You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Annotation properties could be considered safe.
This will remove a couple of FP that occurs while scanning framework that evaluate expression in annotations.
h3xstream
added a commit
to h3xstream/find-sec-bugs
that referenced
this issue
Aug 7, 2017
Path traversal is one of the detector that can cause a large number of false positive.
Here is a list of API that are safe value to construct a path or filename from.
System.getProperty()
Calendar.getInstance().get(Calendar.YEAR);
/Calendar.getInstance().get(Calendar.MONTH);
/ ...UUID.randomUUID().toString()
File.createTempFile()
Files.createTempDirectory()
System.currentTimeMillis()
System.nanoTime()
TODO :
The text was updated successfully, but these errors were encountered: