessing and addressing these issues on the feature/hardening branch.
Some of these issues are false-positives, some are issues that require changes to address correctly.
mend-for-github-combot
changed the title
Code Security Report: 12 high severity findings, 22 total findings
Code Security Report: 6 high severity findings, 16 total findings
May 31, 2024
Code Security Report
Scan Metadata
Latest Scan: 2024-05-31 07:55pm
Total Findings: 16 | New Findings: 3 | Resolved Findings: 1
Tested Project Files: 22
Detected Programming Languages: 1 (C/C++ (Beta))
Most Relevant Findings
CWE-787
openseachest_util_options.c:3323
Vulnerable Code
openSeaChest/src/openseachest_util_options.c
Lines 3318 to 3323 in c512193
32 Data Flow/s detected
View Data Flow 1
openSeaChest/src/openseachest_util_options.c
Line 3323 in c512193
View Data Flow 2
openSeaChest/src/openseachest_util_options.c
Line 3323 in c512193
View Data Flow 3
openSeaChest/src/openseachest_util_options.c
Line 3323 in c512193
View more Data Flows
Secure Code Warrior Training Material
● Training
▪ Secure Code Warrior Out of Buffer Bounds Write Training
● Videos
▪ Secure Code Warrior Out of Buffer Bounds Write Video
CWE-121
openseachest_util_options.c:3323
Vulnerable Code
openSeaChest/src/openseachest_util_options.c
Lines 3318 to 3323 in c512193
32 Data Flow/s detected
View Data Flow 1
openSeaChest/src/openseachest_util_options.c
Line 3287 in c512193
openSeaChest/src/openseachest_util_options.c
Line 3315 in c512193
openSeaChest/src/openseachest_util_options.c
Line 3323 in c512193
View Data Flow 2
openSeaChest/src/openseachest_util_options.c
Line 3287 in c512193
openSeaChest/src/openseachest_util_options.c
Line 3315 in c512193
openSeaChest/src/openseachest_util_options.c
Line 3323 in c512193
View Data Flow 3
openSeaChest/src/openseachest_util_options.c
Line 3287 in c512193
openSeaChest/src/openseachest_util_options.c
Line 3315 in c512193
openSeaChest/src/openseachest_util_options.c
Line 3323 in c512193
View more Data Flows
Secure Code Warrior Training Material
● Training
▪ Secure Code Warrior Buffer Overflow Training
● Videos
▪ Secure Code Warrior Buffer Overflow Video
CWE-22
openSeaChest_Format.c:461
Vulnerable Code
openSeaChest/utils/C/openSeaChest/openSeaChest_Format.c
Lines 456 to 461 in c512193
1 Data Flow/s detected
openSeaChest/utils/C/openSeaChest/openSeaChest_Format.c
Line 446 in c512193
openSeaChest/utils/C/openSeaChest/openSeaChest_Format.c
Line 460 in c512193
openSeaChest/utils/C/openSeaChest/openSeaChest_Format.c
Line 461 in c512193
Secure Code Warrior Training Material
● Training
▪ Secure Code Warrior Path/Directory Traversal Training
● Videos
▪ Secure Code Warrior Path/Directory Traversal Video
● Further Reading
▪ OWASP Path Traversal
▪ OWASP Input Validation Cheat Sheet
CWE-22
openSeaChest_Format.c:460
Vulnerable Code
openSeaChest/utils/C/openSeaChest/openSeaChest_Format.c
Lines 455 to 460 in c512193
1 Data Flow/s detected
openSeaChest/utils/C/openSeaChest/openSeaChest_Format.c
Line 446 in c512193
openSeaChest/utils/C/openSeaChest/openSeaChest_Format.c
Line 460 in c512193
Secure Code Warrior Training Material
● Training
▪ Secure Code Warrior Path/Directory Traversal Training
● Videos
▪ Secure Code Warrior Path/Directory Traversal Video
● Further Reading
▪ OWASP Path Traversal
▪ OWASP Input Validation Cheat Sheet
CWE-22
openSeaChest_Erase.c:788
Vulnerable Code
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Lines 783 to 788 in c512193
1 Data Flow/s detected
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 776 in c512193
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 787 in c512193
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 788 in c512193
Secure Code Warrior Training Material
● Training
▪ Secure Code Warrior Path/Directory Traversal Training
● Videos
▪ Secure Code Warrior Path/Directory Traversal Video
● Further Reading
▪ OWASP Path Traversal
▪ OWASP Input Validation Cheat Sheet
CWE-22
openSeaChest_Erase.c:787
Vulnerable Code
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Lines 782 to 787 in c512193
1 Data Flow/s detected
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 776 in c512193
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 787 in c512193
Secure Code Warrior Training Material
● Training
▪ Secure Code Warrior Path/Directory Traversal Training
● Videos
▪ Secure Code Warrior Path/Directory Traversal Video
● Further Reading
▪ OWASP Path Traversal
▪ OWASP Input Validation Cheat Sheet
CWE-244
openseachest_util_options.c:3822
Vulnerable Code
openSeaChest/src/openseachest_util_options.c
Line 3822 in c512193
Secure Code Warrior Training Material
CWE-244
openSeaChest_Erase.c:1097
Vulnerable Code
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 1097 in c512193
Secure Code Warrior Training Material
CWE-244
openSeaChest_Erase.c:1089
Vulnerable Code
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 1089 in c512193
Secure Code Warrior Training Material
CWE-244
openSeaChest_Erase.c:1917
Vulnerable Code
openSeaChest/utils/C/openSeaChest/openSeaChest_Erase.c
Line 1917 in c512193
Secure Code Warrior Training Material
Findings Overview
The text was updated successfully, but these errors were encountered: