diff --git a/CHANGELOG.md b/CHANGELOG.md index 727e2ad..76ab452 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [0.6.2] - 2024-05-15 + +### Changed + +- Remove debug information from semgrep decoding + ## [0.6.1] - 2024-05-15 ### Changed diff --git a/pkg/artifacts/v1/semgrep.go b/pkg/artifacts/v1/semgrep.go index db8b8e1..182e9cf 100644 --- a/pkg/artifacts/v1/semgrep.go +++ b/pkg/artifacts/v1/semgrep.go @@ -2,7 +2,6 @@ package artifacts import ( "fmt" - "log/slog" "strings" ) @@ -70,7 +69,6 @@ func (s *SemgrepResults) ShortCheckID() string { } func (s *SemgrepMetadata) OwaspIDs() string { - slog.Info(s.Shortlink, "type", fmt.Sprintf("%T", s.Owasp)) switch v := s.Owasp.(type) { case string: return v diff --git a/test/semgrep-sast-report.json b/test/semgrep-sast-report.json index 5e7d24a..9c24e7f 100644 --- a/test/semgrep-sast-report.json +++ b/test/semgrep-sast-report.json @@ -1 +1 @@ -{"errors": [{"code": 3, "level": "warn", "message": "Syntax error at line Dockerfile:34:\n `--from=installer` was unexpected", "path": "Dockerfile", "spans": [{"end": {"col": 22, "line": 34}, "file": "Dockerfile", "start": {"col": 6, "line": 34}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_3.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = ? AND password = ? AND deletedAt IS NULL`,\n { replacements: [ req.body.email, req.body.password ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_3.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_4.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n if (req.body.email.match(/.*['-;].*/) || req.body.password.match(/.*['-;].*/)) {\n res.status(451).send(res.__('SQL Injection detected.'))\n }\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_4.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_2.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: false })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_2.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/tokenSaleChallenge_2.ts:19:\n `]` was unexpected", "path": "data/static/codefixes/tokenSaleChallenge_2.ts", "spans": [{"end": {"col": 2, "line": 19}, "file": "data/static/codefixes/tokenSaleChallenge_2.ts", "start": {"col": 1, "line": 19}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/restfulXssChallenge_2.ts:57:\n `: any[]` was unexpected", "path": "data/static/codefixes/restfulXssChallenge_2.ts", "spans": [{"end": {"col": 45, "line": 57}, "file": "data/static/codefixes/restfulXssChallenge_2.ts", "start": {"col": 38, "line": 57}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/tokenSaleChallenge_3_correct.ts:14:\n `]` was unexpected", "path": "data/static/codefixes/tokenSaleChallenge_3_correct.ts", "spans": [{"end": {"col": 2, "line": 14}, "file": "data/static/codefixes/tokenSaleChallenge_3_correct.ts", "start": {"col": 1, "line": 14}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_2_correct.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $mail AND password = $pass AND deletedAt IS NULL`,\n { bind: { mail: req.body.email, pass: security.hash(req.body.password) }, model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_2_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/restfulXssChallenge_3.ts:43:\n `: any[]` was unexpected", "path": "data/static/codefixes/restfulXssChallenge_3.ts", "spans": [{"end": {"col": 44, "line": 43}, "file": "data/static/codefixes/restfulXssChallenge_3.ts", "start": {"col": 37, "line": 43}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_4.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordIsNotInTopOneMillionCommonPasswordsList(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_4.ts", "spans": [{"end": {"col": 9, "line": 8}, "file": "data/static/codefixes/weakPasswordChallenge_4.ts", "start": {"col": 1, "line": 1}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_3.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = $2 AND deletedAt IS NULL`,\n { bind: [ req.body.email, req.body.password ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_3.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_4.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: false })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_4.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_2.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`,\n { bind: [ req.body.email ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_2.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line frontend/src/app/Services/user.service.ts:14:\n `new?:` was unexpected", "path": "frontend/src/app/Services/user.service.ts", "spans": [{"end": {"col": 8, "line": 14}, "file": "frontend/src/app/Services/user.service.ts", "start": {"col": 3, "line": 14}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line .github/workflows/release.yml:33:\n When parsing a snippet as Bash for metavariable-pattern in rule 'yaml.github-actions.security.curl-eval.curl-eval', `{ matrix.node-version` was unexpected", "path": ".github/workflows/release.yml", "spans": [{"end": {"col": 48, "line": 33}, "file": ".github/workflows/release.yml", "start": {"col": 27, "line": 33}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_1_correct.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordHasAtLeastTenChar(clearTextPassword)\n validatePasswordIsNotInTopOneMillionCommonPasswordsList(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_1_correct.ts", "spans": [{"end": {"col": 9, "line": 9}, "file": "data/static/codefixes/weakPasswordChallenge_1_correct.ts", "start": {"col": 1, "line": 1}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_3.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordHasAtLeastOneNumber(clearTextPassword)\n validatePasswordHasAtLeastOneSpecialChar(clearTextPassword)\n validatePasswordHasAtLeastOneUpperCaseChar(clearTextPassword)\n validatePasswordHasAtLeastOneLowerCaseChar(clearTextPassword)\n validatePasswordHasAtLeastTenChar(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_3.ts", "spans": [{"end": {"col": 9, "line": 12}, "file": "data/static/codefixes/weakPasswordChallenge_3.ts", "start": {"col": 1, "line": 1}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_4.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'User', exclude: ['password', 'totpSecret', 'role'], model: UserModel },\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })\n\n // create a wallet when a new user is registered using API\n if (name === 'User') {\n resource.create.send.before((req: Request, res: Response, context: { instance: { id: any }, continue: any }) => {\n WalletModel.create({ UserId: context.instance.id }).catch((err: unknown) => {\n console.log(err)\n })\n return context.continue\n })\n }` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_4.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_3_correct.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'User', exclude: ['password', 'totpSecret'], model: UserModel },\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })\n\n // create a wallet when a new user is registered using API\n if (name === 'User') {\n resource.create.send.before((req: Request, res: Response, context: { instance: { id: any }, continue: any }) => {\n WalletModel.create({ UserId: context.instance.id }).catch((err: unknown) => {\n console.log(err)\n })\n context.instance.role = 'customer'\n return context.continue\n })\n }` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_3_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_4_correct.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = $2 AND deletedAt IS NULL`,\n { bind: [ req.body.email, security.hash(req.body.password) ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_4_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_3.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = :mail AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`,\n { replacements: { mail: req.body.email }, model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_3.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_1.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'User', exclude: ['password', 'totpSecret'], model: UserModel },\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })\n\n // create a wallet when a new user is registered using API\n if (name === 'User') {\n resource.create.send.before((req: Request, res: Response, context: { instance: { id: any }, continue: any }) => {\n WalletModel.create({ UserId: context.instance.id }).catch((err: unknown) => {\n console.log(err)\n })\n context.instance.role = context.instance.role ? context.instance.role : 'customer'\n return context.continue\n })\n }` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_1.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_1_correct.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = $2 AND deletedAt IS NULL`,\n { bind: [ req.body.email, security.hash(req.body.password) ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_1_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_1.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n if (req.body.email.match(/.*['-;].*/) || req.body.password.match(/.*['-;].*/)) {\n res.status(451).send(res.__('SQL Injection detected.'))\n }\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_1.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_1.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n if (req.body.email.match(/.*['-;].*/) || req.body.password.match(/.*['-;].*/)) {\n res.status(451).send(res.__('SQL Injection detected.'))\n }\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_1.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/restfulXssChallenge_4.ts:57:\n `: any[]` was unexpected", "path": "data/static/codefixes/restfulXssChallenge_4.ts", "spans": [{"end": {"col": 44, "line": 57}, "file": "data/static/codefixes/restfulXssChallenge_4.ts", "start": {"col": 37, "line": 57}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_2.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordHasAtLeastOneNumber(clearTextPassword)\n validatePasswordHasAtLeastOneSpecialChar(clearTextPassword)\n validatePasswordHasAtLeastOneUpperCaseChar(clearTextPassword)\n validatePasswordHasAtLeastOneLowerCaseChar(clearTextPassword)\n validatePasswordHasAtLeastTenChar(clearTextPassword)\n validatePasswordIsNotInTopOneMillionCommonPasswordsList(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_2.ts", "spans": [{"end": {"col": 9, "line": 13}, "file": "data/static/codefixes/weakPasswordChallenge_2.ts", "start": {"col": 1, "line": 1}}], "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_2.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_2.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/tokenSaleChallenge_1.ts:18:\n `]` was unexpected", "path": "data/static/codefixes/tokenSaleChallenge_1.ts", "spans": [{"end": {"col": 2, "line": 18}, "file": "data/static/codefixes/tokenSaleChallenge_1.ts", "start": {"col": 1, "line": 18}}], "type": "Syntax error"}], "paths": {"_comment": "", "scanned": [".codeclimate.yml", ".dependabot/config.yml", ".devcontainer.json", ".dockerignore", ".eslintrc.js", ".github/CODEOWNERS", ".github/FUNDING.yml", ".github/ISSUE_TEMPLATE/bug-report.md", ".github/ISSUE_TEMPLATE/challenge-idea.md", ".github/ISSUE_TEMPLATE/config.yml", ".github/ISSUE_TEMPLATE/feature-request.md", ".github/PULL_REQUEST_TEMPLATE.md", ".github/workflows/ci.yml", ".github/workflows/codeql-analysis.yml", ".github/workflows/lint-fixer.yml", ".github/workflows/lock.yml", ".github/workflows/rebase.yml", ".github/workflows/release.yml", ".github/workflows/stale.yml", ".github/workflows/update-challenges-www.yml", ".github/workflows/update-news-www.yml", ".github/workflows/zap_scan.yml", ".gitignore", ".gitlab/auto-deploy-values.yaml", ".gitlab-ci.yml", ".gitpod.yml", ".imgbotconfig", ".mailmap", ".npmrc", ".zap/rules.tsv", "CODE_OF_CONDUCT.md", "CONTRIBUTING.md", "Dockerfile", "Gruntfile.js", "HALL_OF_FAME.md", "LICENSE", "README.md", "REFERENCES.md", "SECURITY.md", "SOLUTIONS.md", "app.json", "app.ts", "config/7ms.yml", "config/addo.yml", "config/bodgeit.yml", "config/ctf.yml", "config/default.yml", "config/fbctf.yml", "config/juicebox.yml", "config/mozilla.yml", "config/oss.yml", "config/quiet.yml", "config/test.yml", "config/tutorial.yml", "config/unsafe.yml", "config.schema.yml", "crowdin.yaml", "ctf.key", "cypress.json", "data/chatbot/.gitkeep", "data/datacache.ts", "data/datacreator.ts", "data/mongodb.ts", "data/static/botDefaultTrainingData.json", "data/static/challenges.yml", "data/static/codefixes/.editorconfig", "data/static/codefixes/accessLogDisclosureChallenge.info.yml", "data/static/codefixes/accessLogDisclosureChallenge_1_correct.ts", "data/static/codefixes/accessLogDisclosureChallenge_2.ts", "data/static/codefixes/accessLogDisclosureChallenge_3.ts", "data/static/codefixes/accessLogDisclosureChallenge_4.ts", "data/static/codefixes/adminSectionChallenge.info.yml", "data/static/codefixes/adminSectionChallenge_1_correct.ts", "data/static/codefixes/adminSectionChallenge_2.ts", "data/static/codefixes/adminSectionChallenge_3.ts", "data/static/codefixes/adminSectionChallenge_4.ts", "data/static/codefixes/changeProductChallenge.info.yml", "data/static/codefixes/changeProductChallenge_1.ts", "data/static/codefixes/changeProductChallenge_2.ts", "data/static/codefixes/changeProductChallenge_3_correct.ts", "data/static/codefixes/changeProductChallenge_4.ts", "data/static/codefixes/dbSchemaChallenge.info.yml", "data/static/codefixes/dbSchemaChallenge_1.ts", "data/static/codefixes/dbSchemaChallenge_2_correct.ts", "data/static/codefixes/dbSchemaChallenge_3.ts", "data/static/codefixes/directoryListingChallenge.info.yml", "data/static/codefixes/directoryListingChallenge_1_correct.ts", "data/static/codefixes/directoryListingChallenge_2.ts", "data/static/codefixes/directoryListingChallenge_3.ts", "data/static/codefixes/directoryListingChallenge_4.ts", "data/static/codefixes/exposedMetricsChallenge.info.yml", "data/static/codefixes/exposedMetricsChallenge_1.ts", "data/static/codefixes/exposedMetricsChallenge_2.ts", "data/static/codefixes/exposedMetricsChallenge_3_correct.ts", "data/static/codefixes/forgedReviewChallenge.info.yml", "data/static/codefixes/forgedReviewChallenge_1.ts", "data/static/codefixes/forgedReviewChallenge_2_correct.ts", "data/static/codefixes/forgedReviewChallenge_3.ts", "data/static/codefixes/localXssChallenge.info.yml", "data/static/codefixes/localXssChallenge_1.ts", "data/static/codefixes/localXssChallenge_2_correct.ts", "data/static/codefixes/localXssChallenge_3.ts", "data/static/codefixes/localXssChallenge_4.ts", "data/static/codefixes/loginAdminChallenge.info.yml", "data/static/codefixes/loginAdminChallenge_1.ts", "data/static/codefixes/loginAdminChallenge_2.ts", "data/static/codefixes/loginAdminChallenge_3.ts", "data/static/codefixes/loginAdminChallenge_4_correct.ts", "data/static/codefixes/loginBenderChallenge.info.yml", "data/static/codefixes/loginBenderChallenge_1.ts", "data/static/codefixes/loginBenderChallenge_2_correct.ts", "data/static/codefixes/loginBenderChallenge_3.ts", "data/static/codefixes/loginBenderChallenge_4.ts", "data/static/codefixes/loginJimChallenge.info.yml", "data/static/codefixes/loginJimChallenge_1_correct.ts", "data/static/codefixes/loginJimChallenge_2.ts", "data/static/codefixes/loginJimChallenge_3.ts", "data/static/codefixes/loginJimChallenge_4.ts", "data/static/codefixes/noSqlReviewsChallenge.info.yml", "data/static/codefixes/noSqlReviewsChallenge_1.ts", "data/static/codefixes/noSqlReviewsChallenge_2.ts", "data/static/codefixes/noSqlReviewsChallenge_3_correct.ts", "data/static/codefixes/redirectChallenge.info.yml", "data/static/codefixes/redirectChallenge_1.ts", "data/static/codefixes/redirectChallenge_2.ts", "data/static/codefixes/redirectChallenge_3.ts", "data/static/codefixes/redirectChallenge_4_correct.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge.info.yml", "data/static/codefixes/redirectCryptoCurrencyChallenge_1.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge_2.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge_3_correct.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge_4.ts", "data/static/codefixes/registerAdminChallenge.info.yml", "data/static/codefixes/registerAdminChallenge_1.ts", "data/static/codefixes/registerAdminChallenge_2.ts", "data/static/codefixes/registerAdminChallenge_3_correct.ts", "data/static/codefixes/registerAdminChallenge_4.ts", "data/static/codefixes/resetPasswordBenderChallenge.info.yml", "data/static/codefixes/resetPasswordBenderChallenge_1.yml", "data/static/codefixes/resetPasswordBenderChallenge_2_correct.yml", "data/static/codefixes/resetPasswordBenderChallenge_3.yml", "data/static/codefixes/resetPasswordBjoernChallenge.info.yml", "data/static/codefixes/resetPasswordBjoernChallenge_1_correct.yml", "data/static/codefixes/resetPasswordBjoernChallenge_2.yml", "data/static/codefixes/resetPasswordBjoernChallenge_3.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge.info.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge_1.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge_2_correct.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge_3.yml", "data/static/codefixes/resetPasswordJimChallenge.info.yml", "data/static/codefixes/resetPasswordJimChallenge_1.yml", "data/static/codefixes/resetPasswordJimChallenge_2.yml", "data/static/codefixes/resetPasswordJimChallenge_3_correct.yml", "data/static/codefixes/resetPasswordMortyChallenge.info.yml", "data/static/codefixes/resetPasswordMortyChallenge_1.ts", "data/static/codefixes/resetPasswordMortyChallenge_2.ts", "data/static/codefixes/resetPasswordMortyChallenge_3.ts", "data/static/codefixes/resetPasswordMortyChallenge_4_correct.ts", "data/static/codefixes/resetPasswordUvoginChallenge.info.yml", "data/static/codefixes/resetPasswordUvoginChallenge_1.yml", "data/static/codefixes/resetPasswordUvoginChallenge_2.yml", "data/static/codefixes/resetPasswordUvoginChallenge_3_correct.yml", "data/static/codefixes/restfulXssChallenge.info.yml", "data/static/codefixes/restfulXssChallenge_1_correct.ts", "data/static/codefixes/restfulXssChallenge_2.ts", "data/static/codefixes/restfulXssChallenge_3.ts", "data/static/codefixes/restfulXssChallenge_4.ts", "data/static/codefixes/scoreBoardChallenge.info.yml", "data/static/codefixes/scoreBoardChallenge_1_correct.ts", "data/static/codefixes/scoreBoardChallenge_2.ts", "data/static/codefixes/scoreBoardChallenge_3.ts", "data/static/codefixes/tokenSaleChallenge.info.yml", "data/static/codefixes/tokenSaleChallenge_1.ts", "data/static/codefixes/tokenSaleChallenge_2.ts", "data/static/codefixes/tokenSaleChallenge_3_correct.ts", "data/static/codefixes/unionSqlInjectionChallenge.info.yml", "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "data/static/codefixes/unionSqlInjectionChallenge_2_correct.ts", "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "data/static/codefixes/weakPasswordChallenge.info.yml", "data/static/codefixes/weakPasswordChallenge_1_correct.ts", "data/static/codefixes/weakPasswordChallenge_2.ts", "data/static/codefixes/weakPasswordChallenge_3.ts", "data/static/codefixes/weakPasswordChallenge_4.ts", "data/static/codefixes/xssBonusChallenge.info.yml", "data/static/codefixes/xssBonusChallenge_1_correct.ts", "data/static/codefixes/xssBonusChallenge_2.ts", "data/static/codefixes/xssBonusChallenge_3.ts", "data/static/codefixes/xssBonusChallenge_4.ts", "data/static/deliveries.yml", "data/static/i18n/ar_SA.json", "data/static/i18n/az_AZ.json", "data/static/i18n/bg_BG.json", "data/static/i18n/bn_BD.json", "data/static/i18n/ca_ES.json", "data/static/i18n/cs_CZ.json", "data/static/i18n/da_DK.json", "data/static/i18n/de_CH.json", "data/static/i18n/de_DE.json", "data/static/i18n/el_GR.json", "data/static/i18n/en.json", "data/static/i18n/es_ES.json", "data/static/i18n/et_EE.json", "data/static/i18n/fi_FI.json", "data/static/i18n/fr_FR.json", "data/static/i18n/ga_IE.json", "data/static/i18n/he_IL.json", "data/static/i18n/hi_IN.json", "data/static/i18n/hu_HU.json", "data/static/i18n/id_ID.json", "data/static/i18n/it_IT.json", "data/static/i18n/ja_JP.json", "data/static/i18n/ka_GE.json", "data/static/i18n/ko_KR.json", "data/static/i18n/lv_LV.json", "data/static/i18n/my_MM.json", "data/static/i18n/nl_NL.json", "data/static/i18n/no_NO.json", "data/static/i18n/pl_PL.json", "data/static/i18n/pt_BR.json", "data/static/i18n/pt_PT.json", "data/static/i18n/ro_RO.json", "data/static/i18n/ru_RU.json", "data/static/i18n/si_LK.json", "data/static/i18n/sv_SE.json", "data/static/i18n/th_TH.json", "data/static/i18n/tlh_AA.json", "data/static/i18n/tr_TR.json", "data/static/i18n/uk_UA.json", "data/static/i18n/zh_CN.json", "data/static/i18n/zh_HK.json", "data/static/i18n/zh_TW.json", "data/static/legal.md", "data/static/locales.json", "data/static/owasp_promo.vtt", "data/static/securityQuestions.yml", "data/static/users.yml", "data/types.ts", "docker-compose.test.yml", "encryptionkeys/jwt.pub", "encryptionkeys/premium.key", "frontend/.browserslistrc", "frontend/.editorconfig", "frontend/.eslintrc.js", "frontend/.gitignore", "frontend/.npmrc", "frontend/.stylelintrc.js", "frontend/angular.json", "frontend/package.json", "frontend/src/app/Models/backup.model.ts", "frontend/src/app/Models/challenge.model.ts", "frontend/src/app/Models/deliveryMethod.model.ts", "frontend/src/app/Models/product.model.ts", "frontend/src/app/Models/review.model.ts", "frontend/src/app/Models/securityQuestion.model.ts", "frontend/src/app/Services/address.service.spec.ts", "frontend/src/app/Services/address.service.ts", "frontend/src/app/Services/administration.service.spec.ts", "frontend/src/app/Services/administration.service.ts", "frontend/src/app/Services/basket.service.spec.ts", "frontend/src/app/Services/basket.service.ts", "frontend/src/app/Services/captcha.service.spec.ts", "frontend/src/app/Services/captcha.service.ts", "frontend/src/app/Services/challenge.service.spec.ts", "frontend/src/app/Services/challenge.service.ts", "frontend/src/app/Services/chatbot.service.spec.ts", "frontend/src/app/Services/chatbot.service.ts", "frontend/src/app/Services/code-fixes.service.spec.ts", "frontend/src/app/Services/code-fixes.service.ts", "frontend/src/app/Services/code-snippet.service.spec.ts", "frontend/src/app/Services/code-snippet.service.ts", "frontend/src/app/Services/complaint.service.spec.ts", "frontend/src/app/Services/complaint.service.ts", "frontend/src/app/Services/configuration.service.spec.ts", "frontend/src/app/Services/configuration.service.ts", "frontend/src/app/Services/country-mapping.service.spec.ts", "frontend/src/app/Services/country-mapping.service.ts", "frontend/src/app/Services/data-subject.service.spec.ts", "frontend/src/app/Services/data-subject.service.ts", "frontend/src/app/Services/delivery.service.spec.ts", "frontend/src/app/Services/delivery.service.ts", "frontend/src/app/Services/feedback.service.spec.ts", "frontend/src/app/Services/feedback.service.ts", "frontend/src/app/Services/form-submit.service.spec.ts", "frontend/src/app/Services/form-submit.service.ts", "frontend/src/app/Services/image-captcha.service.spec.ts", "frontend/src/app/Services/image-captcha.service.ts", "frontend/src/app/Services/languages.service.spec.ts", "frontend/src/app/Services/languages.service.ts", "frontend/src/app/Services/local-backup.service.spec.ts", "frontend/src/app/Services/local-backup.service.ts", "frontend/src/app/Services/order-history.service.spec.ts", "frontend/src/app/Services/order-history.service.ts", "frontend/src/app/Services/payment.service.spec.ts", "frontend/src/app/Services/payment.service.ts", "frontend/src/app/Services/photo-wall.service.spec.ts", "frontend/src/app/Services/photo-wall.service.ts", "frontend/src/app/Services/product-review.service.spec.ts", "frontend/src/app/Services/product-review.service.ts", "frontend/src/app/Services/product.service.spec.ts", "frontend/src/app/Services/product.service.ts", "frontend/src/app/Services/quantity.service.spec.ts", "frontend/src/app/Services/quantity.service.ts", "frontend/src/app/Services/recycle.service.spec.ts", "frontend/src/app/Services/recycle.service.ts", "frontend/src/app/Services/request.interceptor.ts", "frontend/src/app/Services/security-answer.service.spec.ts", "frontend/src/app/Services/security-answer.service.ts", "frontend/src/app/Services/security-question.service.spec.ts", "frontend/src/app/Services/security-question.service.ts", "frontend/src/app/Services/snack-bar-helper.service.spec.ts", "frontend/src/app/Services/snack-bar-helper.service.ts", "frontend/src/app/Services/socket-io.service.spec.ts", "frontend/src/app/Services/socket-io.service.ts", "frontend/src/app/Services/track-order.service.spec.ts", "frontend/src/app/Services/track-order.service.ts", "frontend/src/app/Services/two-factor-auth-service.spec.ts", "frontend/src/app/Services/two-factor-auth-service.ts", "frontend/src/app/Services/user.service.spec.ts", "frontend/src/app/Services/user.service.ts", "frontend/src/app/Services/vuln-lines.service.spec.ts", "frontend/src/app/Services/vuln-lines.service.ts", "frontend/src/app/Services/wallet.service.spec.ts", "frontend/src/app/Services/wallet.service.ts", "frontend/src/app/Services/window-ref.service.spec.ts", "frontend/src/app/Services/window-ref.service.ts", "frontend/src/app/about/about.component.html", "frontend/src/app/about/about.component.scss", "frontend/src/app/about/about.component.spec.ts", "frontend/src/app/about/about.component.ts", "frontend/src/app/accounting/accounting.component.html", "frontend/src/app/accounting/accounting.component.scss", "frontend/src/app/accounting/accounting.component.spec.ts", "frontend/src/app/accounting/accounting.component.ts", "frontend/src/app/address/address.component.html", "frontend/src/app/address/address.component.scss", "frontend/src/app/address/address.component.spec.ts", "frontend/src/app/address/address.component.ts", "frontend/src/app/address-create/address-create.component.html", "frontend/src/app/address-create/address-create.component.scss", "frontend/src/app/address-create/address-create.component.spec.ts", "frontend/src/app/address-create/address-create.component.ts", "frontend/src/app/address-select/address-select.component.html", "frontend/src/app/address-select/address-select.component.scss", "frontend/src/app/address-select/address-select.component.spec.ts", "frontend/src/app/address-select/address-select.component.ts", "frontend/src/app/administration/administration.component.html", "frontend/src/app/administration/administration.component.scss", "frontend/src/app/administration/administration.component.spec.ts", "frontend/src/app/administration/administration.component.ts", "frontend/src/app/app.component.html", "frontend/src/app/app.component.scss", "frontend/src/app/app.component.spec.ts", "frontend/src/app/app.component.ts", "frontend/src/app/app.guard.spec.ts", "frontend/src/app/app.guard.ts", "frontend/src/app/app.module.ts", "frontend/src/app/app.routing.ts", "frontend/src/app/basket/basket.component.html", "frontend/src/app/basket/basket.component.scss", "frontend/src/app/basket/basket.component.spec.ts", "frontend/src/app/basket/basket.component.ts", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.html", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.scss", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.spec.ts", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.ts", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.html", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.scss", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.spec.ts", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.ts", "frontend/src/app/change-password/change-password.component.html", "frontend/src/app/change-password/change-password.component.scss", "frontend/src/app/change-password/change-password.component.spec.ts", "frontend/src/app/change-password/change-password.component.ts", "frontend/src/app/chatbot/chatbot.component.html", "frontend/src/app/chatbot/chatbot.component.scss", "frontend/src/app/chatbot/chatbot.component.spec.ts", "frontend/src/app/chatbot/chatbot.component.ts", "frontend/src/app/code-area/code-area.component.html", "frontend/src/app/code-area/code-area.component.scss", "frontend/src/app/code-area/code-area.component.spec.ts", "frontend/src/app/code-area/code-area.component.ts", "frontend/src/app/code-fixes/code-fixes.component.html", "frontend/src/app/code-fixes/code-fixes.component.scss", "frontend/src/app/code-fixes/code-fixes.component.spec.ts", "frontend/src/app/code-fixes/code-fixes.component.ts", "frontend/src/app/code-snippet/code-snippet.component.html", "frontend/src/app/code-snippet/code-snippet.component.scss", "frontend/src/app/code-snippet/code-snippet.component.spec.ts", "frontend/src/app/code-snippet/code-snippet.component.ts", "frontend/src/app/complaint/complaint.component.html", "frontend/src/app/complaint/complaint.component.scss", "frontend/src/app/complaint/complaint.component.spec.ts", "frontend/src/app/complaint/complaint.component.ts", "frontend/src/app/contact/contact.component.html", "frontend/src/app/contact/contact.component.scss", "frontend/src/app/contact/contact.component.spec.ts", "frontend/src/app/contact/contact.component.ts", "frontend/src/app/data-export/data-export.component.html", "frontend/src/app/data-export/data-export.component.scss", "frontend/src/app/data-export/data-export.component.spec.ts", "frontend/src/app/data-export/data-export.component.ts", "frontend/src/app/delivery-method/delivery-method.component.html", "frontend/src/app/delivery-method/delivery-method.component.scss", "frontend/src/app/delivery-method/delivery-method.component.spec.ts", "frontend/src/app/delivery-method/delivery-method.component.ts", "frontend/src/app/deluxe-user/deluxe-user.component.html", "frontend/src/app/deluxe-user/deluxe-user.component.scss", "frontend/src/app/deluxe-user/deluxe-user.component.spec.ts", "frontend/src/app/deluxe-user/deluxe-user.component.ts", "frontend/src/app/error-page/error-page.component.html", "frontend/src/app/error-page/error-page.component.scss", "frontend/src/app/error-page/error-page.component.spec.ts", "frontend/src/app/error-page/error-page.component.ts", "frontend/src/app/feedback-details/feedback-details.component.html", "frontend/src/app/feedback-details/feedback-details.component.scss", "frontend/src/app/feedback-details/feedback-details.component.spec.ts", "frontend/src/app/feedback-details/feedback-details.component.ts", "frontend/src/app/forgot-password/forgot-password.component.html", "frontend/src/app/forgot-password/forgot-password.component.scss", "frontend/src/app/forgot-password/forgot-password.component.spec.ts", "frontend/src/app/forgot-password/forgot-password.component.ts", "frontend/src/app/last-login-ip/last-login-ip.component.html", "frontend/src/app/last-login-ip/last-login-ip.component.scss", "frontend/src/app/last-login-ip/last-login-ip.component.spec.ts", "frontend/src/app/last-login-ip/last-login-ip.component.ts", "frontend/src/app/login/login.component.html", "frontend/src/app/login/login.component.scss", "frontend/src/app/login/login.component.spec.ts", "frontend/src/app/login/login.component.ts", "frontend/src/app/navbar/navbar.component.html", "frontend/src/app/navbar/navbar.component.scss", "frontend/src/app/navbar/navbar.component.spec.ts", "frontend/src/app/navbar/navbar.component.ts", "frontend/src/app/oauth/oauth.component.html", "frontend/src/app/oauth/oauth.component.scss", "frontend/src/app/oauth/oauth.component.spec.ts", "frontend/src/app/oauth/oauth.component.ts", "frontend/src/app/order-completion/order-completion.component.html", "frontend/src/app/order-completion/order-completion.component.scss", "frontend/src/app/order-completion/order-completion.component.spec.ts", "frontend/src/app/order-completion/order-completion.component.ts", "frontend/src/app/order-history/order-history.component.html", "frontend/src/app/order-history/order-history.component.scss", "frontend/src/app/order-history/order-history.component.spec.ts", "frontend/src/app/order-history/order-history.component.ts", "frontend/src/app/order-summary/order-summary.component.html", "frontend/src/app/order-summary/order-summary.component.scss", "frontend/src/app/order-summary/order-summary.component.spec.ts", "frontend/src/app/order-summary/order-summary.component.ts", "frontend/src/app/payment/payment.component.html", "frontend/src/app/payment/payment.component.scss", "frontend/src/app/payment/payment.component.spec.ts", "frontend/src/app/payment/payment.component.ts", "frontend/src/app/payment-method/payment-method.component.html", "frontend/src/app/payment-method/payment-method.component.scss", "frontend/src/app/payment-method/payment-method.component.spec.ts", "frontend/src/app/payment-method/payment-method.component.ts", "frontend/src/app/photo-wall/mime-type.validator.ts", "frontend/src/app/photo-wall/photo-wall.component.html", "frontend/src/app/photo-wall/photo-wall.component.scss", "frontend/src/app/photo-wall/photo-wall.component.spec.ts", "frontend/src/app/photo-wall/photo-wall.component.ts", "frontend/src/app/privacy-policy/privacy-policy.component.html", "frontend/src/app/privacy-policy/privacy-policy.component.scss", "frontend/src/app/privacy-policy/privacy-policy.component.spec.ts", "frontend/src/app/privacy-policy/privacy-policy.component.ts", "frontend/src/app/privacy-security/privacy-security.component.html", "frontend/src/app/privacy-security/privacy-security.component.scss", "frontend/src/app/privacy-security/privacy-security.component.spec.ts", "frontend/src/app/privacy-security/privacy-security.component.ts", "frontend/src/app/product-details/product-details.component.html", "frontend/src/app/product-details/product-details.component.scss", "frontend/src/app/product-details/product-details.component.spec.ts", "frontend/src/app/product-details/product-details.component.ts", "frontend/src/app/product-review-edit/product-review-edit.component.html", "frontend/src/app/product-review-edit/product-review-edit.component.scss", "frontend/src/app/product-review-edit/product-review-edit.component.spec.ts", "frontend/src/app/product-review-edit/product-review-edit.component.ts", "frontend/src/app/purchase-basket/purchase-basket.component.html", "frontend/src/app/purchase-basket/purchase-basket.component.scss", "frontend/src/app/purchase-basket/purchase-basket.component.spec.ts", "frontend/src/app/purchase-basket/purchase-basket.component.ts", "frontend/src/app/qr-code/qr-code.component.html", "frontend/src/app/qr-code/qr-code.component.scss", "frontend/src/app/qr-code/qr-code.component.spec.ts", "frontend/src/app/qr-code/qr-code.component.ts", "frontend/src/app/recycle/recycle.component.html", "frontend/src/app/recycle/recycle.component.scss", "frontend/src/app/recycle/recycle.component.spec.ts", "frontend/src/app/recycle/recycle.component.ts", "frontend/src/app/register/register.component.html", "frontend/src/app/register/register.component.scss", "frontend/src/app/register/register.component.spec.ts", "frontend/src/app/register/register.component.ts", "frontend/src/app/roles.ts", "frontend/src/app/saved-address/saved-address.component.html", "frontend/src/app/saved-address/saved-address.component.scss", "frontend/src/app/saved-address/saved-address.component.spec.ts", "frontend/src/app/saved-address/saved-address.component.ts", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.html", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.scss", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.spec.ts", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.ts", "frontend/src/app/score-board/score-board.component.html", "frontend/src/app/score-board/score-board.component.scss", "frontend/src/app/score-board/score-board.component.spec.ts", "frontend/src/app/score-board/score-board.component.ts", "frontend/src/app/search-result/search-result.component.html", "frontend/src/app/search-result/search-result.component.scss", "frontend/src/app/search-result/search-result.component.spec.ts", "frontend/src/app/search-result/search-result.component.ts", "frontend/src/app/server-started-notification/server-started-notification.component.html", "frontend/src/app/server-started-notification/server-started-notification.component.scss", "frontend/src/app/server-started-notification/server-started-notification.component.spec.ts", "frontend/src/app/server-started-notification/server-started-notification.component.ts", "frontend/src/app/sidenav/sidenav.component.html", "frontend/src/app/sidenav/sidenav.component.scss", "frontend/src/app/sidenav/sidenav.component.spec.ts", "frontend/src/app/sidenav/sidenav.component.ts", "frontend/src/app/token-sale/token-sale.component.html", "frontend/src/app/token-sale/token-sale.component.scss", "frontend/src/app/token-sale/token-sale.component.spec.ts", "frontend/src/app/token-sale/token-sale.component.ts", "frontend/src/app/track-result/track-result.component.html", "frontend/src/app/track-result/track-result.component.scss", "frontend/src/app/track-result/track-result.component.spec.ts", "frontend/src/app/track-result/track-result.component.ts", "frontend/src/app/two-factor-auth/two-factor-auth.component.html", "frontend/src/app/two-factor-auth/two-factor-auth.component.scss", "frontend/src/app/two-factor-auth/two-factor-auth.component.spec.ts", "frontend/src/app/two-factor-auth/two-factor-auth.component.ts", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.html", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.scss", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.spec.ts", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts", "frontend/src/app/user-details/user-details.component.html", "frontend/src/app/user-details/user-details.component.scss", "frontend/src/app/user-details/user-details.component.spec.ts", "frontend/src/app/user-details/user-details.component.ts", "frontend/src/app/wallet/wallet.component.html", "frontend/src/app/wallet/wallet.component.scss", "frontend/src/app/wallet/wallet.component.spec.ts", "frontend/src/app/wallet/wallet.component.ts", "frontend/src/app/welcome/welcome.component.html", "frontend/src/app/welcome/welcome.component.scss", "frontend/src/app/welcome/welcome.component.spec.ts", "frontend/src/app/welcome/welcome.component.ts", "frontend/src/app/welcome-banner/welcome-banner.component.html", "frontend/src/app/welcome-banner/welcome-banner.component.scss", "frontend/src/app/welcome-banner/welcome-banner.component.spec.ts", "frontend/src/app/welcome-banner/welcome-banner.component.ts", "frontend/src/assets/i18n/ar_SA.json", "frontend/src/assets/i18n/az_AZ.json", "frontend/src/assets/i18n/bg_BG.json", "frontend/src/assets/i18n/bn_BD.json", "frontend/src/assets/i18n/ca_ES.json", "frontend/src/assets/i18n/cs_CZ.json", "frontend/src/assets/i18n/da_DK.json", "frontend/src/assets/i18n/de_CH.json", "frontend/src/assets/i18n/de_DE.json", "frontend/src/assets/i18n/el_GR.json", "frontend/src/assets/i18n/en.json", "frontend/src/assets/i18n/es_ES.json", "frontend/src/assets/i18n/et_EE.json", "frontend/src/assets/i18n/fi_FI.json", "frontend/src/assets/i18n/fr_FR.json", "frontend/src/assets/i18n/ga_IE.json", "frontend/src/assets/i18n/he_IL.json", "frontend/src/assets/i18n/hi_IN.json", "frontend/src/assets/i18n/hu_HU.json", "frontend/src/assets/i18n/id_ID.json", "frontend/src/assets/i18n/it_IT.json", "frontend/src/assets/i18n/ja_JP.json", "frontend/src/assets/i18n/ka_GE.json", "frontend/src/assets/i18n/ko_KR.json", "frontend/src/assets/i18n/lv_LV.json", "frontend/src/assets/i18n/my_MM.json", "frontend/src/assets/i18n/nl_NL.json", "frontend/src/assets/i18n/no_NO.json", "frontend/src/assets/i18n/pl_PL.json", "frontend/src/assets/i18n/pt_BR.json", "frontend/src/assets/i18n/pt_PT.json", "frontend/src/assets/i18n/ro_RO.json", "frontend/src/assets/i18n/ru_RU.json", "frontend/src/assets/i18n/si_LK.json", "frontend/src/assets/i18n/sv_SE.json", "frontend/src/assets/i18n/th_TH.json", "frontend/src/assets/i18n/tlh_AA.json", "frontend/src/assets/i18n/tr_TR.json", "frontend/src/assets/i18n/uk_UA.json", "frontend/src/assets/i18n/zh_CN.json", "frontend/src/assets/i18n/zh_HK.json", "frontend/src/assets/i18n/zh_TW.json", "frontend/src/assets/private/CopyShader.js", "frontend/src/assets/private/EffectComposer.js", "frontend/src/assets/private/JuiceShop_Wallpaper_1920x1080_VR.jpg", "frontend/src/assets/private/MaskPass.js", "frontend/src/assets/private/OrbitControls.js", "frontend/src/assets/private/RenderPass.js", "frontend/src/assets/private/ShaderPass.js", "frontend/src/assets/private/earthspec4k.jpg", "frontend/src/assets/private/orangemap2k.jpg", "frontend/src/assets/private/three.js", "frontend/src/assets/private/threejs-demo.html", "frontend/src/assets/public/css/dataErasure.css", "frontend/src/assets/public/css/userProfile.css", "frontend/src/assets/public/favicon_ctf.ico", "frontend/src/assets/public/favicon_js.ico", "frontend/src/assets/public/images/JuiceShopCTF_Logo.png", "frontend/src/assets/public/images/JuiceShopCTF_Logo_400px.png", "frontend/src/assets/public/images/JuiceShop_Logo.ai", "frontend/src/assets/public/images/JuiceShop_Logo.png", "frontend/src/assets/public/images/JuiceShop_Logo.svg", "frontend/src/assets/public/images/JuiceShop_Logo_100px.png", "frontend/src/assets/public/images/JuiceShop_Logo_400px.png", "frontend/src/assets/public/images/JuiceShop_Logo_50px.png", "frontend/src/assets/public/images/JuicyBot.png", "frontend/src/assets/public/images/JuicyBot_MedicalMask.png", "frontend/src/assets/public/images/JuicyChatBot.png", "frontend/src/assets/public/images/Welcome_Banner.svg", "frontend/src/assets/public/images/carousel/1.jpg", "frontend/src/assets/public/images/carousel/2.jpg", "frontend/src/assets/public/images/carousel/3.jpg", "frontend/src/assets/public/images/carousel/4.jpg", "frontend/src/assets/public/images/carousel/5.png", "frontend/src/assets/public/images/carousel/6.jpg", "frontend/src/assets/public/images/carousel/7.jpg", "frontend/src/assets/public/images/deluxe/blankBoxes.png", "frontend/src/assets/public/images/juicyEvilWasp.png", "frontend/src/assets/public/images/padding/19px.png", "frontend/src/assets/public/images/padding/1px.png", "frontend/src/assets/public/images/padding/56px.png", "frontend/src/assets/public/images/padding/81px.png", "frontend/src/assets/public/images/products/3d_keychain.jpg", "frontend/src/assets/public/images/products/JuiceShop.stl", "frontend/src/assets/public/images/products/apple_juice.jpg", "frontend/src/assets/public/images/products/apple_pressings.jpg", "frontend/src/assets/public/images/products/artwork.jpg", "frontend/src/assets/public/images/products/artwork2.jpg", "frontend/src/assets/public/images/products/banana_juice.jpg", "frontend/src/assets/public/images/products/card_alpha.jpg", "frontend/src/assets/public/images/products/carrot_juice.jpeg", "frontend/src/assets/public/images/products/ccg_common.png", "frontend/src/assets/public/images/products/ccg_foil.png", "frontend/src/assets/public/images/products/coaster.jpg", "frontend/src/assets/public/images/products/cover_small.jpg", "frontend/src/assets/public/images/products/eggfruit_juice.jpg", "frontend/src/assets/public/images/products/fan_facemask.jpg", "frontend/src/assets/public/images/products/fan_girlie.jpg", "frontend/src/assets/public/images/products/fan_hoodie.jpg", "frontend/src/assets/public/images/products/fan_mug.jpg", "frontend/src/assets/public/images/products/fan_shirt.jpg", "frontend/src/assets/public/images/products/fruit_press.jpg", "frontend/src/assets/public/images/products/green_smoothie.jpg", "frontend/src/assets/public/images/products/holo_sticker.png", "frontend/src/assets/public/images/products/iron-on.jpg", "frontend/src/assets/public/images/products/lemon_juice.jpg", "frontend/src/assets/public/images/products/magnets.jpg", "frontend/src/assets/public/images/products/melon_bike.jpeg", "frontend/src/assets/public/images/products/no-results.png", "frontend/src/assets/public/images/products/orange_juice.jpg", "frontend/src/assets/public/images/products/permafrost.jpg", "frontend/src/assets/public/images/products/quince.jpg", "frontend/src/assets/public/images/products/raspberry_juice.jpg", "frontend/src/assets/public/images/products/snakes_ladders.jpg", "frontend/src/assets/public/images/products/snakes_ladders_m.jpg", "frontend/src/assets/public/images/products/squareBox1-40x40x40.stl", "frontend/src/assets/public/images/products/sticker.png", "frontend/src/assets/public/images/products/sticker_page.jpg", "frontend/src/assets/public/images/products/sticker_single.jpg", "frontend/src/assets/public/images/products/stickersheet_se.png", "frontend/src/assets/public/images/products/strawberry_juice.jpeg", "frontend/src/assets/public/images/products/tattoo.jpg", "frontend/src/assets/public/images/products/thingie1.jpg", "frontend/src/assets/public/images/products/undefined.png", "frontend/src/assets/public/images/products/velcro-patch.jpg", "frontend/src/assets/public/images/products/waspy.png", "frontend/src/assets/public/images/products/woodruff_syrup.jpg", "frontend/src/assets/public/images/uploads/12.png", "frontend/src/assets/public/images/uploads/13.jpg", "frontend/src/assets/public/images/uploads/20.jpg", "frontend/src/assets/public/images/uploads/default.svg", "frontend/src/assets/public/images/uploads/defaultAdmin.png", "frontend/src/assets/public/images/uploads/favorite-hiking-place.png", "frontend/src/assets/public/images/uploads/magn(et)ificent!-1571814229653.jpg", "frontend/src/confetti/index.ts", "frontend/src/environments/environment.prod.ts", "frontend/src/environments/environment.ts", "frontend/src/hacking-instructor/challenges/bonusPayload.ts", "frontend/src/hacking-instructor/challenges/codingChallenges.ts", "frontend/src/hacking-instructor/challenges/domXss.ts", "frontend/src/hacking-instructor/challenges/forgedFeedback.ts", "frontend/src/hacking-instructor/challenges/loginAdmin.ts", "frontend/src/hacking-instructor/challenges/loginBender.ts", "frontend/src/hacking-instructor/challenges/loginJim.ts", "frontend/src/hacking-instructor/challenges/passwordStrength.ts", "frontend/src/hacking-instructor/challenges/privacyPolicy.ts", "frontend/src/hacking-instructor/challenges/scoreBoard.ts", "frontend/src/hacking-instructor/challenges/viewBasket.ts", "frontend/src/hacking-instructor/helpers/helpers.ts", "frontend/src/hacking-instructor/index.ts", "frontend/src/hacking-instructor/tutorialUnavailable.ts", "frontend/src/index.html", "frontend/src/karma.conf.js", "frontend/src/main.ts", "frontend/src/polyfills.ts", "frontend/src/styles.scss", "frontend/src/test.ts", "frontend/src/theme.scss", "frontend/src/tsconfig.app.json", "frontend/src/tsconfig.spec.json", "frontend/tsconfig.base.json", "frontend/tsconfig.json", "ftp/acquisitions.md", "ftp/announcement_encrypted.md", "ftp/coupons_2013.md.bak", "ftp/eastere.gg", "ftp/encrypt.pyc", "ftp/incident-support.kdbx", "ftp/package.json.bak", "ftp/quarantine/juicy_malware_linux_amd_64.url", "ftp/quarantine/juicy_malware_linux_arm_64.url", "ftp/quarantine/juicy_malware_macos_64.url", "ftp/quarantine/juicy_malware_windows_64.exe.url", "ftp/suspicious_errors.yml", "i18n/.gitkeep", "lib/accuracy.ts", "lib/antiCheat.ts", "lib/botUtils.ts", "lib/challengeUtils.ts", "lib/codingChallenges.ts", "lib/insecurity.ts", "lib/is-docker.ts", "lib/is-heroku.ts", "lib/is-windows.ts", "lib/logger.ts", "lib/noUpdate.ts", "lib/startup/cleanupFtpFolder.ts", "lib/startup/customizeApplication.ts", "lib/startup/customizeEasterEgg.ts", "lib/startup/registerWebsocketEvents.ts", "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "lib/startup/validateChatBot.ts", "lib/startup/validateConfig.ts", "lib/startup/validateDependencies.ts", "lib/startup/validatePreconditions.ts", "lib/utils.ts", "lib/webhook.ts", "models/address.ts", "models/basket.ts", "models/basketitem.ts", "models/captcha.ts", "models/card.ts", "models/challenge.ts", "models/complaint.ts", "models/delivery.ts", "models/feedback.ts", "models/imageCaptcha.ts", "models/index.ts", "models/memory.ts", "models/privacyRequests.ts", "models/product.ts", "models/quantity.ts", "models/recycle.ts", "models/relations.ts", "models/securityAnswer.ts", "models/securityQuestion.ts", "models/user.ts", "models/wallet.ts", "monitoring/grafana-dashboard.json", "package.json", "routes/2fa.ts", "routes/address.ts", "routes/angular.ts", "routes/appConfiguration.ts", "routes/appVersion.ts", "routes/authenticatedUsers.ts", "routes/b2bOrder.ts", "routes/basket.ts", "routes/basketItems.ts", "routes/captcha.ts", "routes/changePassword.ts", "routes/chatbot.ts", "routes/continueCode.ts", "routes/countryMapping.ts", "routes/coupon.ts", "routes/createProductReviews.ts", "routes/currentUser.ts", "routes/dataErasure.ts", "routes/dataExport.ts", "routes/delivery.ts", "routes/deluxe.ts", "routes/easterEgg.ts", "routes/fileServer.ts", "routes/fileUpload.ts", "routes/imageCaptcha.ts", "routes/keyServer.ts", "routes/languages.ts", "routes/likeProductReviews.ts", "routes/logfileServer.ts", "routes/login.ts", "routes/memory.ts", "routes/metrics.ts", "routes/order.ts", "routes/orderHistory.ts", "routes/payment.ts", "routes/premiumReward.ts", "routes/privacyPolicyProof.ts", "routes/profileImageFileUpload.ts", "routes/profileImageUrlUpload.ts", "routes/quarantineServer.ts", "routes/recycles.ts", "routes/redirect.ts", "routes/repeatNotification.ts", "routes/resetPassword.ts", "routes/restoreProgress.ts", "routes/saveLoginIp.ts", "routes/search.ts", "routes/securityQuestion.ts", "routes/showProductReviews.ts", "routes/trackOrder.ts", "routes/updateProductReviews.ts", "routes/updateUserProfile.ts", "routes/userProfile.ts", "routes/verify.ts", "routes/videoHandler.ts", "routes/vulnCodeFixes.ts", "routes/vulnCodeSnippet.ts", "routes/wallet.ts", "rsn/cache.json", "rsn/rsn-update.ts", "rsn/rsn-verbose.ts", "rsn/rsn.ts", "rsn/rsnUtil.ts", "screenshots/git-stats.png", "screenshots/screenshot01.png", "screenshots/screenshot02.png", "screenshots/screenshot03.png", "screenshots/screenshot04.png", "screenshots/screenshot05.png", "screenshots/slideshow.gif", "server.ts", "swagger.yml", "threat-model.json", "tsconfig.json", "uploads/complaints/.gitkeep", "vagrant/Vagrantfile", "vagrant/bootstrap.sh", "vagrant/default.conf", "views/dataErasureForm.hbs", "views/dataErasureResult.hbs", "views/promotionVideo.pug", "views/themes/themes.js", "views/userProfile.pug"]}, "results": [{"check_id": "generic.secrets.security.detected-jwt-token.detected-jwt-token", "end": {"col": 148, "line": 40, "offset": 1478}, "extra": {"engine_kind": "OSS", "fingerprint": "31975eac69c3a7e56e580dfdd7b4d5a27a35acf96b95878e3b2c52f4e10b04ce75bcf4b0250b84afa7f5d6708b39eef5a0d31595bb4aeac52cdc335521df692d_0", "is_ignored": false, "lines": " localStorage.setItem('token', 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c')", "message": "JWT token detected", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-321: Use of Hard-coded Cryptographic Key"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A02:2021 - Cryptographic Failures"], "references": ["https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "kxU8E8", "url": "https://semgrep.dev/playground/r/9lTzk5/generic.secrets.security.detected-jwt-token.detected-jwt-token", "version_id": "9lTzk5"}}, "shortlink": "https://sg.run/05N5", "source": "https://semgrep.dev/r/generic.secrets.security.detected-jwt-token.detected-jwt-token", "source-rule-url": "https://github.com/Yelp/detect-secrets/blob/master/detect_secrets/plugins/jwt.py", "subcategory": ["audit"], "technology": ["secrets", "jwt"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {}, "severity": "ERROR"}, "path": "frontend/src/app/app.guard.spec.ts", "start": {"col": 36, "line": 40, "offset": 1366}}, {"check_id": "generic.secrets.security.detected-jwt-token.detected-jwt-token", "end": {"col": 120, "line": 50, "offset": 1744}, "extra": {"engine_kind": "OSS", "fingerprint": "44496b4dc6aa74523e21e15d7cc529a0fe40e35bb3568a26bea6a1beb5d0afc8b9950020669a5b97034f13e19129dd58f9f59df24038dad6b58280b86e51f40f_0", "is_ignored": false, "lines": " localStorage.setItem('token', 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7Imxhc3RMb2dpbklwIjoiMS4yLjMuNCJ9fQ.RAkmdqwNypuOxv3SDjPO4xMKvd1CddKvDFYDBfUt3bg')", "message": "JWT token detected", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-321: Use of Hard-coded Cryptographic Key"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A02:2021 - Cryptographic Failures"], "references": ["https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "kxU8E8", "url": "https://semgrep.dev/playground/r/9lTzk5/generic.secrets.security.detected-jwt-token.detected-jwt-token", "version_id": "9lTzk5"}}, "shortlink": "https://sg.run/05N5", "source": "https://semgrep.dev/r/generic.secrets.security.detected-jwt-token.detected-jwt-token", "source-rule-url": "https://github.com/Yelp/detect-secrets/blob/master/detect_secrets/plugins/jwt.py", "subcategory": ["audit"], "technology": ["secrets", "jwt"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {}, "severity": "ERROR"}, "path": "frontend/src/app/last-login-ip/last-login-ip.component.spec.ts", "start": {"col": 36, "line": 50, "offset": 1660}}, {"check_id": "generic.secrets.security.detected-jwt-token.detected-jwt-token", "end": {"col": 89, "line": 56, "offset": 2154}, "extra": {"engine_kind": "OSS", "fingerprint": "44496b4dc6aa74523e21e15d7cc529a0fe40e35bb3568a26bea6a1beb5d0afc8b9950020669a5b97034f13e19129dd58f9f59df24038dad6b58280b86e51f40f_1", "is_ignored": false, "lines": " localStorage.setItem('token', 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7fX0.bVBhvll6IaeR3aUdoOeyR8YZe2S2DfhGAxTGfd9enLw')", "message": "JWT token detected", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-321: Use of Hard-coded Cryptographic Key"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A02:2021 - Cryptographic Failures"], "references": ["https://semgrep.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "kxU8E8", "url": "https://semgrep.dev/playground/r/9lTzk5/generic.secrets.security.detected-jwt-token.detected-jwt-token", "version_id": "9lTzk5"}}, "shortlink": "https://sg.run/05N5", "source": "https://semgrep.dev/r/generic.secrets.security.detected-jwt-token.detected-jwt-token", "source-rule-url": "https://github.com/Yelp/detect-secrets/blob/master/detect_secrets/plugins/jwt.py", "subcategory": ["audit"], "technology": ["secrets", "jwt"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {}, "severity": "ERROR"}, "path": "frontend/src/app/last-login-ip/last-login-ip.component.spec.ts", "start": {"col": 36, "line": 56, "offset": 2101}}, {"check_id": "javascript.browser.security.eval-detected.eval-detected", "end": {"col": 36, "line": 23, "offset": 908}, "extra": {"engine_kind": "OSS", "fingerprint": "30e76aaa5bef79d7d1e08ea08a077f36bd5d9208a7539558327aaa05a7eeef20a0ebbda2e94cc6c562cdde67be2b6ab108bdfa8ceb90fa79d57cd6dff4c9bfee_0", "is_ignored": false, "lines": " const answer = eval(expression).toString() // eslint-disable-line no-eval", "message": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.", "metadata": {"asvs": {"control_id": "5.2.4 Dynamic Code Execution Features", "control_url": "https://github.com/OWASP/ASVS/blob/master/4.0/en/0x13-V5-Validation-Sanitization-Encoding.md#v52-sanitization-and-sandboxing", "section": "V5 Validation, Sanitization and Encoding", "version": "4"}, "category": "security", "confidence": "LOW", "cwe": ["CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A03:2021 - Injection"], "references": ["https://owasp.org/Top10/A03_2021-Injection"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "GdU7dw", "url": "https://semgrep.dev/playground/r/YDTovX/javascript.browser.security.eval-detected.eval-detected", "version_id": "YDTovX"}}, "shortlink": "https://sg.run/7ope", "source": "https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected", "subcategory": ["audit"], "technology": ["browser"], "vulnerability_class": ["Code Injection"]}, "metavars": {}, "severity": "WARNING"}, "path": "routes/captcha.ts", "start": {"col": 20, "line": 23, "offset": 892}}, {"check_id": "javascript.browser.security.eval-detected.eval-detected", "end": {"col": 36, "line": 36, "offset": 1479}, "extra": {"engine_kind": "OSS", "fingerprint": "d15c8803dcd0a83365b887c4207db4e681c9470c390b31cbb40733b5c358b1dc30a01071b536a6c562cf1d1dff32b7529c508947d34cd8da6bad5958cb4f531a_0", "is_ignored": false, "lines": " username = eval(code) // eslint-disable-line no-eval", "message": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.", "metadata": {"asvs": {"control_id": "5.2.4 Dynamic Code Execution Features", "control_url": "https://github.com/OWASP/ASVS/blob/master/4.0/en/0x13-V5-Validation-Sanitization-Encoding.md#v52-sanitization-and-sandboxing", "section": "V5 Validation, Sanitization and Encoding", "version": "4"}, "category": "security", "confidence": "LOW", "cwe": ["CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A03:2021 - Injection"], "references": ["https://owasp.org/Top10/A03_2021-Injection"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "GdU7dw", "url": "https://semgrep.dev/playground/r/YDTovX/javascript.browser.security.eval-detected.eval-detected", "version_id": "YDTovX"}}, "shortlink": "https://sg.run/7ope", "source": "https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected", "subcategory": ["audit"], "technology": ["browser"], "vulnerability_class": ["Code Injection"]}, "metavars": {}, "severity": "WARNING"}, "path": "routes/userProfile.ts", "start": {"col": 26, "line": 36, "offset": 1469}}, {"check_id": "javascript.browser.security.insecure-document-method.insecure-document-method", "end": {"col": 45, "line": 11375, "offset": 225452}, "extra": {"engine_kind": "OSS", "fingerprint": "ae51028ccac7c9b7699a8ed6ca54adf3ac278f62ad29e3da9daa4f29c0ec121e0e2f471a8a7697bb6fe44aa42a91d64ce39bf563a87cea2c7339dc4b4f353d13_0", "is_ignored": false, "lines": "\t\tthis.statusDomElement.innerHTML = message;", "message": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://owasp.org/Top10/A03_2021-Injection"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "ReUg41", "url": "https://semgrep.dev/playground/r/6xTeJb/javascript.browser.security.insecure-document-method.insecure-document-method", "version_id": "6xTeJb"}}, "shortlink": "https://sg.run/LwA9", "source": "https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method", "subcategory": ["audit"], "technology": ["browser"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$EL": {"abstract_content": "this.statusDomElement", "end": {"col": 24, "line": 11375, "offset": 225431}, "start": {"col": 3, "line": 11375, "offset": 225410}}, "$HTML": {"abstract_content": "message", "end": {"col": 44, "line": 11375, "offset": 225451}, "start": {"col": 37, "line": 11375, "offset": 225444}}}, "severity": "ERROR"}, "path": "frontend/src/assets/private/three.js", "start": {"col": 3, "line": 11375, "offset": 225410}}, {"check_id": "javascript.browser.security.insecure-document-method.insecure-document-method", "end": {"col": 43, "line": 107, "offset": 3433}, "extra": {"engine_kind": "OSS", "fingerprint": "2c98e3f2a3876269bc65deaaaf7d15babb665e2ef3c1ad4d5f0a13c8b18a4e1e5d025a370b85781ad5d3d629000ef15e98f99eddabd1b2ef147f05f1bb0acbc1_0", "is_ignored": false, "lines": " textBox.innerHTML = snarkdown(hint.text)", "message": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://owasp.org/Top10/A03_2021-Injection"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "ReUg41", "url": "https://semgrep.dev/playground/r/6xTeJb/javascript.browser.security.insecure-document-method.insecure-document-method", "version_id": "6xTeJb"}}, "shortlink": "https://sg.run/LwA9", "source": "https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method", "subcategory": ["audit"], "technology": ["browser"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$EL": {"abstract_content": "textBox", "end": {"col": 10, "line": 107, "offset": 3400}, "start": {"col": 3, "line": 107, "offset": 3393}}, "$HTML": {"abstract_content": "snarkdown(hint.text)", "end": {"col": 43, "line": 107, "offset": 3433}, "start": {"col": 23, "line": 107, "offset": 3413}}}, "severity": "ERROR"}, "path": "frontend/src/hacking-instructor/index.ts", "start": {"col": 3, "line": 107, "offset": 3393}}, {"check_id": "javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape", "end": {"col": 40, "line": 79, "offset": 3969}, "extra": {"engine_kind": "OSS", "fingerprint": "a15f585b68d6d123be356ae999949a88694dcee167c404b60d277df0ecb69aceaa54652bb72451e4c0cd5b1e6152730adc6dc1c6487ae2b3dc443410f1188dc4_0", "is_ignored": false, "lines": " if (splitted.length != 2) {", "message": "Detected an explicit unescape in a Pug template, using either '!=' or '!{...}'. If external data can reach these locations, your application is exposed to a cross-site scripting (XSS) vulnerability. If you must do this, ensure no external data can reach this location.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://pugjs.org/language/code.html#unescaped-buffered-code", "https://pugjs.org/language/attributes.html#unescaped-attributes"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "WAUonl", "url": "https://semgrep.dev/playground/r/2KT13b/javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape", "version_id": "2KT13b"}}, "shortlink": "https://sg.run/3xbe", "source": "https://semgrep.dev/r/javascript.express.security.audit.xss.pug.explicit-unescape.template-explicit-unescape", "subcategory": ["audit"], "technology": ["express"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$1": {"abstract_content": "!=", "end": {"col": 35, "line": 79, "offset": 3964}, "start": {"col": 33, "line": 79, "offset": 3962}}}, "severity": "WARNING"}, "path": "views/promotionVideo.pug", "start": {"col": 13, "line": 79, "offset": 3942}}, {"check_id": "javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret", "end": {"col": 66, "line": 56, "offset": 2794}, "extra": {"dataflow_trace": {"taint_sink": ["CliLoc", [{"end": {"col": 66, "line": 56, "offset": 2794}, "path": "lib/insecurity.ts", "start": {"col": 56, "line": 56, "offset": 2784}}, "privateKey"]], "taint_source": ["CliLoc", [{"end": {"col": 108, "line": 56, "offset": 2836}, "path": "lib/insecurity.ts", "start": {"col": 41, "line": 56, "offset": 2769}}, "jwt.sign(user, privateKey, { expiresIn: '6h', algorithm: 'RS256' })"]]}, "engine_kind": "OSS", "fingerprint": "407f1f277b2b9bbecfd4a1e21acb4c2bcdd9a47a10ea5e668918227cb67f2e0f2a1140a3159493dfc76fba4469e627b5dfb28aebd87858c747ae864157d22a59_0", "is_ignored": false, "lines": "export const authorize = (user = {}) => jwt.sign(user, privateKey, { expiresIn: '6h', algorithm: 'RS256' })", "message": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).", "metadata": {"asvs": {"control_id": "3.5.2 Static API keys or secret", "control_url": "https://github.com/OWASP/ASVS/blob/master/4.0/en/0x12-V3-Session-management.md#v35-token-based-session-management", "section": "V3: Session Management Verification Requirements", "version": "4"}, "category": "security", "confidence": "HIGH", "cwe": ["CWE-798: Use of Hard-coded Credentials"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A07:2021 - Identification and Authentication Failures"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_CheatSheet.html"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "WAUon7", "url": "https://semgrep.dev/playground/r/DkTQYj/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret", "version_id": "DkTQYj"}}, "shortlink": "https://sg.run/4xN9", "source": "https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret", "subcategory": ["vuln"], "technology": ["jwt", "javascript", "secrets"], "vulnerability_class": ["Hard-coded Secrets"]}, "metavars": {"$DATA": {"abstract_content": "user", "end": {"col": 54, "line": 56, "offset": 2782}, "start": {"col": 50, "line": 56, "offset": 2778}}, "$JWT": {"abstract_content": "jwt", "end": {"col": 44, "line": 56, "offset": 2772}, "start": {"col": 41, "line": 56, "offset": 2769}}, "$VALUE": {"abstract_content": "user", "end": {"col": 54, "line": 56, "offset": 2782}, "start": {"col": 50, "line": 56, "offset": 2778}}, "$Y": {"abstract_content": "-----BEGIN RSA PRIVATE KEY-----\\r\\nMIICXAIBAAKBgQDNwqLEe9wgTXCbC7+RPdDbBbeqjdbs4kOPOIGzqLpXvJXlxxW8iMz0EaM4BKUqYsIa+ndv3NAn2RxCd5ubVdJJcX43zO6Ko0TFEZx/65gY3BE0O6syCEmUP4qbSd6exou/F+WTISzbQ5FBVPVmhnYhG/kpwt/cIxK5iUn5hm+4tQIDAQABAoGBAI+8xiPoOrA+KMnG/T4jJsG6TsHQcDHvJi7o1IKC/hnIXha0atTX5AUkRRce95qSfvKFweXdJXSQ0JMGJyfuXgU6dI0TcseFRfewXAa/ssxAC+iUVR6KUMh1PE2wXLitfeI6JLvVtrBYswm2I7CtY0q8n5AGimHWVXJPLfGV7m0BAkEA+fqFt2LXbLtyg6wZyxMA/cnmt5Nt3U2dAu77MzFJvibANUNHE4HPLZxjGNXN+a6m0K6TD4kDdh5HfUYLWWRBYQJBANK3carmulBwqzcDBjsJ0YrIONBpCAsXxk8idXb8jL9aNIg15Wumm2enqqObahDHB5jnGOLmbasizvSVqypfM9UCQCQl8xIqy+YgURXzXCN+kwUgHinrutZms87Jyi+D8Br8NY0+Nlf+zHvXAomD2W5CsEK7C+8SLBr3k/TsnRWHJuECQHFE9RA2OP8WoaLPuGCyFXaxzICThSRZYluVnWkZtxsBhW2W8z1b8PvWUE7kMy7TnkzeJS2LSnaNHoyxi7IaPQUCQCwWU4U+v4lD7uYBw00Ga/xt+7+UqFPlPVdz1yyr4q24Zxaw0LgmuEvgU5dycq8N7JxjTubX0MIRR+G9fmDBBl8=\\r\\n-----END RSA PRIVATE KEY-----", "end": {"col": 901, "line": 23, "offset": 1667}, "start": {"col": 21, "line": 23, "offset": 787}}}, "severity": "WARNING"}, "path": "lib/insecurity.ts", "start": {"col": 56, "line": 56, "offset": 2784}}, {"check_id": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "end": {"col": 67, "line": 76, "offset": 3002}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "challengeKey", "location": {"end": {"col": 73, "line": 58, "offset": 1954}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1942}}}], "taint_sink": ["CliLoc", [{"end": {"col": 67, "line": 76, "offset": 3002}, "path": "lib/codingChallenges.ts", "start": {"col": 9, "line": 76, "offset": 2944}}, "new RegExp(`vuln-code-snippet vuln-line.*${challengeKey}`)"]], "taint_source": ["CliLoc", [{"end": {"col": 73, "line": 58, "offset": 1954}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1942}}, "challengeKey"]]}, "engine_kind": "OSS", "fingerprint": "4beb0ef5efde79fe3b584d2109fe1ceea237470d3b6dc88cdcf5ae8eaa93534fe28d14b89b596c14d827cc48b012a5dfcb6faa709a0eb1e7e9ef68e31224653a_0", "is_ignored": false, "lines": " if (new RegExp(`vuln-code-snippet vuln-line.*${challengeKey}`).exec(lines[i]) != null) {", "message": "RegExp() called with a `challengeKey` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-1333: Inefficient Regular Expression Complexity"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "MEDIUM", "owasp": ["A05:2021 - Security Misconfiguration", "A06:2017 - Security Misconfiguration"], "references": ["https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "zdU1gD", "url": "https://semgrep.dev/playground/r/YDTonX/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "version_id": "YDTonX"}}, "shortlink": "https://sg.run/gr65", "source": "https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "source-rule-url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-non-literal-regexp.js", "subcategory": ["vuln"], "technology": ["javascript"], "vulnerability_class": ["Denial-of-Service (DoS)"]}, "metavars": {"$ARG": {"abstract_content": "challengeKey", "end": {"col": 73, "line": 58, "offset": 1954}, "start": {"col": 61, "line": 58, "offset": 1942}}}, "severity": "WARNING"}, "path": "lib/codingChallenges.ts", "start": {"col": 9, "line": 76, "offset": 2944}}, {"check_id": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "end": {"col": 77, "line": 78, "offset": 3133}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "challengeKey", "location": {"end": {"col": 73, "line": 58, "offset": 1954}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1942}}}], "taint_sink": ["CliLoc", [{"end": {"col": 77, "line": 78, "offset": 3133}, "path": "lib/codingChallenges.ts", "start": {"col": 16, "line": 78, "offset": 3072}}, "new RegExp(`vuln-code-snippet neutral-line.*${challengeKey}`)"]], "taint_source": ["CliLoc", [{"end": {"col": 73, "line": 58, "offset": 1954}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1942}}, "challengeKey"]]}, "engine_kind": "OSS", "fingerprint": "4beb0ef5efde79fe3b584d2109fe1ceea237470d3b6dc88cdcf5ae8eaa93534fe28d14b89b596c14d827cc48b012a5dfcb6faa709a0eb1e7e9ef68e31224653a_1", "is_ignored": false, "lines": " } else if (new RegExp(`vuln-code-snippet neutral-line.*${challengeKey}`).exec(lines[i]) != null) {", "message": "RegExp() called with a `challengeKey` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-1333: Inefficient Regular Expression Complexity"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "MEDIUM", "owasp": ["A05:2021 - Security Misconfiguration", "A06:2017 - Security Misconfiguration"], "references": ["https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "zdU1gD", "url": "https://semgrep.dev/playground/r/YDTonX/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "version_id": "YDTonX"}}, "shortlink": "https://sg.run/gr65", "source": "https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "source-rule-url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-non-literal-regexp.js", "subcategory": ["vuln"], "technology": ["javascript"], "vulnerability_class": ["Denial-of-Service (DoS)"]}, "metavars": {"$ARG": {"abstract_content": "challengeKey", "end": {"col": 73, "line": 58, "offset": 1954}, "start": {"col": 61, "line": 58, "offset": 1942}}}, "severity": "WARNING"}, "path": "lib/codingChallenges.ts", "start": {"col": 16, "line": 78, "offset": 3072}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 65, "line": 41, "offset": 1651}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 30, "line": 40, "offset": 1575}, "path": "data/datacreator.ts", "start": {"col": 26, "line": 40, "offset": 1571}}}], "taint_sink": ["CliLoc", [{"end": {"col": 65, "line": 41, "offset": 1651}, "path": "data/datacreator.ts", "start": {"col": 33, "line": 41, "offset": 1619}}, "'./data/static/' + file + '.yml'"]], "taint_source": ["CliLoc", [{"end": {"col": 30, "line": 40, "offset": 1575}, "path": "data/datacreator.ts", "start": {"col": 26, "line": 40, "offset": 1571}}, "file"]]}, "engine_kind": "OSS", "fingerprint": "cc63a684cea621802562c3aabc866f05b37b9f8658bd0fe4c88e63588609de300bfaabd7191f7ee48bd8017671c3f8e0190de52fa986158dafb899463b79b3ae_0", "is_ignored": false, "lines": " const filePath = path.resolve('./data/static/' + file + '.yml')", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 24, "line": 41, "offset": 1610}, "start": {"col": 20, "line": 41, "offset": 1606}}, "$SINK": {"abstract_content": "'./data/static/'+file+'.yml'", "end": {"col": 65, "line": 41, "offset": 1651}, "start": {"col": 33, "line": 41, "offset": 1619}}, "$X": {"abstract_content": "file", "end": {"col": 30, "line": 40, "offset": 1575}, "start": {"col": 26, "line": 40, "offset": 1571}}}, "severity": "WARNING"}, "path": "data/datacreator.ts", "start": {"col": 33, "line": 41, "offset": 1619}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 48, "line": 24, "offset": 733}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "paths", "location": {"end": {"col": 56, "line": 18, "offset": 423}, "path": "lib/codingChallenges.ts", "start": {"col": 51, "line": 18, "offset": 418}}}, {"content": "currPath", "location": {"end": {"col": 22, "line": 20, "offset": 513}, "path": "lib/codingChallenges.ts", "start": {"col": 14, "line": 20, "offset": 505}}}], "taint_sink": ["CliLoc", [{"end": {"col": 48, "line": 24, "offset": 733}, "path": "lib/codingChallenges.ts", "start": {"col": 40, "line": 24, "offset": 725}}, "currPath"]], "taint_source": ["CliLoc", [{"end": {"col": 56, "line": 18, "offset": 423}, "path": "lib/codingChallenges.ts", "start": {"col": 51, "line": 18, "offset": 418}}, "paths"]]}, "engine_kind": "OSS", "fingerprint": "5145e9912a0e79e194c9050f1c58cf9fe01b555fd8e94909ac53dbebb8256687397d088f32935eed5baa69b57aa03e31b0950eb1537acab5f50c41ca4c60d834_0", "is_ignored": false, "lines": " files.map(file => path.resolve(currPath, file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 31, "line": 24, "offset": 716}, "start": {"col": 27, "line": 24, "offset": 712}}, "$SINK": {"abstract_content": "currPath", "end": {"col": 48, "line": 24, "offset": 733}, "start": {"col": 40, "line": 24, "offset": 725}}, "$X": {"abstract_content": "paths", "end": {"col": 56, "line": 18, "offset": 423}, "start": {"col": 51, "line": 18, "offset": 418}}}, "severity": "WARNING"}, "path": "lib/codingChallenges.ts", "start": {"col": 40, "line": 24, "offset": 725}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 54, "line": 24, "offset": 739}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 23, "line": 24, "offset": 708}, "path": "lib/codingChallenges.ts", "start": {"col": 19, "line": 24, "offset": 704}}}], "taint_sink": ["CliLoc", [{"end": {"col": 54, "line": 24, "offset": 739}, "path": "lib/codingChallenges.ts", "start": {"col": 50, "line": 24, "offset": 735}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 23, "line": 24, "offset": 708}, "path": "lib/codingChallenges.ts", "start": {"col": 19, "line": 24, "offset": 704}}, "file"]]}, "engine_kind": "OSS", "fingerprint": "a6424c290a3d1ef7aaa9533f4137914e2342c087a9543d3568c2caa357e1853f8ebfd743c9e4df16ee1893789382fdc9498da208cc2264a2cb656b226e3d16b4_0", "is_ignored": false, "lines": " files.map(file => path.resolve(currPath, file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 31, "line": 24, "offset": 716}, "start": {"col": 27, "line": 24, "offset": 712}}, "$SINK": {"abstract_content": "file", "end": {"col": 54, "line": 24, "offset": 739}, "start": {"col": 50, "line": 24, "offset": 735}}, "$X": {"abstract_content": "file", "end": {"col": 23, "line": 24, "offset": 708}, "start": {"col": 19, "line": 24, "offset": 704}}}, "severity": "WARNING"}, "path": "lib/codingChallenges.ts", "start": {"col": 50, "line": 24, "offset": 735}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 129, "line": 30, "offset": 1066}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "filename", "location": {"end": {"col": 26, "line": 30, "offset": 963}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 18, "line": 30, "offset": 955}}}], "taint_sink": ["CliLoc", [{"end": {"col": 129, "line": 30, "offset": 1066}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 80, "line": 30, "offset": 1017}}, "filename.substring(filename.lastIndexOf('/') + 1)"]], "taint_source": ["CliLoc", [{"end": {"col": 26, "line": 30, "offset": 963}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 18, "line": 30, "offset": 955}}, "filename"]]}, "engine_kind": "OSS", "fingerprint": "2c1ed46a95df027eb77813b1205bf0482eae6338d0b4921cc2584dd56e7ea6f48a513a398c46a0dcf5cac18a363e5dca9147878eea933fcb6ace30864c751009_0", "is_ignored": false, "lines": " files.map((filename: string) => copyFile(filename, path.resolve('i18n/', filename.substring(filename.lastIndexOf('/') + 1))))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "filename.substring(filename.lastIndexOf('/')+1)", "end": {"col": 129, "line": 30, "offset": 1066}, "start": {"col": 80, "line": 30, "offset": 1017}}, "$X": {"abstract_content": "filename", "end": {"col": 26, "line": 30, "offset": 963}, "start": {"col": 18, "line": 30, "offset": 955}}}, "severity": "WARNING"}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 80, "line": 30, "offset": 1017}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 55, "line": 95, "offset": 3809}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "pathRelativeToProjectRoot", "location": {"end": {"col": 67, "line": 92, "offset": 3639}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 42, "line": 92, "offset": 3614}}}], "taint_sink": ["CliLoc", [{"end": {"col": 55, "line": 95, "offset": 3809}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 30, "line": 95, "offset": 3784}}, "pathRelativeToProjectRoot"]], "taint_source": ["CliLoc", [{"end": {"col": 67, "line": 92, "offset": 3639}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 42, "line": 92, "offset": 3614}}, "pathRelativeToProjectRoot"]]}, "engine_kind": "OSS", "fingerprint": "eece54dc5f65980d98c700ee02453e9a4b301c904bd3a0a8053aa8d91b0421a6f7f6773f8c05ae90b778d852ccff55d567da1a5816e61d1c33e6663699c299c0_0", "is_ignored": false, "lines": " return access(path.resolve(pathRelativeToProjectRoot)).then(() => {", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 21, "line": 95, "offset": 3775}, "start": {"col": 17, "line": 95, "offset": 3771}}, "$SINK": {"abstract_content": "pathRelativeToProjectRoot", "end": {"col": 55, "line": 95, "offset": 3809}, "start": {"col": 30, "line": 95, "offset": 3784}}, "$X": {"abstract_content": "pathRelativeToProjectRoot", "end": {"col": 67, "line": 92, "offset": 3639}, "start": {"col": 42, "line": 92, "offset": 3614}}}, "severity": "WARNING"}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 30, "line": 95, "offset": 3784}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 60, "line": 69, "offset": 2284}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "req", "location": {"end": {"col": 28, "line": 54, "offset": 1740}, "path": "routes/dataErasure.ts", "start": {"col": 25, "line": 54, "offset": 1737}}}], "taint_sink": ["CliLoc", [{"end": {"col": 60, "line": 69, "offset": 2284}, "path": "routes/dataErasure.ts", "start": {"col": 45, "line": 69, "offset": 2269}}, "req.body.layout"]], "taint_source": ["CliLoc", [{"end": {"col": 28, "line": 54, "offset": 1740}, "path": "routes/dataErasure.ts", "start": {"col": 25, "line": 54, "offset": 1737}}, "req"]]}, "engine_kind": "OSS", "fingerprint": "8f6f91eeb13bdb8118b87cf066031dd72e61e05bec64d88574f743d851fd60f45b2051285e3133cdf29e0dca864535851ec5870820b19b6015b20e807407f3a0_0", "is_ignored": false, "lines": " const filePath: string = path.resolve(req.body.layout).toLowerCase()", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 36, "line": 69, "offset": 2260}, "start": {"col": 32, "line": 69, "offset": 2256}}, "$SINK": {"abstract_content": "req.body.layout", "end": {"col": 60, "line": 69, "offset": 2284}, "start": {"col": 45, "line": 69, "offset": 2269}}, "$X": {"abstract_content": "req", "end": {"col": 28, "line": 54, "offset": 1740}, "start": {"col": 25, "line": 54, "offset": 1737}}}, "severity": "WARNING"}, "path": "routes/dataErasure.ts", "start": {"col": 45, "line": 69, "offset": 2269}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 45, "line": 33, "offset": 1176}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 24, "line": 26, "offset": 765}, "path": "routes/fileServer.ts", "start": {"col": 20, "line": 26, "offset": 761}}}], "taint_sink": ["CliLoc", [{"end": {"col": 45, "line": 33, "offset": 1176}, "path": "routes/fileServer.ts", "start": {"col": 41, "line": 33, "offset": 1172}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 24, "line": 26, "offset": 765}, "path": "routes/fileServer.ts", "start": {"col": 20, "line": 26, "offset": 761}}, "file"]]}, "engine_kind": "OSS", "fingerprint": "1e3f3b33d36e8279b541c97a9a40a03f2c1fd84c4eba94e9360fe6ffa9cd156a042ce1538c8e963a85cb673ca5eb2fd36fc2ec7ebea0a6d492e7c339e9b06477_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('ftp/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 45, "line": 33, "offset": 1176}, "propagated_value": {"svalue_abstract_content": "security.cutOffPoisonNullByte(file)", "svalue_end": {"col": 49, "line": 28, "offset": 953}, "svalue_start": {"col": 14, "line": 28, "offset": 918}}, "start": {"col": 41, "line": 33, "offset": 1172}}, "$X": {"abstract_content": "file", "end": {"col": 24, "line": 26, "offset": 765}, "start": {"col": 20, "line": 26, "offset": 761}}}, "severity": "WARNING"}, "path": "routes/fileServer.ts", "start": {"col": 41, "line": 33, "offset": 1172}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 55, "line": 29, "offset": 972}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 37, "line": 24, "offset": 656}, "path": "routes/fileUpload.ts", "start": {"col": 33, "line": 24, "offset": 652}}}, {"content": "filename", "location": {"end": {"col": 21, "line": 28, "offset": 883}, "path": "routes/fileUpload.ts", "start": {"col": 13, "line": 28, "offset": 875}}}], "taint_sink": ["CliLoc", [{"end": {"col": 55, "line": 29, "offset": 972}, "path": "routes/fileUpload.ts", "start": {"col": 47, "line": 29, "offset": 964}}, "filename"]], "taint_source": ["CliLoc", [{"end": {"col": 37, "line": 24, "offset": 656}, "path": "routes/fileUpload.ts", "start": {"col": 33, "line": 24, "offset": 652}}, "file"]]}, "engine_kind": "OSS", "fingerprint": "fe8ce24a613634985a2fdfec2653cc2267fdbf02f4641c0c6361f59b0f472200e32974a22514877813f746bf8aa4e48da76a502370a356171b32816d3e0aeaff_0", "is_ignored": false, "lines": " const tempFile = path.join(os.tmpdir(), filename)", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 28, "line": 29, "offset": 945}, "start": {"col": 24, "line": 29, "offset": 941}}, "$SINK": {"abstract_content": "filename", "end": {"col": 55, "line": 29, "offset": 972}, "propagated_value": {"svalue_abstract_content": "file.originalname.toLowerCase()", "svalue_end": {"col": 55, "line": 28, "offset": 917}, "svalue_start": {"col": 24, "line": 28, "offset": 886}}, "start": {"col": 47, "line": 29, "offset": 964}}, "$X": {"abstract_content": "file", "end": {"col": 37, "line": 24, "offset": 656}, "start": {"col": 33, "line": 24, "offset": 652}}}, "severity": "WARNING"}, "path": "routes/fileUpload.ts", "start": {"col": 47, "line": 29, "offset": 964}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 83, "line": 39, "offset": 1468}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "entry", "location": {"end": {"col": 43, "line": 37, "offset": 1333}, "path": "routes/fileUpload.ts", "start": {"col": 38, "line": 37, "offset": 1328}}}, {"content": "fileName", "location": {"end": {"col": 31, "line": 38, "offset": 1372}, "path": "routes/fileUpload.ts", "start": {"col": 23, "line": 38, "offset": 1364}}}], "taint_sink": ["CliLoc", [{"end": {"col": 83, "line": 39, "offset": 1468}, "path": "routes/fileUpload.ts", "start": {"col": 51, "line": 39, "offset": 1436}}, "'uploads/complaints/' + fileName"]], "taint_source": ["CliLoc", [{"end": {"col": 43, "line": 37, "offset": 1333}, "path": "routes/fileUpload.ts", "start": {"col": 38, "line": 37, "offset": 1328}}, "entry"]]}, "engine_kind": "OSS", "fingerprint": "02e960aad52bb6a6ac53d36883a93b820d27ba8c4ae6198a5d1fb6d7d7219a598e38daaf8d58979554318156073c83d0df83bc965a5feea3c9eadf70b3c93528_0", "is_ignored": false, "lines": " const absolutePath = path.resolve('uploads/complaints/' + fileName)", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 42, "line": 39, "offset": 1427}, "start": {"col": 38, "line": 39, "offset": 1423}}, "$SINK": {"abstract_content": "'uploads/complaints/'+fileName", "end": {"col": 83, "line": 39, "offset": 1468}, "start": {"col": 51, "line": 39, "offset": 1436}}, "$X": {"abstract_content": "entry", "end": {"col": 43, "line": 37, "offset": 1333}, "start": {"col": 38, "line": 37, "offset": 1328}}}, "severity": "WARNING"}, "path": "routes/fileUpload.ts", "start": {"col": 51, "line": 39, "offset": 1436}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 56, "line": 14, "offset": 442}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 273}, "path": "routes/keyServer.ts", "start": {"col": 13, "line": 10, "offset": 267}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 340}, "path": "routes/keyServer.ts", "start": {"col": 11, "line": 11, "offset": 336}}}], "taint_sink": ["CliLoc", [{"end": {"col": 56, "line": 14, "offset": 442}, "path": "routes/keyServer.ts", "start": {"col": 52, "line": 14, "offset": 438}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 273}, "path": "routes/keyServer.ts", "start": {"col": 13, "line": 10, "offset": 267}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "86525df296906715978baf46047e65645943534cc7a97d5e3537964353aed1cc0fc9c2da7f0900db55f0361bea671a7ba3de80d06bfa7c36b661cfaf57e571c7_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('encryptionkeys/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 56, "line": 14, "offset": 442}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 354}, "svalue_start": {"col": 18, "line": 11, "offset": 343}}, "start": {"col": 52, "line": 14, "offset": 438}}, "$X": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 273}, "start": {"col": 13, "line": 10, "offset": 267}}}, "severity": "WARNING"}, "path": "routes/keyServer.ts", "start": {"col": 52, "line": 14, "offset": 438}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 46, "line": 14, "offset": 432}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 273}, "path": "routes/logfileServer.ts", "start": {"col": 13, "line": 10, "offset": 267}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 340}, "path": "routes/logfileServer.ts", "start": {"col": 11, "line": 11, "offset": 336}}}], "taint_sink": ["CliLoc", [{"end": {"col": 46, "line": 14, "offset": 432}, "path": "routes/logfileServer.ts", "start": {"col": 42, "line": 14, "offset": 428}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 273}, "path": "routes/logfileServer.ts", "start": {"col": 13, "line": 10, "offset": 267}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "d177b84e6ddf49231a97d1d297db2808ebc4677136ef4dc413789d02f78a548e352e9a2d7db19408b45ded8d813ac370bb0b6c7d030aed7c633d36205983099c_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('logs/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 46, "line": 14, "offset": 432}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 354}, "svalue_start": {"col": 18, "line": 11, "offset": 343}}, "start": {"col": 42, "line": 14, "offset": 428}}, "$X": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 273}, "start": {"col": 13, "line": 10, "offset": 267}}}, "severity": "WARNING"}, "path": "routes/logfileServer.ts", "start": {"col": 42, "line": 14, "offset": 428}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 85, "line": 46, "offset": 1802}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "req", "location": {"end": {"col": 14, "line": 35, "offset": 1068}, "path": "routes/order.ts", "start": {"col": 11, "line": 35, "offset": 1065}}}, {"content": "customer", "location": {"end": {"col": 25, "line": 40, "offset": 1358}, "path": "routes/order.ts", "start": {"col": 17, "line": 40, "offset": 1350}}}, {"content": "email", "location": {"end": {"col": 22, "line": 41, "offset": 1420}, "path": "routes/order.ts", "start": {"col": 17, "line": 41, "offset": 1415}}}, {"content": "orderId", "location": {"end": {"col": 24, "line": 42, "offset": 1503}, "path": "routes/order.ts", "start": {"col": 17, "line": 42, "offset": 1496}}}, {"content": "pdfFile", "location": {"end": {"col": 24, "line": 43, "offset": 1596}, "path": "routes/order.ts", "start": {"col": 17, "line": 43, "offset": 1589}}}], "taint_sink": ["CliLoc", [{"end": {"col": 85, "line": 46, "offset": 1802}, "path": "routes/order.ts", "start": {"col": 78, "line": 46, "offset": 1795}}, "pdfFile"]], "taint_source": ["CliLoc", [{"end": {"col": 14, "line": 35, "offset": 1068}, "path": "routes/order.ts", "start": {"col": 11, "line": 35, "offset": 1065}}, "req"]]}, "engine_kind": "OSS", "fingerprint": "1fc353b4547904b691d2b711a5bc2312c013f79c9ee1b797db9e9f027f0ebd62a8f0ef476a112235ffeeb21966c5fec55b300554ebca2faf27e7a7d70c8fb592_0", "is_ignored": false, "lines": " const fileWriter = doc.pipe(fs.createWriteStream(path.join('ftp/', pdfFile)))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "pdfFile", "end": {"col": 85, "line": 46, "offset": 1802}, "propagated_value": {"svalue_abstract_content": "`order_ orderId.pdf", "svalue_end": {"col": 48, "line": 43, "offset": 1620}, "svalue_start": {"col": 27, "line": 43, "offset": 1599}}, "start": {"col": 78, "line": 46, "offset": 1795}}, "$X": {"abstract_content": "req", "end": {"col": 14, "line": 35, "offset": 1068}, "start": {"col": 11, "line": 35, "offset": 1065}}}, "severity": "WARNING"}, "path": "routes/order.ts", "start": {"col": 78, "line": 46, "offset": 1795}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 56, "line": 14, "offset": 456}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 280}, "path": "routes/quarantineServer.ts", "start": {"col": 13, "line": 10, "offset": 274}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 354}, "path": "routes/quarantineServer.ts", "start": {"col": 11, "line": 11, "offset": 350}}}], "taint_sink": ["CliLoc", [{"end": {"col": 56, "line": 14, "offset": 456}, "path": "routes/quarantineServer.ts", "start": {"col": 52, "line": 14, "offset": 452}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 280}, "path": "routes/quarantineServer.ts", "start": {"col": 13, "line": 10, "offset": 274}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "6e276646641c4f3fc6f7039fe808734e3582c286224503f566a39afa1800c8a7431e9a0df287da48449dacf0066946cd8efee56c655260a3bb6f8744e850415d_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('ftp/quarantine/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "8GUjrq", "url": "https://semgrep.dev/playground/r/BjTEkB/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "BjTEkB"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 56, "line": 14, "offset": 456}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 368}, "svalue_start": {"col": 18, "line": 11, "offset": 357}}, "start": {"col": 52, "line": 14, "offset": 452}}, "$X": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 280}, "start": {"col": 13, "line": 10, "offset": 274}}}, "severity": "WARNING"}, "path": "routes/quarantineServer.ts", "start": {"col": 52, "line": 14, "offset": 452}}, {"check_id": "javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag", "end": {"col": 169, "line": 69, "offset": 2739}, "extra": {"engine_kind": "OSS", "fingerprint": "fde17572f3af182fa82133427aa273d2a1448e390f9c14557d65eab9120e1cb862201465a25eb17cc7e5426f93bf534e942e56742437bb896fb0b32f8e25b6b0_0", "is_ignored": false, "lines": " compiledTemplate = compiledTemplate.replace('', '')", "message": "Cannot determine what 'subs' is and it is used with a '", "message": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-353: Missing Support for Integrity Check"], "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A08:2021 - Software and Data Integrity Failures"], "references": ["https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "AbUQzj", "url": "https://semgrep.dev/playground/r/jQTKQe/html.security.audit.missing-integrity.missing-integrity", "version_id": "jQTKQe"}}, "shortlink": "https://sg.run/krXA", "source": "https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity", "subcategory": ["audit"], "technology": ["html"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {"$...A": {"abstract_content": " src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"", "end": {"col": 91, "line": 15, "offset": 709}, "start": {"col": 10, "line": 15, "offset": 628}}}, "severity": "WARNING"}, "path": "frontend/src/index.html", "start": {"col": 3, "line": 15, "offset": 621}}, {"check_id": "html.security.audit.missing-integrity.missing-integrity", "end": {"col": 86, "line": 16, "offset": 805}, "extra": {"engine_kind": "OSS", "fingerprint": "ab869b84cd3cce468a9abb67a86e2356304cb35afb454d8b4dbe34688822d108528e66b93b15ad98b3fa2cfc0194be43af4781275309e4aa73b273b85f880df0_0", "is_ignored": false, "lines": " ", "message": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-353: Missing Support for Integrity Check"], "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A08:2021 - Software and Data Integrity Failures"], "references": ["https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "AbUQzj", "url": "https://semgrep.dev/playground/r/jQTKQe/html.security.audit.missing-integrity.missing-integrity", "version_id": "jQTKQe"}}, "shortlink": "https://sg.run/krXA", "source": "https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity", "subcategory": ["audit"], "technology": ["html"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {"$...A": {"abstract_content": " src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\"", "end": {"col": 76, "line": 16, "offset": 795}, "start": {"col": 10, "line": 16, "offset": 729}}}, "severity": "WARNING"}, "path": "frontend/src/index.html", "start": {"col": 3, "line": 16, "offset": 722}}, {"check_id": "contrib.nodejsscan.crypto_node.node_md5", "end": {"col": 43, "line": 73, "offset": 2247}, "extra": {"dataflow_trace": {"taint_sink": ["CliLoc", [{"end": {"col": 43, "line": 73, "offset": 2247}, "path": "Gruntfile.js", "start": {"col": 19, "line": 73, "offset": 2223}}, "crypto.createHash('md5')"]], "taint_source": ["CliLoc", [{"end": {"col": 42, "line": 73, "offset": 2246}, "path": "Gruntfile.js", "start": {"col": 37, "line": 73, "offset": 2241}}, "'md5'"]]}, "engine_kind": "OSS", "fingerprint": "c1423a0e46c0add2d8e6a8002e45784bac4e022ec620a3e19df127bf5685f256f932d49e4ad53ad567d40afc95122da23801e2e8392edf2833b3144ced4da837_0", "is_ignored": false, "lines": " const md5 = crypto.createHash('md5')", "message": "The MD5 hashing algorithm is considered to be weak. If this is used in any sensitive operation such as password hashing, or is used to ensure data integrity (collision sensitive) then you should use a stronger hashing algorithm. For passwords, consider using `Argon2id`, `scrypt`, or `bcrypt`. For data integrity, consider using `SHA-256`", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-327: Use of a Broken or Risky Cryptographic Algorithm"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A03:2017 - Sensitive Data Exposure", "A02:2021 - Cryptographic Failures"], "references": ["https://owasp.org/Top10/A02_2021-Cryptographic_Failures"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "GdU75E", "url": "https://semgrep.dev/playground/r/yeT6L5/contrib.nodejsscan.crypto_node.node_md5", "version_id": "yeT6L5"}}, "shortlink": "https://sg.run/dKBX", "source": "https://semgrep.dev/r/contrib.nodejsscan.crypto_node.node_md5", "subcategory": ["audit"], "technology": ["node.js"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {"$CRYPTO": {"abstract_content": "crypto", "end": {"col": 25, "line": 73, "offset": 2229}, "start": {"col": 19, "line": 73, "offset": 2223}}}, "severity": "WARNING"}, "path": "Gruntfile.js", "start": {"col": 19, "line": 73, "offset": 2223}}, {"check_id": "contrib.nodejsscan.crypto_node.node_md5", "end": {"col": 63, "line": 43, "offset": 2233}, "extra": {"dataflow_trace": {"taint_sink": ["CliLoc", [{"end": {"col": 63, "line": 43, "offset": 2233}, "path": "lib/insecurity.ts", "start": {"col": 39, "line": 43, "offset": 2209}}, "crypto.createHash('md5')"]], "taint_source": ["CliLoc", [{"end": {"col": 62, "line": 43, "offset": 2232}, "path": "lib/insecurity.ts", "start": {"col": 57, "line": 43, "offset": 2227}}, "'md5'"]]}, "engine_kind": "OSS", "fingerprint": "544a6e3a1ed6c234b9be6015db279ef37f50b9a31dc009e7d08d2ada815b1501b40c151aa69f2299fbec41cc23269cb0509a33bca1f7939f8f2f8538523f4731_0", "is_ignored": false, "lines": "export const hash = (data: string) => crypto.createHash('md5').update(data).digest('hex')", "message": "The MD5 hashing algorithm is considered to be weak. If this is used in any sensitive operation such as password hashing, or is used to ensure data integrity (collision sensitive) then you should use a stronger hashing algorithm. For passwords, consider using `Argon2id`, `scrypt`, or `bcrypt`. For data integrity, consider using `SHA-256`", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-327: Use of a Broken or Risky Cryptographic Algorithm"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A03:2017 - Sensitive Data Exposure", "A02:2021 - Cryptographic Failures"], "references": ["https://owasp.org/Top10/A02_2021-Cryptographic_Failures"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "GdU75E", "url": "https://semgrep.dev/playground/r/yeT6L5/contrib.nodejsscan.crypto_node.node_md5", "version_id": "yeT6L5"}}, "shortlink": "https://sg.run/dKBX", "source": "https://semgrep.dev/r/contrib.nodejsscan.crypto_node.node_md5", "subcategory": ["audit"], "technology": ["node.js"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {"$CRYPTO": {"abstract_content": "crypto", "end": {"col": 45, "line": 43, "offset": 2215}, "start": {"col": 39, "line": 43, "offset": 2209}}}, "severity": "WARNING"}, "path": "lib/insecurity.ts", "start": {"col": 39, "line": 43, "offset": 2209}}, {"check_id": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "end": {"col": 82, "line": 59, "offset": 2070}, "extra": {"engine_kind": "OSS", "fingerprint": "9fa5d4f9ee838f516fa47960eb756794dfa777c774e9b39aded42ac966208474faecc33edc588d26a35971045219cf6f2c9258803477f4060d0b970fff080f7f_0", "is_ignored": false, "lines": " tableData[i].description = tableData[i].description.replaceAll('<', '<').replaceAll('>', '>')", "message": "Detected a call to `replaceAll()` in an attempt to HTML escape the string `tableData[i].description`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://www.npmjs.com/package/dompurify", "https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "kxUYE9", "url": "https://semgrep.dev/playground/r/l4T5xb/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "version_id": "l4T5xb"}}, "shortlink": "https://sg.run/AzoB", "source": "https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "subcategory": ["audit"], "technology": ["javascript", "typescript"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$FUNC": {"abstract_content": "replaceAll", "end": {"col": 69, "line": 59, "offset": 2057}, "start": {"col": 59, "line": 59, "offset": 2047}}, "$STR": {"abstract_content": "tableData[i].description", "end": {"col": 58, "line": 59, "offset": 2046}, "start": {"col": 34, "line": 59, "offset": 2022}}}, "severity": "INFO"}, "path": "data/static/codefixes/restfulXssChallenge_2.ts", "start": {"col": 34, "line": 59, "offset": 2022}}, {"check_id": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "end": {"col": 106, "line": 59, "offset": 2094}, "extra": {"engine_kind": "OSS", "fingerprint": "95c70d4c6aa16c60d8380102c20b4dfdcb1213882eebed408ec0dc18e2047eaf29d079d517b1f509b287865a7f9587d7b9b43f02a0a5cf7d584a252f122da7e6_0", "is_ignored": false, "lines": " tableData[i].description = tableData[i].description.replaceAll('<', '<').replaceAll('>', '>')", "message": "Detected a call to `replaceAll()` in an attempt to HTML escape the string `tableData[i].description.replaceAll('<', '<')`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://www.npmjs.com/package/dompurify", "https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "kxUYE9", "url": "https://semgrep.dev/playground/r/l4T5xb/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "version_id": "l4T5xb"}}, "shortlink": "https://sg.run/AzoB", "source": "https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "subcategory": ["audit"], "technology": ["javascript", "typescript"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$FUNC": {"abstract_content": "replaceAll", "end": {"col": 93, "line": 59, "offset": 2081}, "start": {"col": 83, "line": 59, "offset": 2071}}, "$STR": {"abstract_content": "tableData[i].description.replaceAll('<''<')", "end": {"col": 82, "line": 59, "offset": 2070}, "start": {"col": 34, "line": 59, "offset": 2022}}}, "severity": "INFO"}, "path": "data/static/codefixes/restfulXssChallenge_2.ts", "start": {"col": 34, "line": 59, "offset": 2022}}, {"check_id": "javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage", "end": {"col": 22, "line": 93, "offset": 4195}, "extra": {"engine_kind": "OSS", "fingerprint": "7338534e3ae4610be8b37f2ee262821ad403400990016d6a0bc165186cee76b5b94b45ddc93c344c66852c320ed5c67c5b43a1a65fca831ae6d09de67c61c350_0", "is_ignored": false, "lines": "const app = express()", "message": "A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-352: Cross-Site Request Forgery (CSRF)"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A01:2021 - Broken Access Control"], "references": ["https://www.npmjs.com/package/csurf", "https://www.npmjs.com/package/csrf", "https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "wdUKEq", "url": "https://semgrep.dev/playground/r/O9TyOQ/javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage", "version_id": "O9TyOQ"}}, "shortlink": "https://sg.run/BxzR", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-check-csurf-middleware-usage.express-check-csurf-middleware-usage", "subcategory": ["audit"], "technology": ["javascript", "typescript", "express"], "vulnerability_class": ["Cross-Site Request Forgery (CSRF)"]}, "metavars": {"$APP": {"abstract_content": "app", "end": {"col": 10, "line": 93, "offset": 4183}, "start": {"col": 7, "line": 93, "offset": 4180}}, "$EXPRESS": {"abstract_content": "express", "end": {"col": 20, "line": 93, "offset": 4193}, "start": {"col": 13, "line": 93, "offset": 4186}}}, "severity": "INFO"}, "path": "server.ts", "start": {"col": 7, "line": 93, "offset": 4180}}, {"check_id": "javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "end": {"col": 76, "line": 242, "offset": 10521}, "extra": {"engine_kind": "OSS", "fingerprint": "c2c7cc5931e16da7a7bc9e2fc1e98093f4c2df0159cda8677f10cd4747a7e125dbcf1faf73b825dc6d1908c737a9c354fc272b9f0bb4f3620c4a5909de3fd6be_0", "is_ignored": false, "lines": " app.use('/ftp', serveIndexMiddleware, serveIndex('ftp', { icons: true })) // vuln-code-snippet vuln-line directoryListingChallenge", "message": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-548: Exposure of Information Through Directory Listing"], "impact": "MEDIUM", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A06:2017 - Security Misconfiguration", "A01:2021 - Broken Access Control"], "references": ["https://www.npmjs.com/package/serve-index", "https://www.acunetix.com/blog/articles/directory-listing-information-disclosure/"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "x8UqEb", "url": "https://semgrep.dev/playground/r/e1Tx1b/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "version_id": "e1Tx1b"}}, "shortlink": "https://sg.run/DX2G", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Mishandled Sensitive Information"]}, "metavars": {"$APP": {"abstract_content": "app", "end": {"col": 6, "line": 242, "offset": 10451}, "propagated_value": {"svalue_abstract_content": "express()", "svalue_end": {"col": 22, "line": 93, "offset": 4195}, "svalue_start": {"col": 13, "line": 93, "offset": 4186}}, "start": {"col": 3, "line": 242, "offset": 10448}}, "$SERVEINDEX": {"abstract_content": "serveIndex", "end": {"col": 51, "line": 242, "offset": 10496}, "start": {"col": 41, "line": 242, "offset": 10486}}}, "severity": "WARNING"}, "path": "server.ts", "start": {"col": 3, "line": 242, "offset": 10448}}, {"check_id": "javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "end": {"col": 115, "line": 247, "offset": 10962}, "extra": {"engine_kind": "OSS", "fingerprint": "c2c7cc5931e16da7a7bc9e2fc1e98093f4c2df0159cda8677f10cd4747a7e125dbcf1faf73b825dc6d1908c737a9c354fc272b9f0bb4f3620c4a5909de3fd6be_1", "is_ignored": false, "lines": " app.use('/encryptionkeys', serveIndexMiddleware, serveIndex('encryptionkeys', { icons: true, view: 'details' }))", "message": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-548: Exposure of Information Through Directory Listing"], "impact": "MEDIUM", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A06:2017 - Security Misconfiguration", "A01:2021 - Broken Access Control"], "references": ["https://www.npmjs.com/package/serve-index", "https://www.acunetix.com/blog/articles/directory-listing-information-disclosure/"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "x8UqEb", "url": "https://semgrep.dev/playground/r/e1Tx1b/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "version_id": "e1Tx1b"}}, "shortlink": "https://sg.run/DX2G", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Mishandled Sensitive Information"]}, "metavars": {"$APP": {"abstract_content": "app", "end": {"col": 6, "line": 247, "offset": 10853}, "propagated_value": {"svalue_abstract_content": "express()", "svalue_end": {"col": 22, "line": 93, "offset": 4195}, "svalue_start": {"col": 13, "line": 93, "offset": 4186}}, "start": {"col": 3, "line": 247, "offset": 10850}}, "$SERVEINDEX": {"abstract_content": "serveIndex", "end": {"col": 62, "line": 247, "offset": 10909}, "start": {"col": 52, "line": 247, "offset": 10899}}}, "severity": "WARNING"}, "path": "server.ts", "start": {"col": 3, "line": 247, "offset": 10850}}, {"check_id": "javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "end": {"col": 103, "line": 251, "offset": 11210}, "extra": {"engine_kind": "OSS", "fingerprint": "c2c7cc5931e16da7a7bc9e2fc1e98093f4c2df0159cda8677f10cd4747a7e125dbcf1faf73b825dc6d1908c737a9c354fc272b9f0bb4f3620c4a5909de3fd6be_2", "is_ignored": false, "lines": " app.use('/support/logs', serveIndexMiddleware, serveIndex('logs', { icons: true, view: 'details' })) // vuln-code-snippet vuln-line accessLogDisclosureChallenge", "message": "Directory listing/indexing is enabled, which may lead to disclosure of sensitive directories and files. It is recommended to disable directory listing unless it is a public resource. If you need directory listing, ensure that sensitive files are inaccessible when querying the resource.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-548: Exposure of Information Through Directory Listing"], "impact": "MEDIUM", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A06:2017 - Security Misconfiguration", "A01:2021 - Broken Access Control"], "references": ["https://www.npmjs.com/package/serve-index", "https://www.acunetix.com/blog/articles/directory-listing-information-disclosure/"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "x8UqEb", "url": "https://semgrep.dev/playground/r/e1Tx1b/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "version_id": "e1Tx1b"}}, "shortlink": "https://sg.run/DX2G", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-check-directory-listing.express-check-directory-listing", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Mishandled Sensitive Information"]}, "metavars": {"$APP": {"abstract_content": "app", "end": {"col": 6, "line": 251, "offset": 11113}, "propagated_value": {"svalue_abstract_content": "express()", "svalue_end": {"col": 22, "line": 93, "offset": 4195}, "svalue_start": {"col": 13, "line": 93, "offset": 4186}}, "start": {"col": 3, "line": 251, "offset": 11110}}, "$SERVEINDEX": {"abstract_content": "serveIndex", "end": {"col": 60, "line": 251, "offset": 11167}, "start": {"col": 50, "line": 251, "offset": 11157}}}, "severity": "WARNING"}, "path": "server.ts", "start": {"col": 3, "line": 251, "offset": 11110}}, {"check_id": "javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage", "end": {"col": 80, "line": 22, "offset": 827}, "extra": {"engine_kind": "OSS", "fingerprint": "a7c1157f627c0e1215d1ff43f3a6d9b1b5567cb820656c0d47ba71699d5f1777339d8c02e423a9838fd65d018b6cdae86d10d52cc0e4f33f3812e21c6c7694aa_0", "is_ignored": false, "lines": " vm.runInContext('safeEval(orderLinesData)', sandbox, { timeout: 2000 })", "message": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-1104: Use of Unmaintained Third Party Components"], "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A06:2021 - Vulnerable and Outdated Components"], "references": ["https://github.com/mmckegg/notevil"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "OrUX9K", "url": "https://semgrep.dev/playground/r/LjT0Qd/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage", "version_id": "LjT0Qd"}}, "shortlink": "https://sg.run/W70E", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage", "subcategory": ["audit"], "technology": ["javascript", "typescript"], "vulnerability_class": ["Other"]}, "metavars": {"$CMD": {"abstract_content": "safeEval(orderLinesData)", "end": {"col": 50, "line": 22, "offset": 797}, "start": {"col": 26, "line": 22, "offset": 773}}, "$EVAL": {"abstract_content": "safeEval", "end": {"col": 15, "line": 12, "offset": 361}, "start": {"col": 7, "line": 12, "offset": 353}}, "$VM": {"abstract_content": "vm", "end": {"col": 11, "line": 22, "offset": 758}, "start": {"col": 9, "line": 22, "offset": 756}}}, "severity": "WARNING"}, "path": "routes/b2bOrder.ts", "start": {"col": 9, "line": 22, "offset": 756}}, {"check_id": "javascript.express.security.audit.express-ssrf.express-ssrf", "end": {"col": 19, "line": 23, "offset": 869}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "url", "location": {"end": {"col": 16, "line": 18, "offset": 579}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 13, "line": 18, "offset": 576}}}], "taint_sink": ["CliLoc", [{"end": {"col": 19, "line": 23, "offset": 869}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 16, "line": 23, "offset": 866}}, "url"]], "taint_source": ["CliLoc", [{"end": {"col": 27, "line": 18, "offset": 590}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 19, "line": 18, "offset": 582}}, "req.body"]]}, "engine_kind": "OSS", "fingerprint": "ed8c9c010a8fcf039af83ee959f95f90a19f060d498c289b67f6c1e89e86573ac8762f43b37e7c8f73ba0459470dd780cbfc28d74a1b74a5982160fac68c2503_0", "is_ignored": false, "lines": " .get(url)", "message": "The following request request.get() was found to be crafted from user-input `req` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. ", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-918: Server-Side Request Forgery (SSRF)"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "MEDIUM", "owasp": ["A10:2021 - Server-Side Request Forgery (SSRF)"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "eqU9l2", "url": "https://semgrep.dev/playground/r/5PT6Ab/javascript.express.security.audit.express-ssrf.express-ssrf", "version_id": "5PT6Ab"}}, "shortlink": "https://sg.run/0PNw", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-ssrf.express-ssrf", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Server-Side Request Forgery (SSRF)"]}, "metavars": {"$ASSIGN": {"abstract_content": "url", "end": {"col": 19, "line": 23, "offset": 869}, "propagated_value": {"svalue_abstract_content": "req.body.imageUrl", "svalue_end": {"col": 36, "line": 18, "offset": 599}, "svalue_start": {"col": 19, "line": 18, "offset": 582}}, "start": {"col": 16, "line": 23, "offset": 866}}, "$METHOD": {"abstract_content": "get", "end": {"col": 15, "line": 23, "offset": 865}, "start": {"col": 12, "line": 23, "offset": 862}}, "$REQ": {"abstract_content": "req", "end": {"col": 22, "line": 18, "offset": 585}, "start": {"col": 19, "line": 18, "offset": 582}}, "$REQUEST": {"abstract_content": "request", "end": {"col": 37, "line": 22, "offset": 850}, "start": {"col": 30, "line": 22, "offset": 843}}, "$VALUE": {"abstract_content": "imageUrl", "end": {"col": 36, "line": 18, "offset": 599}, "start": {"col": 28, "line": 18, "offset": 591}}}, "severity": "WARNING"}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 16, "line": 23, "offset": 866}}, {"check_id": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "end": {"col": 94, "line": 44, "offset": 2354}, "extra": {"engine_kind": "OSS", "fingerprint": "569e806f7e4276ac73f185c72e97867ad00c7577b6de01cb8ddf4d0baac7e4e87d2a1332921d7904bc42be66144ec687c33426d62ca235adbef07da7962cfc84_0", "is_ignored": false, "lines": "export const hmac = (data: string) => crypto.createHmac('sha256', 'pa4qacea4VK9t9nGv7yZtwmj').update(data).digest('hex')", "message": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-798: Use of Hard-coded Credentials"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2021 - Identification and Authentication Failures"], "references": ["https://rules.sonarsource.com/javascript/RSPEC-2068", "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "v8UGEw", "url": "https://semgrep.dev/playground/r/5PT6od/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "version_id": "5PT6od"}}, "shortlink": "https://sg.run/K9bn", "source": "https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "subcategory": ["audit"], "technology": ["crypto", "hmac"], "vulnerability_class": ["Hard-coded Secrets"]}, "metavars": {"$ALGO": {"abstract_content": "'sha256'", "end": {"col": 65, "line": 44, "offset": 2325}, "start": {"col": 57, "line": 44, "offset": 2317}}, "$CRYPTO": {"abstract_content": "crypto", "end": {"col": 45, "line": 44, "offset": 2305}, "start": {"col": 39, "line": 44, "offset": 2299}}}, "severity": "WARNING"}, "path": "lib/insecurity.ts", "start": {"col": 39, "line": 44, "offset": 2299}}, {"check_id": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "end": {"col": 55, "line": 158, "offset": 6362}, "extra": {"engine_kind": "OSS", "fingerprint": "569e806f7e4276ac73f185c72e97867ad00c7577b6de01cb8ddf4d0baac7e4e87d2a1332921d7904bc42be66144ec687c33426d62ca235adbef07da7962cfc84_1", "is_ignored": false, "lines": " const hmac = crypto.createHmac('sha256', privateKey)", "message": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-798: Use of Hard-coded Credentials"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2021 - Identification and Authentication Failures"], "references": ["https://rules.sonarsource.com/javascript/RSPEC-2068", "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "v8UGEw", "url": "https://semgrep.dev/playground/r/5PT6od/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "version_id": "5PT6od"}}, "shortlink": "https://sg.run/K9bn", "source": "https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "subcategory": ["audit"], "technology": ["crypto", "hmac"], "vulnerability_class": ["Hard-coded Secrets"]}, "metavars": {"$ALGO": {"abstract_content": "'sha256'", "end": {"col": 42, "line": 158, "offset": 6349}, "start": {"col": 34, "line": 158, "offset": 6341}}, "$CRYPTO": {"abstract_content": "crypto", "end": {"col": 22, "line": 158, "offset": 6329}, "start": {"col": 16, "line": 158, "offset": 6323}}}, "severity": "WARNING"}, "path": "lib/insecurity.ts", "start": {"col": 16, "line": 158, "offset": 6323}}, {"check_id": "yaml.docker-compose.security.no-new-privileges.no-new-privileges", "end": {"col": 6, "line": 7, "offset": 85}, "extra": {"engine_kind": "OSS", "fingerprint": "56a4d83610c90015edb434a152d71f7b3dba00a5a2a89237fec47d86cf9e5391df496e315e5ef3f20b0e03b3e08292aa82bf7fbabd90049370bdc6ad163e604c_0", "is_ignored": false, "lines": " app:", "message": "Service 'app' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-732: Incorrect Permission Assignment for Critical Resource"], "cwe2021-top25": true, "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A05:2021 - Security Misconfiguration", "A06:2017 - Security Misconfiguration"], "references": ["https://raesene.github.io/blog/2019/06/01/docker-capabilities-and-no-new-privs/", "https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag"], "semgrep.dev": {"rule": {"origin": "community", "rule_id": "qNUoWr", "url": "https://semgrep.dev/playground/r/vdT2zp/yaml.docker-compose.security.no-new-privileges.no-new-privileges", "version_id": "vdT2zp"}}, "shortlink": "https://sg.run/0n8q", "source": "https://semgrep.dev/r/yaml.docker-compose.security.no-new-privileges.no-new-privileges", "subcategory": ["audit"], "technology": ["docker-compose"], "vulnerability_class": ["Improper Authorization"]}, "metavars": {"$SERVICE": {"abstract_content": "app", "end": {"col": 6, "line": 7, "offset": 85}, "start": {"col": 3, "line": 7, "offset": 82}}}, "severity": "WARNING"}, "path": "docker-compose.test.yml", "start": {"col": 3, "line": 7, "offset": 82}}], "version": "1.32.0"} +{"errors": [{"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_1.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n if (req.body.email.match(/.*['-;].*/) || req.body.password.match(/.*['-;].*/)) {\n res.status(451).send(res.__('SQL Injection detected.'))\n }\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_1.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line frontend/src/app/Services/user.service.ts:14:\n `new?:` was unexpected", "path": "frontend/src/app/Services/user.service.ts", "spans": [{"end": {"col": 8, "line": 14, "offset": 5}, "file": "frontend/src/app/Services/user.service.ts", "start": {"col": 3, "line": 14, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 8, "line": 14, "offset": 5}, "path": "frontend/src/app/Services/user.service.ts", "start": {"col": 3, "line": 14, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_4.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordIsNotInTopOneMillionCommonPasswordsList(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_4.ts", "spans": [{"end": {"col": 9, "line": 8, "offset": 272}, "file": "data/static/codefixes/weakPasswordChallenge_4.ts", "start": {"col": 1, "line": 1, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 9, "line": 8, "offset": 272}, "path": "data/static/codefixes/weakPasswordChallenge_4.ts", "start": {"col": 1, "line": 1, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_3.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordHasAtLeastOneNumber(clearTextPassword)\n validatePasswordHasAtLeastOneSpecialChar(clearTextPassword)\n validatePasswordHasAtLeastOneUpperCaseChar(clearTextPassword)\n validatePasswordHasAtLeastOneLowerCaseChar(clearTextPassword)\n validatePasswordHasAtLeastTenChar(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_3.ts", "spans": [{"end": {"col": 9, "line": 12, "offset": 529}, "file": "data/static/codefixes/weakPasswordChallenge_3.ts", "start": {"col": 1, "line": 1, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 9, "line": 12, "offset": 529}, "path": "data/static/codefixes/weakPasswordChallenge_3.ts", "start": {"col": 1, "line": 1, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_4.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'User', exclude: ['password', 'totpSecret', 'role'], model: UserModel },\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })\n\n // create a wallet when a new user is registered using API\n if (name === 'User') {\n resource.create.send.before((req: Request, res: Response, context: { instance: { id: any }, continue: any }) => {\n WalletModel.create({ UserId: context.instance.id }).catch((err: unknown) => {\n console.log(err)\n })\n return context.continue\n })\n }` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_4.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_3.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = ? AND password = ? AND deletedAt IS NULL`,\n { replacements: [ req.body.email, req.body.password ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_3.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_1_correct.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = $2 AND deletedAt IS NULL`,\n { bind: [ req.body.email, security.hash(req.body.password) ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_1_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_2.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`,\n { bind: [ req.body.email ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_2.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/restfulXssChallenge_3.ts:43:\n `: any[]` was unexpected", "path": "data/static/codefixes/restfulXssChallenge_3.ts", "spans": [{"end": {"col": 44, "line": 43, "offset": 7}, "file": "data/static/codefixes/restfulXssChallenge_3.ts", "start": {"col": 37, "line": 43, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 44, "line": 43, "offset": 7}, "path": "data/static/codefixes/restfulXssChallenge_3.ts", "start": {"col": 37, "line": 43, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_1.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n if (req.body.email.match(/.*['-;].*/) || req.body.password.match(/.*['-;].*/)) {\n res.status(451).send(res.__('SQL Injection detected.'))\n }\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_1.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_1_correct.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordHasAtLeastTenChar(clearTextPassword)\n validatePasswordIsNotInTopOneMillionCommonPasswordsList(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_1_correct.ts", "spans": [{"end": {"col": 9, "line": 9, "offset": 335}, "file": "data/static/codefixes/weakPasswordChallenge_1_correct.ts", "start": {"col": 1, "line": 1, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 9, "line": 9, "offset": 335}, "path": "data/static/codefixes/weakPasswordChallenge_1_correct.ts", "start": {"col": 1, "line": 1, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_3.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = $2 AND deletedAt IS NULL`,\n { bind: [ req.body.email, req.body.password ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_3.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_4.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: false })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_4.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/tokenSaleChallenge_2.ts:19:\n `]` was unexpected", "path": "data/static/codefixes/tokenSaleChallenge_2.ts", "spans": [{"end": {"col": 2, "line": 19, "offset": 1}, "file": "data/static/codefixes/tokenSaleChallenge_2.ts", "start": {"col": 1, "line": 19, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 2, "line": 19, "offset": 1}, "path": "data/static/codefixes/tokenSaleChallenge_2.ts", "start": {"col": 1, "line": 19, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_2.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: false })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_2.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginAdminChallenge_4_correct.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $1 AND password = $2 AND deletedAt IS NULL`,\n { bind: [ req.body.email, security.hash(req.body.password) ], model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginAdminChallenge_4_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_2_correct.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = $mail AND password = $pass AND deletedAt IS NULL`,\n { bind: { mail: req.body.email, pass: security.hash(req.body.password) }, model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_2_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/restfulXssChallenge_4.ts:57:\n `: any[]` was unexpected", "path": "data/static/codefixes/restfulXssChallenge_4.ts", "spans": [{"end": {"col": 44, "line": 57, "offset": 7}, "file": "data/static/codefixes/restfulXssChallenge_4.ts", "start": {"col": 37, "line": 57, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 44, "line": 57, "offset": 7}, "path": "data/static/codefixes/restfulXssChallenge_4.ts", "start": {"col": 37, "line": 57, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_2.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_2.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line Dockerfile:47:\n `--from=installer` was unexpected", "path": "Dockerfile", "spans": [{"end": {"col": 22, "line": 47, "offset": 16}, "file": "Dockerfile", "start": {"col": 6, "line": 47, "offset": 0}}, {"end": {"col": 21, "line": 48, "offset": 15}, "file": "Dockerfile", "start": {"col": 6, "line": 48, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 22, "line": 47, "offset": 16}, "path": "Dockerfile", "start": {"col": 6, "line": 47, "offset": 0}}, {"end": {"col": 21, "line": 48, "offset": 15}, "path": "Dockerfile", "start": {"col": 6, "line": 48, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/restfulXssChallenge_2.ts:57:\n `: any[]` was unexpected", "path": "data/static/codefixes/restfulXssChallenge_2.ts", "spans": [{"end": {"col": 45, "line": 57, "offset": 7}, "file": "data/static/codefixes/restfulXssChallenge_2.ts", "start": {"col": 38, "line": 57, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 45, "line": 57, "offset": 7}, "path": "data/static/codefixes/restfulXssChallenge_2.ts", "start": {"col": 38, "line": 57, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/tokenSaleChallenge_3_correct.ts:14:\n `]` was unexpected", "path": "data/static/codefixes/tokenSaleChallenge_3_correct.ts", "spans": [{"end": {"col": 2, "line": 14, "offset": 1}, "file": "data/static/codefixes/tokenSaleChallenge_3_correct.ts", "start": {"col": 1, "line": 14, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 2, "line": 14, "offset": 1}, "path": "data/static/codefixes/tokenSaleChallenge_3_correct.ts", "start": {"col": 1, "line": 14, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_3_correct.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'User', exclude: ['password', 'totpSecret'], model: UserModel },\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })\n\n // create a wallet when a new user is registered using API\n if (name === 'User') {\n resource.create.send.before((req: Request, res: Response, context: { instance: { id: any }, continue: any }) => {\n WalletModel.create({ UserId: context.instance.id }).catch((err: unknown) => {\n console.log(err)\n })\n context.instance.role = 'customer'\n return context.continue\n })\n }` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_3_correct.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginBenderChallenge_3.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n models.sequelize.query(`SELECT * FROM Users WHERE email = :mail AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`,\n { replacements: { mail: req.body.email }, model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginBenderChallenge_3.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/tokenSaleChallenge_1.ts:18:\n `]` was unexpected", "path": "data/static/codefixes/tokenSaleChallenge_1.ts", "spans": [{"end": {"col": 2, "line": 18, "offset": 1}, "file": "data/static/codefixes/tokenSaleChallenge_1.ts", "start": {"col": 1, "line": 18, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 2, "line": 18, "offset": 1}, "path": "data/static/codefixes/tokenSaleChallenge_1.ts", "start": {"col": 1, "line": 18, "offset": 0}}]]}, {"code": 2, "level": "warn", "message": "Timeout when running javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal on frontend/src/assets/private/three.js:\n ", "path": "frontend/src/assets/private/three.js", "rule_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "type": "Timeout"}, {"code": 2, "level": "warn", "message": "Timeout when running javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring on frontend/src/assets/private/three.js:\n ", "path": "frontend/src/assets/private/three.js", "rule_id": "javascript.lang.security.audit.unsafe-formatstring.unsafe-formatstring", "type": "Timeout"}, {"code": 2, "level": "warn", "message": "Timeout when running typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method on frontend/src/assets/private/three.js:\n ", "path": "frontend/src/assets/private/three.js", "rule_id": "typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method", "type": "Timeout"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/weakPasswordChallenge_2.ts:1:\n `User.init(\n password: {\n type: DataTypes.STRING,\n set (clearTextPassword) {\n validatePasswordHasAtLeastOneNumber(clearTextPassword)\n validatePasswordHasAtLeastOneSpecialChar(clearTextPassword)\n validatePasswordHasAtLeastOneUpperCaseChar(clearTextPassword)\n validatePasswordHasAtLeastOneLowerCaseChar(clearTextPassword)\n validatePasswordHasAtLeastTenChar(clearTextPassword)\n validatePasswordIsNotInTopOneMillionCommonPasswordsList(clearTextPassword)\n this.setDataValue('password', security.hash(clearTextPassword))\n }\n },` was unexpected", "path": "data/static/codefixes/weakPasswordChallenge_2.ts", "spans": [{"end": {"col": 9, "line": 13, "offset": 614}, "file": "data/static/codefixes/weakPasswordChallenge_2.ts", "start": {"col": 1, "line": 1, "offset": 0}}], "type": ["PartialParsing", [{"end": {"col": 9, "line": 13, "offset": 614}, "path": "data/static/codefixes/weakPasswordChallenge_2.ts", "start": {"col": 1, "line": 1, "offset": 0}}]]}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/registerAdminChallenge_1.ts:1:\n `/* Generated API endpoints */\n finale.initialize({ app, sequelize })\n\n const autoModels = [\n { name: 'User', exclude: ['password', 'totpSecret'], model: UserModel },\n { name: 'Product', exclude: [], model: ProductModel },\n { name: 'Feedback', exclude: [], model: FeedbackModel },\n { name: 'BasketItem', exclude: [], model: BasketItemModel },\n { name: 'Challenge', exclude: [], model: ChallengeModel },\n { name: 'Complaint', exclude: [], model: ComplaintModel },\n { name: 'Recycle', exclude: [], model: RecycleModel },\n { name: 'SecurityQuestion', exclude: [], model: SecurityQuestionModel },\n { name: 'SecurityAnswer', exclude: [], model: SecurityAnswerModel },\n { name: 'Address', exclude: [], model: AddressModel },\n { name: 'PrivacyRequest', exclude: [], model: PrivacyRequestModel },\n { name: 'Card', exclude: [], model: CardModel },\n { name: 'Quantity', exclude: [], model: QuantityModel }\n ]\n\n for (const { name, exclude, model } of autoModels) {\n const resource = finale.resource({\n model,\n endpoints: [`/api/${name}s`, `/api/${name}s/:id`],\n excludeAttributes: exclude,\n pagination: false\n })\n\n // create a wallet when a new user is registered using API\n if (name === 'User') {\n resource.create.send.before((req: Request, res: Response, context: { instance: { id: any }, continue: any }) => {\n WalletModel.create({ UserId: context.instance.id }).catch((err: unknown) => {\n console.log(err)\n })\n context.instance.role = context.instance.role ? context.instance.role : 'customer'\n return context.continue\n })\n }` was unexpected", "path": "data/static/codefixes/registerAdminChallenge_1.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line data/static/codefixes/loginJimChallenge_4.ts:1:\n `import {BasketModel} from \"../../../models/basket\";\n\nmodule.exports = function login () {\n function afterLogin (user: { data: User, bid: number }, res: Response, next: NextFunction) {\n BasketModel.findOrCreate({ where: { UserId: user.data.id } })\n .then(([basket]: [BasketModel, boolean]) => {\n const token = security.authorize(user)\n user.bid = basket.id // keep track of original basket\n security.authenticatedUsers.put(token, user)\n res.json({ authentication: { token, bid: basket.id, umail: user.data.email } })\n }).catch((error: Error) => {\n next(error)\n })\n }\n\n return (req: Request, res: Response, next: NextFunction) => {\n if (req.body.email.match(/.*['-;].*/) || req.body.password.match(/.*['-;].*/)) {\n res.status(451).send(res.__('SQL Injection detected.'))\n }\n models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: models.User, plain: true })\n .then((authenticatedUser: { data: User }) => {\n const user = utils.queryResultToJson(authenticatedUser)\n if (user.data?.id && user.data.totpSecret !== '') {\n res.status(401).json({\n status: 'totp_token_required',\n data: {\n tmpToken: security.authorize({\n userId: user.data.id,\n type: 'password_valid_needs_second_factor_token'\n })\n }\n })\n } else if (user.data?.id) {\n afterLogin(user, res, next)\n } else {\n res.status(401).send(res.__('Invalid email or password.'))\n }\n }).catch((error: Error) => {\n next(error)\n })\n }` was unexpected", "path": "data/static/codefixes/loginJimChallenge_4.ts", "type": "Syntax error"}, {"code": 3, "level": "warn", "message": "Syntax error at line .github/workflows/release.yml:37:\n When parsing a snippet as Bash for metavariable-pattern in rule 'yaml.github-actions.security.curl-eval.curl-eval', `{ matrix.node-version` was unexpected", "path": ".github/workflows/release.yml", "spans": [{"end": {"col": 48, "line": 37, "offset": 925}, "file": ".github/workflows/release.yml", "start": {"col": 27, "line": 37, "offset": 904}}], "type": ["PartialParsing", [{"end": {"col": 48, "line": 37, "offset": 925}, "path": ".github/workflows/release.yml", "start": {"col": 27, "line": 37, "offset": 904}}]]}], "interfile_languages_used": [], "paths": {"scanned": [".codeclimate.yml", ".dependabot/config.yml", ".devcontainer.json", ".dockerignore", ".eslintrc.js", ".github/CODEOWNERS", ".github/FUNDING.yml", ".github/ISSUE_TEMPLATE/bug-report.md", ".github/ISSUE_TEMPLATE/challenge-idea.md", ".github/ISSUE_TEMPLATE/config.yml", ".github/ISSUE_TEMPLATE/feature-request.md", ".github/PULL_REQUEST_TEMPLATE.md", ".github/workflows/ci.yml", ".github/workflows/codeql-analysis.yml", ".github/workflows/lint-fixer.yml", ".github/workflows/lock.yml", ".github/workflows/rebase.yml", ".github/workflows/release.yml", ".github/workflows/stale.yml", ".github/workflows/update-challenges-www.yml", ".github/workflows/update-news-www.yml", ".github/workflows/zap_scan.yml", ".gitignore", ".gitlab/auto-deploy-values.yaml", ".gitlab-ci.yml", ".gitpod.yml", ".mailmap", ".npmrc", ".zap/rules.tsv", "CODE_OF_CONDUCT.md", "CONTRIBUTING.md", "Dockerfile", "Gruntfile.js", "HALL_OF_FAME.md", "LICENSE", "README.md", "REFERENCES.md", "SECURITY.md", "SOLUTIONS.md", "app.json", "app.ts", "config/7ms.yml", "config/addo.yml", "config/bodgeit.yml", "config/ctf.yml", "config/default.yml", "config/fbctf.yml", "config/juicebox.yml", "config/mozilla.yml", "config/oss.yml", "config/quiet.yml", "config/test.yml", "config/tutorial.yml", "config/unsafe.yml", "config.schema.yml", "crowdin.yaml", "ctf.key", "cypress.config.ts", "data/chatbot/.gitkeep", "data/datacache.ts", "data/datacreator.ts", "data/mongodb.ts", "data/static/botDefaultTrainingData.json", "data/static/challenges.yml", "data/static/codefixes/.editorconfig", "data/static/codefixes/accessLogDisclosureChallenge.info.yml", "data/static/codefixes/accessLogDisclosureChallenge_1_correct.ts", "data/static/codefixes/accessLogDisclosureChallenge_2.ts", "data/static/codefixes/accessLogDisclosureChallenge_3.ts", "data/static/codefixes/accessLogDisclosureChallenge_4.ts", "data/static/codefixes/adminSectionChallenge.info.yml", "data/static/codefixes/adminSectionChallenge_1_correct.ts", "data/static/codefixes/adminSectionChallenge_2.ts", "data/static/codefixes/adminSectionChallenge_3.ts", "data/static/codefixes/adminSectionChallenge_4.ts", "data/static/codefixes/changeProductChallenge.info.yml", "data/static/codefixes/changeProductChallenge_1.ts", "data/static/codefixes/changeProductChallenge_2.ts", "data/static/codefixes/changeProductChallenge_3_correct.ts", "data/static/codefixes/changeProductChallenge_4.ts", "data/static/codefixes/dbSchemaChallenge.info.yml", "data/static/codefixes/dbSchemaChallenge_1.ts", "data/static/codefixes/dbSchemaChallenge_2_correct.ts", "data/static/codefixes/dbSchemaChallenge_3.ts", "data/static/codefixes/directoryListingChallenge.info.yml", "data/static/codefixes/directoryListingChallenge_1_correct.ts", "data/static/codefixes/directoryListingChallenge_2.ts", "data/static/codefixes/directoryListingChallenge_3.ts", "data/static/codefixes/directoryListingChallenge_4.ts", "data/static/codefixes/exposedMetricsChallenge.info.yml", "data/static/codefixes/exposedMetricsChallenge_1.ts", "data/static/codefixes/exposedMetricsChallenge_2.ts", "data/static/codefixes/exposedMetricsChallenge_3_correct.ts", "data/static/codefixes/forgedReviewChallenge.info.yml", "data/static/codefixes/forgedReviewChallenge_1.ts", "data/static/codefixes/forgedReviewChallenge_2_correct.ts", "data/static/codefixes/forgedReviewChallenge_3.ts", "data/static/codefixes/localXssChallenge.info.yml", "data/static/codefixes/localXssChallenge_1.ts", "data/static/codefixes/localXssChallenge_2_correct.ts", "data/static/codefixes/localXssChallenge_3.ts", "data/static/codefixes/localXssChallenge_4.ts", "data/static/codefixes/loginAdminChallenge.info.yml", "data/static/codefixes/loginAdminChallenge_1.ts", "data/static/codefixes/loginAdminChallenge_2.ts", "data/static/codefixes/loginAdminChallenge_3.ts", "data/static/codefixes/loginAdminChallenge_4_correct.ts", "data/static/codefixes/loginBenderChallenge.info.yml", "data/static/codefixes/loginBenderChallenge_1.ts", "data/static/codefixes/loginBenderChallenge_2_correct.ts", "data/static/codefixes/loginBenderChallenge_3.ts", "data/static/codefixes/loginBenderChallenge_4.ts", "data/static/codefixes/loginJimChallenge.info.yml", "data/static/codefixes/loginJimChallenge_1_correct.ts", "data/static/codefixes/loginJimChallenge_2.ts", "data/static/codefixes/loginJimChallenge_3.ts", "data/static/codefixes/loginJimChallenge_4.ts", "data/static/codefixes/nftMintChallenge.info.yml", "data/static/codefixes/nftMintChallenge_1.sol", "data/static/codefixes/nftMintChallenge_2.sol", "data/static/codefixes/nftMintChallenge_3.sol", "data/static/codefixes/nftMintChallenge_4_correct.sol", "data/static/codefixes/nftUnlockChallenge.info.yml", "data/static/codefixes/nftUnlockChallenge_1.sol", "data/static/codefixes/nftUnlockChallenge_2_correct.sol", "data/static/codefixes/nftUnlockChallenge_3.sol", "data/static/codefixes/nftUnlockChallenge_4.sol", "data/static/codefixes/noSqlReviewsChallenge.info.yml", "data/static/codefixes/noSqlReviewsChallenge_1.ts", "data/static/codefixes/noSqlReviewsChallenge_2.ts", "data/static/codefixes/noSqlReviewsChallenge_3_correct.ts", "data/static/codefixes/redirectChallenge.info.yml", "data/static/codefixes/redirectChallenge_1.ts", "data/static/codefixes/redirectChallenge_2.ts", "data/static/codefixes/redirectChallenge_3.ts", "data/static/codefixes/redirectChallenge_4_correct.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge.info.yml", "data/static/codefixes/redirectCryptoCurrencyChallenge_1.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge_2.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge_3_correct.ts", "data/static/codefixes/redirectCryptoCurrencyChallenge_4.ts", "data/static/codefixes/registerAdminChallenge.info.yml", "data/static/codefixes/registerAdminChallenge_1.ts", "data/static/codefixes/registerAdminChallenge_2.ts", "data/static/codefixes/registerAdminChallenge_3_correct.ts", "data/static/codefixes/registerAdminChallenge_4.ts", "data/static/codefixes/resetPasswordBenderChallenge.info.yml", "data/static/codefixes/resetPasswordBenderChallenge_1.yml", "data/static/codefixes/resetPasswordBenderChallenge_2_correct.yml", "data/static/codefixes/resetPasswordBenderChallenge_3.yml", "data/static/codefixes/resetPasswordBjoernChallenge.info.yml", "data/static/codefixes/resetPasswordBjoernChallenge_1_correct.yml", "data/static/codefixes/resetPasswordBjoernChallenge_2.yml", "data/static/codefixes/resetPasswordBjoernChallenge_3.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge.info.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge_1.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge_2_correct.yml", "data/static/codefixes/resetPasswordBjoernOwaspChallenge_3.yml", "data/static/codefixes/resetPasswordJimChallenge.info.yml", "data/static/codefixes/resetPasswordJimChallenge_1.yml", "data/static/codefixes/resetPasswordJimChallenge_2.yml", "data/static/codefixes/resetPasswordJimChallenge_3_correct.yml", "data/static/codefixes/resetPasswordMortyChallenge.info.yml", "data/static/codefixes/resetPasswordMortyChallenge_1.ts", "data/static/codefixes/resetPasswordMortyChallenge_2.ts", "data/static/codefixes/resetPasswordMortyChallenge_3.ts", "data/static/codefixes/resetPasswordMortyChallenge_4_correct.ts", "data/static/codefixes/resetPasswordUvoginChallenge.info.yml", "data/static/codefixes/resetPasswordUvoginChallenge_1.yml", "data/static/codefixes/resetPasswordUvoginChallenge_2.yml", "data/static/codefixes/resetPasswordUvoginChallenge_3_correct.yml", "data/static/codefixes/restfulXssChallenge.info.yml", "data/static/codefixes/restfulXssChallenge_1_correct.ts", "data/static/codefixes/restfulXssChallenge_2.ts", "data/static/codefixes/restfulXssChallenge_3.ts", "data/static/codefixes/restfulXssChallenge_4.ts", "data/static/codefixes/scoreBoardChallenge.info.yml", "data/static/codefixes/scoreBoardChallenge_1_correct.ts", "data/static/codefixes/scoreBoardChallenge_2.ts", "data/static/codefixes/scoreBoardChallenge_3.ts", "data/static/codefixes/tokenSaleChallenge.info.yml", "data/static/codefixes/tokenSaleChallenge_1.ts", "data/static/codefixes/tokenSaleChallenge_2.ts", "data/static/codefixes/tokenSaleChallenge_3_correct.ts", "data/static/codefixes/unionSqlInjectionChallenge.info.yml", "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "data/static/codefixes/unionSqlInjectionChallenge_2_correct.ts", "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "data/static/codefixes/weakPasswordChallenge.info.yml", "data/static/codefixes/weakPasswordChallenge_1_correct.ts", "data/static/codefixes/weakPasswordChallenge_2.ts", "data/static/codefixes/weakPasswordChallenge_3.ts", "data/static/codefixes/weakPasswordChallenge_4.ts", "data/static/codefixes/web3SandboxChallenge.info.yml", "data/static/codefixes/web3SandboxChallenge_1_correct.ts", "data/static/codefixes/web3SandboxChallenge_2.ts", "data/static/codefixes/web3SandboxChallenge_3.ts", "data/static/codefixes/web3WalletChallenge.info.yml", "data/static/codefixes/web3WalletChallenge_1.sol", "data/static/codefixes/web3WalletChallenge_2.sol", "data/static/codefixes/web3WalletChallenge_3_correct.sol", "data/static/codefixes/web3WalletChallenge_4.sol", "data/static/codefixes/xssBonusChallenge.info.yml", "data/static/codefixes/xssBonusChallenge_1_correct.ts", "data/static/codefixes/xssBonusChallenge_2.ts", "data/static/codefixes/xssBonusChallenge_3.ts", "data/static/codefixes/xssBonusChallenge_4.ts", "data/static/contractABIs.ts", "data/static/deliveries.yml", "data/static/i18n/ar_SA.json", "data/static/i18n/az_AZ.json", "data/static/i18n/bg_BG.json", "data/static/i18n/bn_BD.json", "data/static/i18n/ca_ES.json", "data/static/i18n/cs_CZ.json", "data/static/i18n/da_DK.json", "data/static/i18n/de_CH.json", "data/static/i18n/de_DE.json", "data/static/i18n/el_GR.json", "data/static/i18n/en.json", "data/static/i18n/es_ES.json", "data/static/i18n/et_EE.json", "data/static/i18n/fi_FI.json", "data/static/i18n/fr_FR.json", "data/static/i18n/ga_IE.json", "data/static/i18n/he_IL.json", "data/static/i18n/hi_IN.json", "data/static/i18n/hu_HU.json", "data/static/i18n/id_ID.json", "data/static/i18n/it_IT.json", "data/static/i18n/ja_JP.json", "data/static/i18n/ka_GE.json", "data/static/i18n/ko_KR.json", "data/static/i18n/lv_LV.json", "data/static/i18n/my_MM.json", "data/static/i18n/nl_NL.json", "data/static/i18n/no_NO.json", "data/static/i18n/pl_PL.json", "data/static/i18n/pt_BR.json", "data/static/i18n/pt_PT.json", "data/static/i18n/ro_RO.json", "data/static/i18n/ru_RU.json", "data/static/i18n/si_LK.json", "data/static/i18n/sv_SE.json", "data/static/i18n/th_TH.json", "data/static/i18n/tlh_AA.json", "data/static/i18n/tr_TR.json", "data/static/i18n/uk_UA.json", "data/static/i18n/zh_CN.json", "data/static/i18n/zh_HK.json", "data/static/i18n/zh_TW.json", "data/static/legal.md", "data/static/locales.json", "data/static/owasp_promo.vtt", "data/static/securityQuestions.yml", "data/static/users.yml", "data/static/web3-snippets/BEEToken.sol", "data/static/web3-snippets/BeeFaucet.sol", "data/static/web3-snippets/ETHWalletBank.sol", "data/static/web3-snippets/HoneyPotNFT.sol", "data/static/web3-snippets/JuiceShopSBT.sol", "data/types.ts", "docker-compose.test.yml", "encryptionkeys/jwt.pub", "encryptionkeys/premium.key", "frontend/.browserslistrc", "frontend/.editorconfig", "frontend/.eslintrc.js", "frontend/.gitignore", "frontend/.npmrc", "frontend/.stylelintrc.js", "frontend/angular.json", "frontend/package.json", "frontend/src/app/Models/backup.model.ts", "frontend/src/app/Models/challenge.model.ts", "frontend/src/app/Models/deliveryMethod.model.ts", "frontend/src/app/Models/product.model.ts", "frontend/src/app/Models/review.model.ts", "frontend/src/app/Models/securityQuestion.model.ts", "frontend/src/app/Services/address.service.spec.ts", "frontend/src/app/Services/address.service.ts", "frontend/src/app/Services/administration.service.spec.ts", "frontend/src/app/Services/administration.service.ts", "frontend/src/app/Services/basket.service.spec.ts", "frontend/src/app/Services/basket.service.ts", "frontend/src/app/Services/captcha.service.spec.ts", "frontend/src/app/Services/captcha.service.ts", "frontend/src/app/Services/challenge.service.spec.ts", "frontend/src/app/Services/challenge.service.ts", "frontend/src/app/Services/chatbot.service.spec.ts", "frontend/src/app/Services/chatbot.service.ts", "frontend/src/app/Services/code-fixes.service.spec.ts", "frontend/src/app/Services/code-fixes.service.ts", "frontend/src/app/Services/code-snippet.service.spec.ts", "frontend/src/app/Services/code-snippet.service.ts", "frontend/src/app/Services/complaint.service.spec.ts", "frontend/src/app/Services/complaint.service.ts", "frontend/src/app/Services/configuration.service.spec.ts", "frontend/src/app/Services/configuration.service.ts", "frontend/src/app/Services/country-mapping.service.spec.ts", "frontend/src/app/Services/country-mapping.service.ts", "frontend/src/app/Services/data-subject.service.spec.ts", "frontend/src/app/Services/data-subject.service.ts", "frontend/src/app/Services/delivery.service.spec.ts", "frontend/src/app/Services/delivery.service.ts", "frontend/src/app/Services/feature-flag.service.spec.ts", "frontend/src/app/Services/feature-flag.service.ts", "frontend/src/app/Services/feedback.service.spec.ts", "frontend/src/app/Services/feedback.service.ts", "frontend/src/app/Services/form-submit.service.spec.ts", "frontend/src/app/Services/form-submit.service.ts", "frontend/src/app/Services/image-captcha.service.spec.ts", "frontend/src/app/Services/image-captcha.service.ts", "frontend/src/app/Services/keys.service.ts", "frontend/src/app/Services/languages.service.spec.ts", "frontend/src/app/Services/languages.service.ts", "frontend/src/app/Services/local-backup.service.spec.ts", "frontend/src/app/Services/local-backup.service.ts", "frontend/src/app/Services/order-history.service.spec.ts", "frontend/src/app/Services/order-history.service.ts", "frontend/src/app/Services/payment.service.spec.ts", "frontend/src/app/Services/payment.service.ts", "frontend/src/app/Services/photo-wall.service.spec.ts", "frontend/src/app/Services/photo-wall.service.ts", "frontend/src/app/Services/product-review.service.spec.ts", "frontend/src/app/Services/product-review.service.ts", "frontend/src/app/Services/product.service.spec.ts", "frontend/src/app/Services/product.service.ts", "frontend/src/app/Services/quantity.service.spec.ts", "frontend/src/app/Services/quantity.service.ts", "frontend/src/app/Services/recycle.service.spec.ts", "frontend/src/app/Services/recycle.service.ts", "frontend/src/app/Services/request.interceptor.ts", "frontend/src/app/Services/security-answer.service.spec.ts", "frontend/src/app/Services/security-answer.service.ts", "frontend/src/app/Services/security-question.service.spec.ts", "frontend/src/app/Services/security-question.service.ts", "frontend/src/app/Services/snack-bar-helper.service.spec.ts", "frontend/src/app/Services/snack-bar-helper.service.ts", "frontend/src/app/Services/socket-io.service.spec.ts", "frontend/src/app/Services/socket-io.service.ts", "frontend/src/app/Services/track-order.service.spec.ts", "frontend/src/app/Services/track-order.service.ts", "frontend/src/app/Services/two-factor-auth-service.spec.ts", "frontend/src/app/Services/two-factor-auth-service.ts", "frontend/src/app/Services/user.service.spec.ts", "frontend/src/app/Services/user.service.ts", "frontend/src/app/Services/vuln-lines.service.spec.ts", "frontend/src/app/Services/vuln-lines.service.ts", "frontend/src/app/Services/wallet.service.spec.ts", "frontend/src/app/Services/wallet.service.ts", "frontend/src/app/Services/window-ref.service.spec.ts", "frontend/src/app/Services/window-ref.service.ts", "frontend/src/app/about/about.component.html", "frontend/src/app/about/about.component.scss", "frontend/src/app/about/about.component.spec.ts", "frontend/src/app/about/about.component.ts", "frontend/src/app/accounting/accounting.component.html", "frontend/src/app/accounting/accounting.component.scss", "frontend/src/app/accounting/accounting.component.spec.ts", "frontend/src/app/accounting/accounting.component.ts", "frontend/src/app/address/address.component.html", "frontend/src/app/address/address.component.scss", "frontend/src/app/address/address.component.spec.ts", "frontend/src/app/address/address.component.ts", "frontend/src/app/address-create/address-create.component.html", "frontend/src/app/address-create/address-create.component.scss", "frontend/src/app/address-create/address-create.component.spec.ts", "frontend/src/app/address-create/address-create.component.ts", "frontend/src/app/address-select/address-select.component.html", "frontend/src/app/address-select/address-select.component.scss", "frontend/src/app/address-select/address-select.component.spec.ts", "frontend/src/app/address-select/address-select.component.ts", "frontend/src/app/administration/administration.component.html", "frontend/src/app/administration/administration.component.scss", "frontend/src/app/administration/administration.component.spec.ts", "frontend/src/app/administration/administration.component.ts", "frontend/src/app/app.component.html", "frontend/src/app/app.component.scss", "frontend/src/app/app.component.spec.ts", "frontend/src/app/app.component.ts", "frontend/src/app/app.guard.spec.ts", "frontend/src/app/app.guard.ts", "frontend/src/app/app.module.ts", "frontend/src/app/app.routing.ts", "frontend/src/app/basket/basket.component.html", "frontend/src/app/basket/basket.component.scss", "frontend/src/app/basket/basket.component.spec.ts", "frontend/src/app/basket/basket.component.ts", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.html", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.scss", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.spec.ts", "frontend/src/app/challenge-solved-notification/challenge-solved-notification.component.ts", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.html", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.scss", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.spec.ts", "frontend/src/app/challenge-status-badge/challenge-status-badge.component.ts", "frontend/src/app/change-password/change-password.component.html", "frontend/src/app/change-password/change-password.component.scss", "frontend/src/app/change-password/change-password.component.spec.ts", "frontend/src/app/change-password/change-password.component.ts", "frontend/src/app/chatbot/chatbot.component.html", "frontend/src/app/chatbot/chatbot.component.scss", "frontend/src/app/chatbot/chatbot.component.spec.ts", "frontend/src/app/chatbot/chatbot.component.ts", "frontend/src/app/code-area/code-area.component.html", "frontend/src/app/code-area/code-area.component.scss", "frontend/src/app/code-area/code-area.component.spec.ts", "frontend/src/app/code-area/code-area.component.ts", "frontend/src/app/code-fixes/code-fixes.component.html", "frontend/src/app/code-fixes/code-fixes.component.scss", "frontend/src/app/code-fixes/code-fixes.component.spec.ts", "frontend/src/app/code-fixes/code-fixes.component.ts", "frontend/src/app/code-snippet/code-snippet.component.html", "frontend/src/app/code-snippet/code-snippet.component.scss", "frontend/src/app/code-snippet/code-snippet.component.spec.ts", "frontend/src/app/code-snippet/code-snippet.component.ts", "frontend/src/app/complaint/complaint.component.html", "frontend/src/app/complaint/complaint.component.scss", "frontend/src/app/complaint/complaint.component.spec.ts", "frontend/src/app/complaint/complaint.component.ts", "frontend/src/app/contact/contact.component.html", "frontend/src/app/contact/contact.component.scss", "frontend/src/app/contact/contact.component.spec.ts", "frontend/src/app/contact/contact.component.ts", "frontend/src/app/data-export/data-export.component.html", "frontend/src/app/data-export/data-export.component.scss", "frontend/src/app/data-export/data-export.component.spec.ts", "frontend/src/app/data-export/data-export.component.ts", "frontend/src/app/delivery-method/delivery-method.component.html", "frontend/src/app/delivery-method/delivery-method.component.scss", "frontend/src/app/delivery-method/delivery-method.component.spec.ts", "frontend/src/app/delivery-method/delivery-method.component.ts", "frontend/src/app/deluxe-user/deluxe-user.component.html", "frontend/src/app/deluxe-user/deluxe-user.component.scss", "frontend/src/app/deluxe-user/deluxe-user.component.spec.ts", "frontend/src/app/deluxe-user/deluxe-user.component.ts", "frontend/src/app/error-page/error-page.component.html", "frontend/src/app/error-page/error-page.component.scss", "frontend/src/app/error-page/error-page.component.spec.ts", "frontend/src/app/error-page/error-page.component.ts", "frontend/src/app/faucet/faucet.component.html", "frontend/src/app/faucet/faucet.component.scss", "frontend/src/app/faucet/faucet.component.ts", "frontend/src/app/faucet/faucet.module.ts", "frontend/src/app/feedback-details/feedback-details.component.html", "frontend/src/app/feedback-details/feedback-details.component.scss", "frontend/src/app/feedback-details/feedback-details.component.spec.ts", "frontend/src/app/feedback-details/feedback-details.component.ts", "frontend/src/app/forgot-password/forgot-password.component.html", "frontend/src/app/forgot-password/forgot-password.component.scss", "frontend/src/app/forgot-password/forgot-password.component.spec.ts", "frontend/src/app/forgot-password/forgot-password.component.ts", "frontend/src/app/last-login-ip/last-login-ip.component.html", "frontend/src/app/last-login-ip/last-login-ip.component.scss", "frontend/src/app/last-login-ip/last-login-ip.component.spec.ts", "frontend/src/app/last-login-ip/last-login-ip.component.ts", "frontend/src/app/login/login.component.html", "frontend/src/app/login/login.component.scss", "frontend/src/app/login/login.component.spec.ts", "frontend/src/app/login/login.component.ts", "frontend/src/app/navbar/navbar.component.html", "frontend/src/app/navbar/navbar.component.scss", "frontend/src/app/navbar/navbar.component.spec.ts", "frontend/src/app/navbar/navbar.component.ts", "frontend/src/app/nft-unlock/nft-unlock.component.html", "frontend/src/app/nft-unlock/nft-unlock.component.scss", "frontend/src/app/nft-unlock/nft-unlock.component.ts", "frontend/src/app/oauth/oauth.component.html", "frontend/src/app/oauth/oauth.component.scss", "frontend/src/app/oauth/oauth.component.spec.ts", "frontend/src/app/oauth/oauth.component.ts", "frontend/src/app/order-completion/order-completion.component.html", "frontend/src/app/order-completion/order-completion.component.scss", "frontend/src/app/order-completion/order-completion.component.spec.ts", "frontend/src/app/order-completion/order-completion.component.ts", "frontend/src/app/order-history/order-history.component.html", "frontend/src/app/order-history/order-history.component.scss", "frontend/src/app/order-history/order-history.component.spec.ts", "frontend/src/app/order-history/order-history.component.ts", "frontend/src/app/order-summary/order-summary.component.html", "frontend/src/app/order-summary/order-summary.component.scss", "frontend/src/app/order-summary/order-summary.component.spec.ts", "frontend/src/app/order-summary/order-summary.component.ts", "frontend/src/app/payment/payment.component.html", "frontend/src/app/payment/payment.component.scss", "frontend/src/app/payment/payment.component.spec.ts", "frontend/src/app/payment/payment.component.ts", "frontend/src/app/payment-method/payment-method.component.html", "frontend/src/app/payment-method/payment-method.component.scss", "frontend/src/app/payment-method/payment-method.component.spec.ts", "frontend/src/app/payment-method/payment-method.component.ts", "frontend/src/app/photo-wall/mime-type.validator.ts", "frontend/src/app/photo-wall/photo-wall.component.html", "frontend/src/app/photo-wall/photo-wall.component.scss", "frontend/src/app/photo-wall/photo-wall.component.spec.ts", "frontend/src/app/photo-wall/photo-wall.component.ts", "frontend/src/app/privacy-policy/privacy-policy.component.html", "frontend/src/app/privacy-policy/privacy-policy.component.scss", "frontend/src/app/privacy-policy/privacy-policy.component.spec.ts", "frontend/src/app/privacy-policy/privacy-policy.component.ts", "frontend/src/app/privacy-security/privacy-security.component.html", "frontend/src/app/privacy-security/privacy-security.component.scss", "frontend/src/app/privacy-security/privacy-security.component.spec.ts", "frontend/src/app/privacy-security/privacy-security.component.ts", "frontend/src/app/product-details/product-details.component.html", "frontend/src/app/product-details/product-details.component.scss", "frontend/src/app/product-details/product-details.component.spec.ts", "frontend/src/app/product-details/product-details.component.ts", "frontend/src/app/product-review-edit/product-review-edit.component.html", "frontend/src/app/product-review-edit/product-review-edit.component.scss", "frontend/src/app/product-review-edit/product-review-edit.component.spec.ts", "frontend/src/app/product-review-edit/product-review-edit.component.ts", "frontend/src/app/purchase-basket/purchase-basket.component.html", "frontend/src/app/purchase-basket/purchase-basket.component.scss", "frontend/src/app/purchase-basket/purchase-basket.component.spec.ts", "frontend/src/app/purchase-basket/purchase-basket.component.ts", "frontend/src/app/qr-code/qr-code.component.html", "frontend/src/app/qr-code/qr-code.component.scss", "frontend/src/app/qr-code/qr-code.component.spec.ts", "frontend/src/app/qr-code/qr-code.component.ts", "frontend/src/app/recycle/recycle.component.html", "frontend/src/app/recycle/recycle.component.scss", "frontend/src/app/recycle/recycle.component.spec.ts", "frontend/src/app/recycle/recycle.component.ts", "frontend/src/app/register/register.component.html", "frontend/src/app/register/register.component.scss", "frontend/src/app/register/register.component.spec.ts", "frontend/src/app/register/register.component.ts", "frontend/src/app/roles.ts", "frontend/src/app/saved-address/saved-address.component.html", "frontend/src/app/saved-address/saved-address.component.scss", "frontend/src/app/saved-address/saved-address.component.spec.ts", "frontend/src/app/saved-address/saved-address.component.ts", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.html", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.scss", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.spec.ts", "frontend/src/app/saved-payment-methods/saved-payment-methods.component.ts", "frontend/src/app/score-board/components/challenge-card/challenge-card.component.html", "frontend/src/app/score-board/components/challenge-card/challenge-card.component.scss", "frontend/src/app/score-board/components/challenge-card/challenge-card.component.spec.ts", "frontend/src/app/score-board/components/challenge-card/challenge-card.component.ts", "frontend/src/app/score-board/components/challenges-unavailable-warning/challenges-unavailable-warning.component.html", "frontend/src/app/score-board/components/challenges-unavailable-warning/challenges-unavailable-warning.component.scss", "frontend/src/app/score-board/components/challenges-unavailable-warning/challenges-unavailable-warning.component.spec.ts", "frontend/src/app/score-board/components/challenges-unavailable-warning/challenges-unavailable-warning.component.ts", "frontend/src/app/score-board/components/coding-challenge-progress-score-card/coding-challenge-progress-score-card.component.html", "frontend/src/app/score-board/components/coding-challenge-progress-score-card/coding-challenge-progress-score-card.component.scss", "frontend/src/app/score-board/components/coding-challenge-progress-score-card/coding-challenge-progress-score-card.component.spec.ts", "frontend/src/app/score-board/components/coding-challenge-progress-score-card/coding-challenge-progress-score-card.component.ts", "frontend/src/app/score-board/components/difficulty-overview-score-card/difficulty-overview-score-card.component.html", "frontend/src/app/score-board/components/difficulty-overview-score-card/difficulty-overview-score-card.component.scss", "frontend/src/app/score-board/components/difficulty-overview-score-card/difficulty-overview-score-card.component.spec.ts", "frontend/src/app/score-board/components/difficulty-overview-score-card/difficulty-overview-score-card.component.ts", "frontend/src/app/score-board/components/difficulty-stars/difficulty-stars.component.html", "frontend/src/app/score-board/components/difficulty-stars/difficulty-stars.component.scss", "frontend/src/app/score-board/components/difficulty-stars/difficulty-stars.component.ts", "frontend/src/app/score-board/components/filter-settings/components/category-filter/category-filter.component.html", "frontend/src/app/score-board/components/filter-settings/components/category-filter/category-filter.component.scss", "frontend/src/app/score-board/components/filter-settings/components/category-filter/category-filter.component.spec.ts", "frontend/src/app/score-board/components/filter-settings/components/category-filter/category-filter.component.ts", "frontend/src/app/score-board/components/filter-settings/components/score-board-additional-settings-dialog/score-board-additional-settings-dialog.component.html", "frontend/src/app/score-board/components/filter-settings/components/score-board-additional-settings-dialog/score-board-additional-settings-dialog.component.scss", "frontend/src/app/score-board/components/filter-settings/components/score-board-additional-settings-dialog/score-board-additional-settings-dialog.component.spec.ts", "frontend/src/app/score-board/components/filter-settings/components/score-board-additional-settings-dialog/score-board-additional-settings-dialog.component.ts", "frontend/src/app/score-board/components/filter-settings/filter-settings.component.html", "frontend/src/app/score-board/components/filter-settings/filter-settings.component.scss", "frontend/src/app/score-board/components/filter-settings/filter-settings.component.spec.ts", "frontend/src/app/score-board/components/filter-settings/filter-settings.component.ts", "frontend/src/app/score-board/components/filter-settings/pipes/difficulty-selection-summary.pipe.spec.ts", "frontend/src/app/score-board/components/filter-settings/pipes/difficulty-selection-summary.pipe.ts", "frontend/src/app/score-board/components/hacking-challenge-progress-score-card/hacking-challenge-progress-score-card.component.html", "frontend/src/app/score-board/components/hacking-challenge-progress-score-card/hacking-challenge-progress-score-card.component.scss", "frontend/src/app/score-board/components/hacking-challenge-progress-score-card/hacking-challenge-progress-score-card.component.spec.ts", "frontend/src/app/score-board/components/hacking-challenge-progress-score-card/hacking-challenge-progress-score-card.component.ts", "frontend/src/app/score-board/components/legacy-notice/legacy-notice.component.html", "frontend/src/app/score-board/components/legacy-notice/legacy-notice.component.ts", "frontend/src/app/score-board/components/score-card/score-card.component.html", "frontend/src/app/score-board/components/score-card/score-card.component.scss", "frontend/src/app/score-board/components/score-card/score-card.component.spec.ts", "frontend/src/app/score-board/components/score-card/score-card.component.ts", "frontend/src/app/score-board/components/tutorial-mode-warning/tutorial-mode-warning.component.html", "frontend/src/app/score-board/components/tutorial-mode-warning/tutorial-mode-warning.component.spec.ts", "frontend/src/app/score-board/components/tutorial-mode-warning/tutorial-mode-warning.component.ts", "frontend/src/app/score-board/components/warning-card/warning-card.component.html", "frontend/src/app/score-board/components/warning-card/warning-card.component.scss", "frontend/src/app/score-board/components/warning-card/warning-card.component.ts", "frontend/src/app/score-board/filter-settings/FilterSetting.ts", "frontend/src/app/score-board/filter-settings/query-params-converters.ts", "frontend/src/app/score-board/filter-settings/query-params-coverter.spec.ts", "frontend/src/app/score-board/helpers/challenge-filtering.spec.ts", "frontend/src/app/score-board/helpers/challenge-filtering.ts", "frontend/src/app/score-board/helpers/challenge-sorting.spec.ts", "frontend/src/app/score-board/helpers/challenge-sorting.ts", "frontend/src/app/score-board/pipes/challenge-hint.pipe.ts", "frontend/src/app/score-board/score-board.component.html", "frontend/src/app/score-board/score-board.component.scss", "frontend/src/app/score-board/score-board.component.spec.ts", "frontend/src/app/score-board/score-board.component.ts", "frontend/src/app/score-board/score-board.module.ts", "frontend/src/app/score-board/types/EnrichedChallenge.ts", "frontend/src/app/score-board-legacy/score-board-legacy.component.html", "frontend/src/app/score-board-legacy/score-board-legacy.component.scss", "frontend/src/app/score-board-legacy/score-board-legacy.component.spec.ts", "frontend/src/app/score-board-legacy/score-board-legacy.component.ts", "frontend/src/app/search-result/search-result.component.html", "frontend/src/app/search-result/search-result.component.scss", "frontend/src/app/search-result/search-result.component.spec.ts", "frontend/src/app/search-result/search-result.component.ts", "frontend/src/app/server-started-notification/server-started-notification.component.html", "frontend/src/app/server-started-notification/server-started-notification.component.scss", "frontend/src/app/server-started-notification/server-started-notification.component.spec.ts", "frontend/src/app/server-started-notification/server-started-notification.component.ts", "frontend/src/app/sidenav/sidenav.component.html", "frontend/src/app/sidenav/sidenav.component.scss", "frontend/src/app/sidenav/sidenav.component.spec.ts", "frontend/src/app/sidenav/sidenav.component.ts", "frontend/src/app/token-sale/token-sale.component.html", "frontend/src/app/token-sale/token-sale.component.scss", "frontend/src/app/token-sale/token-sale.component.spec.ts", "frontend/src/app/token-sale/token-sale.component.ts", "frontend/src/app/track-result/track-result.component.html", "frontend/src/app/track-result/track-result.component.scss", "frontend/src/app/track-result/track-result.component.spec.ts", "frontend/src/app/track-result/track-result.component.ts", "frontend/src/app/two-factor-auth/two-factor-auth.component.html", "frontend/src/app/two-factor-auth/two-factor-auth.component.scss", "frontend/src/app/two-factor-auth/two-factor-auth.component.spec.ts", "frontend/src/app/two-factor-auth/two-factor-auth.component.ts", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.html", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.scss", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.spec.ts", "frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts", "frontend/src/app/user-details/user-details.component.html", "frontend/src/app/user-details/user-details.component.scss", "frontend/src/app/user-details/user-details.component.spec.ts", "frontend/src/app/user-details/user-details.component.ts", "frontend/src/app/wallet/wallet.component.html", "frontend/src/app/wallet/wallet.component.scss", "frontend/src/app/wallet/wallet.component.spec.ts", "frontend/src/app/wallet/wallet.component.ts", "frontend/src/app/wallet-web3/wallet-web3.component.html", "frontend/src/app/wallet-web3/wallet-web3.component.scss", "frontend/src/app/wallet-web3/wallet-web3.component.ts", "frontend/src/app/wallet-web3/wallet-web3.module.ts", "frontend/src/app/web3-sandbox/web3-sandbox.component.html", "frontend/src/app/web3-sandbox/web3-sandbox.component.scss", "frontend/src/app/web3-sandbox/web3-sandbox.component.ts", "frontend/src/app/web3-sandbox/web3-sandbox.module.ts", "frontend/src/app/welcome/welcome.component.html", "frontend/src/app/welcome/welcome.component.scss", "frontend/src/app/welcome/welcome.component.spec.ts", "frontend/src/app/welcome/welcome.component.ts", "frontend/src/app/welcome-banner/welcome-banner.component.html", "frontend/src/app/welcome-banner/welcome-banner.component.scss", "frontend/src/app/welcome-banner/welcome-banner.component.spec.ts", "frontend/src/app/welcome-banner/welcome-banner.component.ts", "frontend/src/assets/i18n/ar_SA.json", "frontend/src/assets/i18n/az_AZ.json", "frontend/src/assets/i18n/bg_BG.json", "frontend/src/assets/i18n/bn_BD.json", "frontend/src/assets/i18n/ca_ES.json", "frontend/src/assets/i18n/cs_CZ.json", "frontend/src/assets/i18n/da_DK.json", "frontend/src/assets/i18n/de_CH.json", "frontend/src/assets/i18n/de_DE.json", "frontend/src/assets/i18n/el_GR.json", "frontend/src/assets/i18n/en.json", "frontend/src/assets/i18n/es_ES.json", "frontend/src/assets/i18n/et_EE.json", "frontend/src/assets/i18n/fi_FI.json", "frontend/src/assets/i18n/fr_FR.json", "frontend/src/assets/i18n/ga_IE.json", "frontend/src/assets/i18n/he_IL.json", "frontend/src/assets/i18n/hi_IN.json", "frontend/src/assets/i18n/hu_HU.json", "frontend/src/assets/i18n/id_ID.json", "frontend/src/assets/i18n/it_IT.json", "frontend/src/assets/i18n/ja_JP.json", "frontend/src/assets/i18n/ka_GE.json", "frontend/src/assets/i18n/ko_KR.json", "frontend/src/assets/i18n/lv_LV.json", "frontend/src/assets/i18n/my_MM.json", "frontend/src/assets/i18n/nl_NL.json", "frontend/src/assets/i18n/no_NO.json", "frontend/src/assets/i18n/pl_PL.json", "frontend/src/assets/i18n/pt_BR.json", "frontend/src/assets/i18n/pt_PT.json", "frontend/src/assets/i18n/ro_RO.json", "frontend/src/assets/i18n/ru_RU.json", "frontend/src/assets/i18n/si_LK.json", "frontend/src/assets/i18n/sv_SE.json", "frontend/src/assets/i18n/th_TH.json", "frontend/src/assets/i18n/tlh_AA.json", "frontend/src/assets/i18n/tr_TR.json", "frontend/src/assets/i18n/uk_UA.json", "frontend/src/assets/i18n/zh_CN.json", "frontend/src/assets/i18n/zh_HK.json", "frontend/src/assets/i18n/zh_TW.json", "frontend/src/assets/private/CopyShader.js", "frontend/src/assets/private/EffectComposer.js", "frontend/src/assets/private/JuiceShop_Wallpaper_1920x1080_VR.jpg", "frontend/src/assets/private/MaskPass.js", "frontend/src/assets/private/OrbitControls.js", "frontend/src/assets/private/RenderPass.js", "frontend/src/assets/private/ShaderPass.js", "frontend/src/assets/private/earthspec4k.jpg", "frontend/src/assets/private/orangemap2k.jpg", "frontend/src/assets/private/three.js", "frontend/src/assets/private/threejs-demo.html", "frontend/src/assets/public/ContractABIs.ts", "frontend/src/assets/public/css/dataErasure.css", "frontend/src/assets/public/css/userProfile.css", "frontend/src/assets/public/favicon_ctf.ico", "frontend/src/assets/public/favicon_js.ico", "frontend/src/assets/public/images/BeeOwner.png", "frontend/src/assets/public/images/HoneyPot.png", "frontend/src/assets/public/images/JuiceShopCTF_Logo.png", "frontend/src/assets/public/images/JuiceShopCTF_Logo_400px.png", "frontend/src/assets/public/images/JuiceShop_Logo.ai", "frontend/src/assets/public/images/JuiceShop_Logo.png", "frontend/src/assets/public/images/JuiceShop_Logo.svg", "frontend/src/assets/public/images/JuiceShop_Logo_100px.png", "frontend/src/assets/public/images/JuiceShop_Logo_400px.png", "frontend/src/assets/public/images/JuiceShop_Logo_50px.png", "frontend/src/assets/public/images/JuicyBot.png", "frontend/src/assets/public/images/JuicyBot_MedicalMask.png", "frontend/src/assets/public/images/JuicyChatBot.png", "frontend/src/assets/public/images/Welcome_Banner.svg", "frontend/src/assets/public/images/carousel/1.jpg", "frontend/src/assets/public/images/carousel/2.jpg", "frontend/src/assets/public/images/carousel/3.jpg", "frontend/src/assets/public/images/carousel/4.jpg", "frontend/src/assets/public/images/carousel/5.png", "frontend/src/assets/public/images/carousel/6.jpg", "frontend/src/assets/public/images/carousel/7.jpg", "frontend/src/assets/public/images/deluxe/blankBoxes.png", "frontend/src/assets/public/images/juicyEvilWasp.png", "frontend/src/assets/public/images/padding/11px.png", "frontend/src/assets/public/images/padding/19px.png", "frontend/src/assets/public/images/padding/1px.png", "frontend/src/assets/public/images/padding/56px.png", "frontend/src/assets/public/images/padding/81px.png", "frontend/src/assets/public/images/products/3d_keychain.jpg", "frontend/src/assets/public/images/products/JuiceShop.stl", "frontend/src/assets/public/images/products/apple_juice.jpg", "frontend/src/assets/public/images/products/apple_pressings.jpg", "frontend/src/assets/public/images/products/artwork.jpg", "frontend/src/assets/public/images/products/artwork2.jpg", "frontend/src/assets/public/images/products/banana_juice.jpg", "frontend/src/assets/public/images/products/card_alpha.jpg", "frontend/src/assets/public/images/products/carrot_juice.jpeg", "frontend/src/assets/public/images/products/ccg_common.png", "frontend/src/assets/public/images/products/ccg_foil.png", "frontend/src/assets/public/images/products/coaster.jpg", "frontend/src/assets/public/images/products/cover_small.jpg", "frontend/src/assets/public/images/products/eggfruit_juice.jpg", "frontend/src/assets/public/images/products/fan_facemask.jpg", "frontend/src/assets/public/images/products/fan_girlie.jpg", "frontend/src/assets/public/images/products/fan_hoodie.jpg", "frontend/src/assets/public/images/products/fan_mug.jpg", "frontend/src/assets/public/images/products/fan_shirt.jpg", "frontend/src/assets/public/images/products/fruit_press.jpg", "frontend/src/assets/public/images/products/green_smoothie.jpg", "frontend/src/assets/public/images/products/holo_sticker.png", "frontend/src/assets/public/images/products/iron-on.jpg", "frontend/src/assets/public/images/products/juicy_chatbot.jpg", "frontend/src/assets/public/images/products/lemon_juice.jpg", "frontend/src/assets/public/images/products/magnets.jpg", "frontend/src/assets/public/images/products/melon_bike.jpeg", "frontend/src/assets/public/images/products/no-results.png", "frontend/src/assets/public/images/products/orange_juice.jpg", "frontend/src/assets/public/images/products/permafrost.jpg", "frontend/src/assets/public/images/products/quince.jpg", "frontend/src/assets/public/images/products/raspberry_juice.jpg", "frontend/src/assets/public/images/products/snakes_ladders.jpg", "frontend/src/assets/public/images/products/snakes_ladders_m.jpg", "frontend/src/assets/public/images/products/squareBox1-40x40x40.stl", "frontend/src/assets/public/images/products/sticker.png", "frontend/src/assets/public/images/products/sticker_page.jpg", "frontend/src/assets/public/images/products/sticker_single.jpg", "frontend/src/assets/public/images/products/stickersheet_se.png", "frontend/src/assets/public/images/products/strawberry_juice.jpeg", "frontend/src/assets/public/images/products/tattoo.jpg", "frontend/src/assets/public/images/products/thingie1.jpg", "frontend/src/assets/public/images/products/undefined.png", "frontend/src/assets/public/images/products/velcro-patch.jpg", "frontend/src/assets/public/images/products/waspy.png", "frontend/src/assets/public/images/products/woodruff_syrup.jpg", "frontend/src/assets/public/images/uploads/12.png", "frontend/src/assets/public/images/uploads/13.jpg", "frontend/src/assets/public/images/uploads/20.jpg", "frontend/src/assets/public/images/uploads/BeeHaven.png", "frontend/src/assets/public/images/uploads/default.svg", "frontend/src/assets/public/images/uploads/defaultAdmin.png", "frontend/src/assets/public/images/uploads/favorite-hiking-place.png", "frontend/src/assets/public/images/uploads/magn(et)ificent!-1571814229653.jpg", "frontend/src/confetti/index.ts", "frontend/src/environments/environment.prod.ts", "frontend/src/environments/environment.ts", "frontend/src/hacking-instructor/challenges/bonusPayload.ts", "frontend/src/hacking-instructor/challenges/codingChallenges.ts", "frontend/src/hacking-instructor/challenges/domXss.ts", "frontend/src/hacking-instructor/challenges/forgedFeedback.ts", "frontend/src/hacking-instructor/challenges/loginAdmin.ts", "frontend/src/hacking-instructor/challenges/loginBender.ts", "frontend/src/hacking-instructor/challenges/loginJim.ts", "frontend/src/hacking-instructor/challenges/passwordStrength.ts", "frontend/src/hacking-instructor/challenges/privacyPolicy.ts", "frontend/src/hacking-instructor/challenges/scoreBoard.ts", "frontend/src/hacking-instructor/challenges/viewBasket.ts", "frontend/src/hacking-instructor/helpers/helpers.ts", "frontend/src/hacking-instructor/index.ts", "frontend/src/hacking-instructor/tutorialUnavailable.ts", "frontend/src/index.html", "frontend/src/karma.conf.js", "frontend/src/main.ts", "frontend/src/polyfills.ts", "frontend/src/styles.scss", "frontend/src/test.ts", "frontend/src/theme.scss", "frontend/src/tsconfig.app.json", "frontend/src/tsconfig.spec.json", "frontend/tsconfig.base.json", "frontend/tsconfig.json", "frontend/webpack.angular.js", "ftp/acquisitions.md", "ftp/announcement_encrypted.md", "ftp/coupons_2013.md.bak", "ftp/eastere.gg", "ftp/encrypt.pyc", "ftp/incident-support.kdbx", "ftp/package.json.bak", "ftp/quarantine/juicy_malware_linux_amd_64.url", "ftp/quarantine/juicy_malware_linux_arm_64.url", "ftp/quarantine/juicy_malware_macos_64.url", "ftp/quarantine/juicy_malware_windows_64.exe.url", "ftp/suspicious_errors.yml", "i18n/.gitkeep", "lib/accuracy.ts", "lib/antiCheat.ts", "lib/botUtils.ts", "lib/challengeUtils.ts", "lib/codingChallenges.ts", "lib/insecurity.ts", "lib/is-docker.ts", "lib/is-heroku.ts", "lib/is-windows.ts", "lib/logger.ts", "lib/noUpdate.ts", "lib/startup/cleanupFtpFolder.ts", "lib/startup/customizeApplication.ts", "lib/startup/customizeEasterEgg.ts", "lib/startup/registerWebsocketEvents.ts", "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "lib/startup/validateChatBot.ts", "lib/startup/validateConfig.ts", "lib/startup/validateDependencies.ts", "lib/startup/validatePreconditions.ts", "lib/utils.ts", "lib/webhook.ts", "models/address.ts", "models/basket.ts", "models/basketitem.ts", "models/captcha.ts", "models/card.ts", "models/challenge.ts", "models/complaint.ts", "models/delivery.ts", "models/feedback.ts", "models/imageCaptcha.ts", "models/index.ts", "models/memory.ts", "models/privacyRequests.ts", "models/product.ts", "models/quantity.ts", "models/recycle.ts", "models/relations.ts", "models/securityAnswer.ts", "models/securityQuestion.ts", "models/user.ts", "models/wallet.ts", "monitoring/grafana-dashboard.json", "package.json", "routes/2fa.ts", "routes/address.ts", "routes/angular.ts", "routes/appConfiguration.ts", "routes/appVersion.ts", "routes/authenticatedUsers.ts", "routes/b2bOrder.ts", "routes/basket.ts", "routes/basketItems.ts", "routes/captcha.ts", "routes/changePassword.ts", "routes/chatbot.ts", "routes/checkKeys.ts", "routes/continueCode.ts", "routes/countryMapping.ts", "routes/coupon.ts", "routes/createProductReviews.ts", "routes/currentUser.ts", "routes/dataErasure.ts", "routes/dataExport.ts", "routes/delivery.ts", "routes/deluxe.ts", "routes/easterEgg.ts", "routes/fileServer.ts", "routes/fileUpload.ts", "routes/imageCaptcha.ts", "routes/keyServer.ts", "routes/languages.ts", "routes/likeProductReviews.ts", "routes/logfileServer.ts", "routes/login.ts", "routes/memory.ts", "routes/metrics.ts", "routes/nftMint.ts", "routes/order.ts", "routes/orderHistory.ts", "routes/payment.ts", "routes/premiumReward.ts", "routes/privacyPolicyProof.ts", "routes/profileImageFileUpload.ts", "routes/profileImageUrlUpload.ts", "routes/quarantineServer.ts", "routes/recycles.ts", "routes/redirect.ts", "routes/repeatNotification.ts", "routes/resetPassword.ts", "routes/restoreProgress.ts", "routes/saveLoginIp.ts", "routes/search.ts", "routes/securityQuestion.ts", "routes/showProductReviews.ts", "routes/trackOrder.ts", "routes/updateProductReviews.ts", "routes/updateUserProfile.ts", "routes/userProfile.ts", "routes/verify.ts", "routes/videoHandler.ts", "routes/vulnCodeFixes.ts", "routes/vulnCodeSnippet.ts", "routes/wallet.ts", "routes/web3Wallet.ts", "rsn/cache.json", "rsn/rsn-update.ts", "rsn/rsn-verbose.ts", "rsn/rsn.ts", "rsn/rsnUtil.ts", "screenshots/git-stats.png", "screenshots/screenshot00.png", "screenshots/screenshot01.png", "screenshots/screenshot02.png", "screenshots/screenshot03.png", "screenshots/screenshot04.png", "screenshots/screenshot05.png", "screenshots/screenshot06.png", "screenshots/screenshot08.png", "screenshots/screenshot09.png", "screenshots/screenshot10.png", "screenshots/screenshot11.png", "screenshots/screenshot12.png", "screenshots/screenshot13.png", "server.ts", "swagger.yml", "threat-model.json", "tsconfig.json", "uploads/complaints/.gitkeep", "vagrant/Vagrantfile", "vagrant/bootstrap.sh", "vagrant/default.conf", "views/dataErasureForm.hbs", "views/dataErasureResult.hbs", "views/promotionVideo.pug", "views/themes/themes.js", "views/userProfile.pug"]}, "results": [{"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 65, "line": 41, "offset": 1691}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 30, "line": 40, "offset": 1615}, "path": "data/datacreator.ts", "start": {"col": 26, "line": 40, "offset": 1611}}}], "taint_sink": ["CliLoc", [{"end": {"col": 65, "line": 41, "offset": 1691}, "path": "data/datacreator.ts", "start": {"col": 33, "line": 41, "offset": 1659}}, "'./data/static/' + file + '.yml'"]], "taint_source": ["CliLoc", [{"end": {"col": 30, "line": 40, "offset": 1615}, "path": "data/datacreator.ts", "start": {"col": 26, "line": 40, "offset": 1611}}, "file"]]}, "engine_kind": "OSS", "fingerprint": "cc63a684cea621802562c3aabc866f05b37b9f8658bd0fe4c88e63588609de300bfaabd7191f7ee48bd8017671c3f8e0190de52fa986158dafb899463b79b3ae_0", "is_ignored": false, "lines": " const filePath = path.resolve('./data/static/' + file + '.yml')", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 24, "line": 41, "offset": 1650}, "start": {"col": 20, "line": 41, "offset": 1646}}, "$SINK": {"abstract_content": "'./data/static/'+file+'.yml'", "end": {"col": 65, "line": 41, "offset": 1691}, "start": {"col": 33, "line": 41, "offset": 1659}}, "$X": {"abstract_content": "file", "end": {"col": 30, "line": 40, "offset": 1615}, "start": {"col": 26, "line": 40, "offset": 1611}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "data/datacreator.ts", "start": {"col": 33, "line": 41, "offset": 1659}}, {"check_id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "end": {"col": 162, "line": 5, "offset": 428}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 3, "offset": 126}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 9, "line": 3, "offset": 118}}}], "taint_sink": ["CliLoc", [{"end": {"col": 162, "line": 5, "offset": 428}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 28, "line": 5, "offset": 294}}, "\"SELECT * FROM Products WHERE ((name LIKE '%\"+criteria+\"%' OR description LIKE '%\"+criteria+\"%') AND deletedAt IS NULL) ORDER BY name\""]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 3, "offset": 178}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 60, "line": 3, "offset": 169}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "01b8e724b9b2ca911743bd18718f705749ee2d12329b08125c003a1141def61cecdb34215ced0cd85fd4a0209fa6f4e024c13099eb57a6251a313830acb5172a_0", "is_ignored": false, "lines": " models.sequelize.query(\"SELECT * FROM Products WHERE ((name LIKE '%\"+criteria+\"%' OR description LIKE '%\"+criteria+\"%') AND deletedAt IS NULL) ORDER BY name\")", "message": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.", "metadata": {"category": "security", "confidence": "HIGH", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22085, "rule_id": "yyU0GX", "rv_id": 109973, "url": "https://semgrep.dev/playground/r/3ZTkQwW/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "version_id": "3ZTkQwW"}}, "shortlink": "https://sg.run/gjoe", "source": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$DB": {"abstract_content": "models", "end": {"col": 11, "line": 5, "offset": 277}, "start": {"col": 5, "line": 5, "offset": 271}}, "$NEXT": {"abstract_content": "next", "end": {"col": 44, "line": 2, "offset": 89}, "start": {"col": 40, "line": 2, "offset": 85}}, "$QUERY": {"abstract_content": "\"SELECT * FROM Products WHERE ((name LIKE '%\"+criteria+\"%' OR description LIKE '%\"+criteria+\"%') AND deletedAt IS NULL) ORDER BY name\"", "end": {"col": 162, "line": 5, "offset": 428}, "start": {"col": 28, "line": 5, "offset": 294}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 3, "offset": 172}, "start": {"col": 60, "line": 3, "offset": 169}}, "$RES": {"abstract_content": "res", "end": {"col": 28, "line": 2, "offset": 73}, "start": {"col": 25, "line": 2, "offset": 70}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 28, "line": 5, "offset": 294}}, {"check_id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "end": {"col": 82, "line": 5, "offset": 348}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 3, "offset": 126}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 9, "line": 3, "offset": 118}}}], "taint_sink": ["CliLoc", [{"end": {"col": 82, "line": 5, "offset": 348}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 74, "line": 5, "offset": 340}}, "criteria"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 3, "offset": 178}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 60, "line": 3, "offset": 169}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "cc1ec43f7369bf7eed4ad2ad3818889f5600ea37b1f96fdd91b7f50ee6f72f6b8cbe3c84acf55e81d619317f06c7c28e0fc55d87dcfeac0ba522caa6edc47613_0", "is_ignored": false, "lines": " models.sequelize.query(\"SELECT * FROM Products WHERE ((name LIKE '%\"+criteria+\"%' OR description LIKE '%\"+criteria+\"%') AND deletedAt IS NULL) ORDER BY name\")", "message": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://owasp.org/www-community/attacks/SQL_Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 14715, "rule_id": "NbUNpr", "rv_id": 751091, "url": "https://semgrep.dev/playground/r/l4TWDPx/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "version_id": "l4TWDPx"}}, "shortlink": "https://sg.run/66ZL", "source": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$1": {"abstract_content": "SELECT", "end": {"col": 7, "line": 1, "offset": 6}, "start": {"col": 1, "line": 1, "offset": 0}}, "$EXPR": {"abstract_content": "criteria", "end": {"col": 82, "line": 5, "offset": 348}, "start": {"col": 74, "line": 5, "offset": 340}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 3, "offset": 172}, "start": {"col": 60, "line": 3, "offset": 169}}, "$SQLSTR": {"abstract_content": "SELECT * FROM Products WHERE ((name LIKE '%", "end": {"col": 72, "line": 5, "offset": 338}, "start": {"col": 29, "line": 5, "offset": 295}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/dbSchemaChallenge_1.ts", "start": {"col": 74, "line": 5, "offset": 340}}, {"check_id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "end": {"col": 159, "line": 11, "offset": 560}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 5, "offset": 171}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 9, "line": 5, "offset": 163}}}], "taint_sink": ["CliLoc", [{"end": {"col": 159, "line": 11, "offset": 560}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 28, "line": 11, "offset": 429}}, "`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 5, "offset": 223}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 60, "line": 5, "offset": 214}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "4ded94d6131f70079d7885c7bb41acbbcacd1f422be56352873bb2463cf3648e663483dbf43f137e12b1f4f7e7f4b2f875abb2f7e72fcd74695a7e9c05dadfc6_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`)", "message": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.", "metadata": {"category": "security", "confidence": "HIGH", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22085, "rule_id": "yyU0GX", "rv_id": 109973, "url": "https://semgrep.dev/playground/r/3ZTkQwW/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "version_id": "3ZTkQwW"}}, "shortlink": "https://sg.run/gjoe", "source": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$DB": {"abstract_content": "models", "end": {"col": 11, "line": 11, "offset": 412}, "start": {"col": 5, "line": 11, "offset": 406}}, "$NEXT": {"abstract_content": "next", "end": {"col": 44, "line": 4, "offset": 134}, "start": {"col": 40, "line": 4, "offset": 130}}, "$QUERY": {"abstract_content": "`SELECT * FROM Products WHERE ((name LIKE '%criteria%' OR description LIKE '%criteria%') AND deletedAt IS NULL) ORDER BY name", "end": {"col": 159, "line": 11, "offset": 560}, "start": {"col": 28, "line": 11, "offset": 429}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 5, "offset": 217}, "start": {"col": 60, "line": 5, "offset": 214}}, "$RES": {"abstract_content": "res", "end": {"col": 28, "line": 4, "offset": 118}, "start": {"col": 25, "line": 4, "offset": 115}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 28, "line": 11, "offset": 429}}, {"check_id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "end": {"col": 82, "line": 11, "offset": 483}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 5, "offset": 171}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 9, "line": 5, "offset": 163}}}], "taint_sink": ["CliLoc", [{"end": {"col": 82, "line": 11, "offset": 483}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 74, "line": 11, "offset": 475}}, "criteria"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 5, "offset": 223}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 60, "line": 5, "offset": 214}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "fcb45b90e653c16828ddd85c510abcee5c95dbfc49972467dcc1131e2baa98fa41bf99d8ac507d33f801c75e3c15c3cfe7ec66654ecfcaf21beb877118ae0a2e_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`)", "message": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://owasp.org/www-community/attacks/SQL_Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 14715, "rule_id": "NbUNpr", "rv_id": 751091, "url": "https://semgrep.dev/playground/r/l4TWDPx/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "version_id": "l4TWDPx"}}, "shortlink": "https://sg.run/66ZL", "source": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$1": {"abstract_content": "SELECT", "end": {"col": 7, "line": 1, "offset": 6}, "start": {"col": 1, "line": 1, "offset": 0}}, "$EXPR": {"abstract_content": "criteria", "end": {"col": 82, "line": 11, "offset": 483}, "start": {"col": 74, "line": 11, "offset": 475}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 5, "offset": 217}, "start": {"col": 60, "line": 5, "offset": 214}}, "$SQLSTR": {"abstract_content": "SELECT * FROM Products WHERE ((name LIKE '%", "end": {"col": 72, "line": 11, "offset": 473}, "start": {"col": 29, "line": 11, "offset": 430}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/dbSchemaChallenge_3.ts", "start": {"col": 74, "line": 11, "offset": 475}}, {"check_id": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "end": {"col": 82, "line": 59, "offset": 2074}, "extra": {"engine_kind": "OSS", "fingerprint": "9fa5d4f9ee838f516fa47960eb756794dfa777c774e9b39aded42ac966208474faecc33edc588d26a35971045219cf6f2c9258803477f4060d0b970fff080f7f_0", "is_ignored": false, "lines": " tableData[i].description = tableData[i].description.replaceAll('<', '<').replaceAll('>', '>')", "message": "Detected a call to `replaceAll()` in an attempt to HTML escape the string `tableData[i].description`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://www.npmjs.com/package/dompurify", "https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22550, "rule_id": "kxUYE9", "rv_id": 109801, "url": "https://semgrep.dev/playground/r/o5TglAW/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "version_id": "o5TglAW"}}, "shortlink": "https://sg.run/AzoB", "source": "https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "subcategory": ["audit"], "technology": ["javascript", "typescript"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$1": {"abstract_content": "replace", "end": {"col": 8, "line": 1, "offset": 7}, "start": {"col": 1, "line": 1, "offset": 0}}, "$FUNC": {"abstract_content": "replaceAll", "end": {"col": 69, "line": 59, "offset": 2061}, "start": {"col": 59, "line": 59, "offset": 2051}}, "$STR": {"abstract_content": "tableData[i].description", "end": {"col": 58, "line": 59, "offset": 2050}, "start": {"col": 34, "line": 59, "offset": 2026}}}, "severity": "INFO", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/restfulXssChallenge_2.ts", "start": {"col": 34, "line": 59, "offset": 2026}}, {"check_id": "javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "end": {"col": 106, "line": 59, "offset": 2098}, "extra": {"engine_kind": "OSS", "fingerprint": "95c70d4c6aa16c60d8380102c20b4dfdcb1213882eebed408ec0dc18e2047eaf29d079d517b1f509b287865a7f9587d7b9b43f02a0a5cf7d584a252f122da7e6_0", "is_ignored": false, "lines": " tableData[i].description = tableData[i].description.replaceAll('<', '<').replaceAll('>', '>')", "message": "Detected a call to `replaceAll()` in an attempt to HTML escape the string `tableData[i].description.replaceAll('<', '<')`. Manually sanitizing input through a manually built list can be circumvented in many situations, and it's better to use a well known sanitization library such as `sanitize-html` or `DOMPurify`.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://www.npmjs.com/package/dompurify", "https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22550, "rule_id": "kxUYE9", "rv_id": 109801, "url": "https://semgrep.dev/playground/r/o5TglAW/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "version_id": "o5TglAW"}}, "shortlink": "https://sg.run/AzoB", "source": "https://semgrep.dev/r/javascript.audit.detect-replaceall-sanitization.detect-replaceall-sanitization", "subcategory": ["audit"], "technology": ["javascript", "typescript"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$1": {"abstract_content": "replace", "end": {"col": 8, "line": 1, "offset": 7}, "start": {"col": 1, "line": 1, "offset": 0}}, "$FUNC": {"abstract_content": "replaceAll", "end": {"col": 93, "line": 59, "offset": 2085}, "start": {"col": 83, "line": 59, "offset": 2075}}, "$STR": {"abstract_content": "tableData[i].description.replaceAll('<''<')", "end": {"col": 82, "line": 59, "offset": 2074}, "start": {"col": 34, "line": 59, "offset": 2026}}}, "severity": "INFO", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/restfulXssChallenge_2.ts", "start": {"col": 34, "line": 59, "offset": 2026}}, {"check_id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "end": {"col": 159, "line": 6, "offset": 467}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 3, "offset": 126}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 9, "line": 3, "offset": 118}}}], "taint_sink": ["CliLoc", [{"end": {"col": 159, "line": 6, "offset": 467}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 28, "line": 6, "offset": 336}}, "`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 3, "offset": 178}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 60, "line": 3, "offset": 169}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "68ee178dbe58f781b2d43de36ca8e69a77939878c90876e25922769ef38429441be8eded69f44074b38e9a176e2c8dbb515131767ba2f80d3acce9c329deae72_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`)", "message": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.", "metadata": {"category": "security", "confidence": "HIGH", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22085, "rule_id": "yyU0GX", "rv_id": 109973, "url": "https://semgrep.dev/playground/r/3ZTkQwW/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "version_id": "3ZTkQwW"}}, "shortlink": "https://sg.run/gjoe", "source": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$DB": {"abstract_content": "models", "end": {"col": 11, "line": 6, "offset": 319}, "start": {"col": 5, "line": 6, "offset": 313}}, "$NEXT": {"abstract_content": "next", "end": {"col": 44, "line": 2, "offset": 89}, "start": {"col": 40, "line": 2, "offset": 85}}, "$QUERY": {"abstract_content": "`SELECT * FROM Products WHERE ((name LIKE '%criteria%' OR description LIKE '%criteria%') AND deletedAt IS NULL) ORDER BY name", "end": {"col": 159, "line": 6, "offset": 467}, "start": {"col": 28, "line": 6, "offset": 336}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 3, "offset": 172}, "start": {"col": 60, "line": 3, "offset": 169}}, "$RES": {"abstract_content": "res", "end": {"col": 28, "line": 2, "offset": 73}, "start": {"col": 25, "line": 2, "offset": 70}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 28, "line": 6, "offset": 336}}, {"check_id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "end": {"col": 82, "line": 6, "offset": 390}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 3, "offset": 126}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 9, "line": 3, "offset": 118}}}], "taint_sink": ["CliLoc", [{"end": {"col": 82, "line": 6, "offset": 390}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 74, "line": 6, "offset": 382}}, "criteria"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 3, "offset": 178}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 60, "line": 3, "offset": 169}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "cee6a5d268d69e1d04d406ba22bc3ee00875d6db22345bb68bf4ed43a3f67fb82bca2b424a57db513110282b7db614d92787a7a622350114c9b324f483b39cee_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`)", "message": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://owasp.org/www-community/attacks/SQL_Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 14715, "rule_id": "NbUNpr", "rv_id": 751091, "url": "https://semgrep.dev/playground/r/l4TWDPx/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "version_id": "l4TWDPx"}}, "shortlink": "https://sg.run/66ZL", "source": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$1": {"abstract_content": "SELECT", "end": {"col": 7, "line": 1, "offset": 6}, "start": {"col": 1, "line": 1, "offset": 0}}, "$EXPR": {"abstract_content": "criteria", "end": {"col": 82, "line": 6, "offset": 390}, "start": {"col": 74, "line": 6, "offset": 382}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 3, "offset": 172}, "start": {"col": 60, "line": 3, "offset": 169}}, "$SQLSTR": {"abstract_content": "SELECT * FROM Products WHERE ((name LIKE '%", "end": {"col": 72, "line": 6, "offset": 380}, "start": {"col": 29, "line": 6, "offset": 337}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/unionSqlInjectionChallenge_1.ts", "start": {"col": 74, "line": 6, "offset": 382}}, {"check_id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "end": {"col": 159, "line": 10, "offset": 599}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 3, "offset": 126}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 9, "line": 3, "offset": 118}}}], "taint_sink": ["CliLoc", [{"end": {"col": 159, "line": 10, "offset": 599}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 28, "line": 10, "offset": 468}}, "`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 3, "offset": 178}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 60, "line": 3, "offset": 169}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "1a9181d8de1aa222fc91e705cd7647a3698dfc4a64e7e64c18fa8e37725eb152473fa798ec9b48f28a3bedc8c7937ff6d931e6e481be2ced162543fced5c95f4_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`)", "message": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.", "metadata": {"category": "security", "confidence": "HIGH", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22085, "rule_id": "yyU0GX", "rv_id": 109973, "url": "https://semgrep.dev/playground/r/3ZTkQwW/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "version_id": "3ZTkQwW"}}, "shortlink": "https://sg.run/gjoe", "source": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$DB": {"abstract_content": "models", "end": {"col": 11, "line": 10, "offset": 451}, "start": {"col": 5, "line": 10, "offset": 445}}, "$NEXT": {"abstract_content": "next", "end": {"col": 44, "line": 2, "offset": 89}, "start": {"col": 40, "line": 2, "offset": 85}}, "$QUERY": {"abstract_content": "`SELECT * FROM Products WHERE ((name LIKE '%criteria%' OR description LIKE '%criteria%') AND deletedAt IS NULL) ORDER BY name", "end": {"col": 159, "line": 10, "offset": 599}, "start": {"col": 28, "line": 10, "offset": 468}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 3, "offset": 172}, "start": {"col": 60, "line": 3, "offset": 169}}, "$RES": {"abstract_content": "res", "end": {"col": 28, "line": 2, "offset": 73}, "start": {"col": 25, "line": 2, "offset": 70}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 28, "line": 10, "offset": 468}}, {"check_id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "end": {"col": 82, "line": 10, "offset": 522}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 3, "offset": 126}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 9, "line": 3, "offset": 118}}}], "taint_sink": ["CliLoc", [{"end": {"col": 82, "line": 10, "offset": 522}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 74, "line": 10, "offset": 514}}, "criteria"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 3, "offset": 178}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 60, "line": 3, "offset": 169}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "94f30f982762ae475e8f1a1fcafe396ba368cf97ebe43174135da268564ab8f332b0c27f274ee63ebbade12d6a85dab3816a1baef768b8b28c903c27415cd390_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`)", "message": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://owasp.org/www-community/attacks/SQL_Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 14715, "rule_id": "NbUNpr", "rv_id": 751091, "url": "https://semgrep.dev/playground/r/l4TWDPx/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "version_id": "l4TWDPx"}}, "shortlink": "https://sg.run/66ZL", "source": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$1": {"abstract_content": "SELECT", "end": {"col": 7, "line": 1, "offset": 6}, "start": {"col": 1, "line": 1, "offset": 0}}, "$EXPR": {"abstract_content": "criteria", "end": {"col": 82, "line": 10, "offset": 522}, "start": {"col": 74, "line": 10, "offset": 514}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 3, "offset": 172}, "start": {"col": 60, "line": 3, "offset": 169}}, "$SQLSTR": {"abstract_content": "SELECT * FROM Products WHERE ((name LIKE '%", "end": {"col": 72, "line": 10, "offset": 512}, "start": {"col": 29, "line": 10, "offset": 469}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/codefixes/unionSqlInjectionChallenge_3.ts", "start": {"col": 74, "line": 10, "offset": 514}}, {"check_id": "generic.secrets.security.detected-generic-secret.detected-generic-secret", "end": {"col": 47, "line": 150, "offset": 3540}, "extra": {"engine_kind": "OSS", "fingerprint": "d88ab23597e5dd26aac1d4036d60ded436d6c11cbdf4835e90361d4fc8d7560519cd06917716a7c62b545bb91658078213beeaf9ab967face86db4ebba54c374_0", "is_ignored": false, "lines": " totpSecret: IFTXE3SPOEYVURT2MRYGI52TKJ4HC3KH", "message": "Generic Secret detected", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-798: Use of Hard-coded Credentials"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2021 - Identification and Authentication Failures"], "references": ["https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9057, "rule_id": "r6Urqe", "rv_id": 109533, "url": "https://semgrep.dev/playground/r/BjTXrOJ/generic.secrets.security.detected-generic-secret.detected-generic-secret", "version_id": "BjTXrOJ"}}, "shortlink": "https://sg.run/l2o5", "source": "https://semgrep.dev/r/generic.secrets.security.detected-generic-secret.detected-generic-secret", "source-rule-url": "https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json", "subcategory": ["audit"], "technology": ["secrets"], "vulnerability_class": ["Hard-coded Secrets"]}, "metavars": {"$1": {"abstract_content": "IFTXE3SPOEYVURT2MRYGI52TKJ4HC3KH", "end": {"col": 47, "line": 150, "offset": 3540}, "start": {"col": 15, "line": 150, "offset": 3508}}, "$SECRET": {"abstract_content": "IFTXE3SPOEYVURT2MRYGI52TKJ4HC3KH", "end": {"col": 47, "line": 150, "offset": 3540}, "start": {"col": 15, "line": 150, "offset": 3508}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "data/static/users.yml", "start": {"col": 7, "line": 150, "offset": 3500}}, {"check_id": "yaml.docker-compose.security.no-new-privileges.no-new-privileges", "end": {"col": 6, "line": 7, "offset": 85}, "extra": {"engine_kind": "OSS", "fingerprint": "960bdef15b384a188683a14ab9ebc796ddd5bc75b2642aa1dc86959ba51f08808cc9fa32c9221b95724debbe72eb57486030196a10b152f507ae0118f990929b_0", "is_ignored": false, "lines": " app:", "message": "Service 'app' allows for privilege escalation via setuid or setgid binaries. Add 'no-new-privileges:true' in 'security_opt' to prevent this.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-732: Incorrect Permission Assignment for Critical Resource"], "cwe2021-top25": true, "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A05:2021 - Security Misconfiguration", "A06:2017 - Security Misconfiguration"], "references": ["https://raesene.github.io/blog/2019/06/01/docker-capabilities-and-no-new-privs/", "https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-4-add-no-new-privileges-flag"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 10054, "rule_id": "qNUoWr", "rv_id": 111110, "url": "https://semgrep.dev/playground/r/qkT2BLp/yaml.docker-compose.security.no-new-privileges.no-new-privileges", "version_id": "qkT2BLp"}}, "shortlink": "https://sg.run/0n8q", "source": "https://semgrep.dev/r/yaml.docker-compose.security.no-new-privileges.no-new-privileges", "subcategory": ["audit"], "technology": ["docker-compose"], "vulnerability_class": ["Improper Authorization"]}, "metavars": {"$SERVICE": {"abstract_content": "app", "end": {"col": 6, "line": 7, "offset": 85}, "start": {"col": 3, "line": 7, "offset": 82}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "docker-compose.test.yml", "start": {"col": 3, "line": 7, "offset": 82}}, {"check_id": "yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service", "end": {"col": 6, "line": 7, "offset": 85}, "extra": {"engine_kind": "OSS", "fingerprint": "63debf450769f920206dd0550ae469561755f4c91137ceef779f4418608e72e7fc96d8f91c44c198948b90d5940ce9ec10e1731c487f706ddba1663a44fcc221_0", "is_ignored": false, "lines": " app:", "message": "Service 'app' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temporarily consider using a tmpfs. Add 'read_only: true' to this service to prevent this.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-732: Incorrect Permission Assignment for Critical Resource"], "cwe2021-top25": true, "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A05:2021 - Security Misconfiguration", "A06:2017 - Security Misconfiguration"], "references": ["https://docs.docker.com/compose/compose-file/compose-file-v3/#domainname-hostname-ipc-mac_address-privileged-read_only-shm_size-stdin_open-tty-user-working_dir", "https://blog.atomist.com/security-of-docker-kubernetes/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html#rule-8-set-filesystem-and-volumes-to-read-only"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 10132, "rule_id": "v8U5vN", "rv_id": 111114, "url": "https://semgrep.dev/playground/r/o5Tg9ob/yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service", "version_id": "o5Tg9ob"}}, "shortlink": "https://sg.run/e4JE", "source": "https://semgrep.dev/r/yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service", "subcategory": ["audit"], "technology": ["docker-compose"], "vulnerability_class": ["Improper Authorization"]}, "metavars": {"$SERVICE": {"abstract_content": "app", "end": {"col": 6, "line": 7, "offset": 85}, "start": {"col": 3, "line": 7, "offset": 82}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "docker-compose.test.yml", "start": {"col": 3, "line": 7, "offset": 82}}, {"check_id": "javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop", "end": {"col": 54, "line": 36, "offset": 1036}, "extra": {"engine_kind": "OSS", "fingerprint": "5cead82d9a4735f083309009863d61c9b55b4caf4f217d8ee8d570d7f3159dedbfede69a52f5f8f43ffdedeedaa7ea4b87f15e2b53e8e916394ee253cb05610a_0", "is_ignored": false, "lines": " replacementValue = replacementValue[property]", "message": "Possibility of prototype polluting function detected. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes"], "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A08:2021 - Software and Data Integrity Failures"], "references": ["https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 13373, "rule_id": "QrUpbJ", "rv_id": 109925, "url": "https://semgrep.dev/playground/r/LjTqQbA/javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop", "version_id": "LjTqQbA"}}, "shortlink": "https://sg.run/w1DB", "source": "https://semgrep.dev/r/javascript.lang.security.audit.prototype-pollution.prototype-pollution-loop.prototype-pollution-loop", "subcategory": ["audit"], "technology": ["typescript"], "vulnerability_class": ["Mass Assignment"]}, "metavars": {"$A": {"abstract_content": "property", "end": {"col": 53, "line": 36, "offset": 1035}, "start": {"col": 45, "line": 36, "offset": 1027}}, "$SMTH": {"abstract_content": "replacementValue", "end": {"col": 25, "line": 36, "offset": 1007}, "start": {"col": 9, "line": 36, "offset": 991}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "frontend/src/hacking-instructor/helpers/helpers.ts", "start": {"col": 9, "line": 36, "offset": 991}}, {"check_id": "javascript.browser.security.insecure-document-method.insecure-document-method", "end": {"col": 43, "line": 107, "offset": 3433}, "extra": {"engine_kind": "OSS", "fingerprint": "2c98e3f2a3876269bc65deaaaf7d15babb665e2ef3c1ad4d5f0a13c8b18a4e1e5d025a370b85781ad5d3d629000ef15e98f99eddabd1b2ef147f05f1bb0acbc1_0", "is_ignored": false, "lines": " textBox.innerHTML = snarkdown(hint.text)", "message": "User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2017 - Cross-Site Scripting (XSS)", "A03:2021 - Injection"], "references": ["https://owasp.org/Top10/A03_2021-Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9239, "rule_id": "ReUg41", "rv_id": 109816, "url": "https://semgrep.dev/playground/r/O9TNO1x/javascript.browser.security.insecure-document-method.insecure-document-method", "version_id": "O9TNO1x"}}, "shortlink": "https://sg.run/LwA9", "source": "https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method", "subcategory": ["audit"], "technology": ["browser"], "vulnerability_class": ["Cross-Site-Scripting (XSS)"]}, "metavars": {"$EL": {"abstract_content": "textBox", "end": {"col": 10, "line": 107, "offset": 3400}, "start": {"col": 3, "line": 107, "offset": 3393}}, "$HTML": {"abstract_content": "snarkdown(hint.text)", "end": {"col": 43, "line": 107, "offset": 3433}, "start": {"col": 23, "line": 107, "offset": 3413}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "frontend/src/hacking-instructor/index.ts", "start": {"col": 3, "line": 107, "offset": 3393}}, {"check_id": "html.security.audit.missing-integrity.missing-integrity", "end": {"col": 127, "line": 14, "offset": 618}, "extra": {"engine_kind": "OSS", "fingerprint": "19be5f56108517fd4aa13ac781c2efa1b958845f8d0981d6045c2753b8e7859ef1821500b10f91f929701216b3e5d4db275c51b46841cc243755694916586294_0", "is_ignored": false, "lines": " ", "message": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-353: Missing Support for Integrity Check"], "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A08:2021 - Software and Data Integrity Failures"], "references": ["https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 13728, "rule_id": "AbUQzj", "rv_id": 727930, "url": "https://semgrep.dev/playground/r/rxT2BP3/html.security.audit.missing-integrity.missing-integrity", "version_id": "rxT2BP3"}}, "shortlink": "https://sg.run/krXA", "source": "https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity", "subcategory": ["audit"], "technology": ["html"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {"$...A": {"abstract_content": " rel=\"stylesheet\" type=\"text/css\" href=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css\" /", "end": {"col": 126, "line": 14, "offset": 617}, "start": {"col": 8, "line": 14, "offset": 499}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "frontend/src/index.html", "start": {"col": 3, "line": 14, "offset": 494}}, {"check_id": "html.security.audit.missing-integrity.missing-integrity", "end": {"col": 101, "line": 15, "offset": 719}, "extra": {"engine_kind": "OSS", "fingerprint": "ebbd0e51d187d45d29d545a4830b8fae70a465182495e82c41f5bb19edeb840fccb0d1748ed38ea0e9abac63d5f4d6f3bf7ad12718494a0a42a444eee3688658_0", "is_ignored": false, "lines": " ", "message": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-353: Missing Support for Integrity Check"], "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A08:2021 - Software and Data Integrity Failures"], "references": ["https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 13728, "rule_id": "AbUQzj", "rv_id": 727930, "url": "https://semgrep.dev/playground/r/rxT2BP3/html.security.audit.missing-integrity.missing-integrity", "version_id": "rxT2BP3"}}, "shortlink": "https://sg.run/krXA", "source": "https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity", "subcategory": ["audit"], "technology": ["html"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {"$...A": {"abstract_content": " src=\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\"", "end": {"col": 91, "line": 15, "offset": 709}, "start": {"col": 10, "line": 15, "offset": 628}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "frontend/src/index.html", "start": {"col": 3, "line": 15, "offset": 621}}, {"check_id": "html.security.audit.missing-integrity.missing-integrity", "end": {"col": 86, "line": 16, "offset": 805}, "extra": {"engine_kind": "OSS", "fingerprint": "851e3da7310a6d14c8b13e343b5a11f16c7e4a36829868ba5b108d5ec90277647bc99dbaec56808e40aa9983ba8f765af23c4f1c043ae68a981e4fbdf6982b7a_0", "is_ignored": false, "lines": " ", "message": "This tag is missing an 'integrity' subresource integrity attribute. The 'integrity' attribute allows for the browser to verify that externally hosted files (for example from a CDN) are delivered without unexpected manipulation. Without this attribute, if an attacker can modify the externally hosted resource, this could lead to XSS and other types of attacks. To prevent this, include the base64-encoded cryptographic hash of the resource (file) you\u2019re telling the browser to fetch in the 'integrity' attribute for all externally hosted files.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-353: Missing Support for Integrity Check"], "impact": "LOW", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A08:2021 - Software and Data Integrity Failures"], "references": ["https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 13728, "rule_id": "AbUQzj", "rv_id": 727930, "url": "https://semgrep.dev/playground/r/rxT2BP3/html.security.audit.missing-integrity.missing-integrity", "version_id": "rxT2BP3"}}, "shortlink": "https://sg.run/krXA", "source": "https://semgrep.dev/r/html.security.audit.missing-integrity.missing-integrity", "subcategory": ["audit"], "technology": ["html"], "vulnerability_class": ["Cryptographic Issues"]}, "metavars": {"$...A": {"abstract_content": " src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\"", "end": {"col": 76, "line": 16, "offset": 795}, "start": {"col": 10, "line": 16, "offset": 729}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "frontend/src/index.html", "start": {"col": 3, "line": 16, "offset": 722}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 48, "line": 24, "offset": 764}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "paths", "location": {"end": {"col": 56, "line": 18, "offset": 454}, "path": "lib/codingChallenges.ts", "start": {"col": 51, "line": 18, "offset": 449}}}, {"content": "currPath", "location": {"end": {"col": 22, "line": 20, "offset": 544}, "path": "lib/codingChallenges.ts", "start": {"col": 14, "line": 20, "offset": 536}}}], "taint_sink": ["CliLoc", [{"end": {"col": 48, "line": 24, "offset": 764}, "path": "lib/codingChallenges.ts", "start": {"col": 40, "line": 24, "offset": 756}}, "currPath"]], "taint_source": ["CliLoc", [{"end": {"col": 56, "line": 18, "offset": 454}, "path": "lib/codingChallenges.ts", "start": {"col": 51, "line": 18, "offset": 449}}, "paths"]]}, "engine_kind": "OSS", "fingerprint": "5145e9912a0e79e194c9050f1c58cf9fe01b555fd8e94909ac53dbebb8256687397d088f32935eed5baa69b57aa03e31b0950eb1537acab5f50c41ca4c60d834_0", "is_ignored": false, "lines": " files.map(file => path.resolve(currPath, file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 31, "line": 24, "offset": 747}, "start": {"col": 27, "line": 24, "offset": 743}}, "$SINK": {"abstract_content": "currPath", "end": {"col": 48, "line": 24, "offset": 764}, "start": {"col": 40, "line": 24, "offset": 756}}, "$X": {"abstract_content": "paths", "end": {"col": 56, "line": 18, "offset": 454}, "start": {"col": 51, "line": 18, "offset": 449}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/codingChallenges.ts", "start": {"col": 40, "line": 24, "offset": 756}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 54, "line": 24, "offset": 770}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 23, "line": 24, "offset": 739}, "path": "lib/codingChallenges.ts", "start": {"col": 19, "line": 24, "offset": 735}}}], "taint_sink": ["CliLoc", [{"end": {"col": 54, "line": 24, "offset": 770}, "path": "lib/codingChallenges.ts", "start": {"col": 50, "line": 24, "offset": 766}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 23, "line": 24, "offset": 739}, "path": "lib/codingChallenges.ts", "start": {"col": 19, "line": 24, "offset": 735}}, "file"]]}, "engine_kind": "OSS", "fingerprint": "a6424c290a3d1ef7aaa9533f4137914e2342c087a9543d3568c2caa357e1853f8ebfd743c9e4df16ee1893789382fdc9498da208cc2264a2cb656b226e3d16b4_0", "is_ignored": false, "lines": " files.map(file => path.resolve(currPath, file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 31, "line": 24, "offset": 747}, "start": {"col": 27, "line": 24, "offset": 743}}, "$SINK": {"abstract_content": "file", "end": {"col": 54, "line": 24, "offset": 770}, "start": {"col": 50, "line": 24, "offset": 766}}, "$X": {"abstract_content": "file", "end": {"col": 23, "line": 24, "offset": 739}, "start": {"col": 19, "line": 24, "offset": 735}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/codingChallenges.ts", "start": {"col": 50, "line": 24, "offset": 766}}, {"check_id": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "end": {"col": 67, "line": 76, "offset": 3033}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "challengeKey", "location": {"end": {"col": 73, "line": 58, "offset": 1985}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1973}}}], "taint_sink": ["CliLoc", [{"end": {"col": 67, "line": 76, "offset": 3033}, "path": "lib/codingChallenges.ts", "start": {"col": 9, "line": 76, "offset": 2975}}, "new RegExp(`vuln-code-snippet vuln-line.*${challengeKey}`)"]], "taint_source": ["CliLoc", [{"end": {"col": 73, "line": 58, "offset": 1985}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1973}}, "challengeKey"]]}, "engine_kind": "OSS", "fingerprint": "4beb0ef5efde79fe3b584d2109fe1ceea237470d3b6dc88cdcf5ae8eaa93534fe28d14b89b596c14d827cc48b012a5dfcb6faa709a0eb1e7e9ef68e31224653a_0", "is_ignored": false, "lines": " if (new RegExp(`vuln-code-snippet vuln-line.*${challengeKey}`).exec(lines[i]) != null) {", "message": "RegExp() called with a `challengeKey` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-1333: Inefficient Regular Expression Complexity"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "MEDIUM", "owasp": ["A05:2021 - Security Misconfiguration", "A06:2017 - Security Misconfiguration"], "references": ["https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 12685, "rule_id": "zdU1gD", "rv_id": 109915, "url": "https://semgrep.dev/playground/r/w8T9nxz/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "version_id": "w8T9nxz"}}, "shortlink": "https://sg.run/gr65", "source": "https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "source-rule-url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-non-literal-regexp.js", "subcategory": ["vuln"], "technology": ["javascript"], "vulnerability_class": ["Denial-of-Service (DoS)"]}, "metavars": {"$ARG": {"abstract_content": "challengeKey", "end": {"col": 73, "line": 58, "offset": 1985}, "start": {"col": 61, "line": 58, "offset": 1973}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/codingChallenges.ts", "start": {"col": 9, "line": 76, "offset": 2975}}, {"check_id": "javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "end": {"col": 77, "line": 78, "offset": 3164}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "challengeKey", "location": {"end": {"col": 73, "line": 58, "offset": 1985}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1973}}}], "taint_sink": ["CliLoc", [{"end": {"col": 77, "line": 78, "offset": 3164}, "path": "lib/codingChallenges.ts", "start": {"col": 16, "line": 78, "offset": 3103}}, "new RegExp(`vuln-code-snippet neutral-line.*${challengeKey}`)"]], "taint_source": ["CliLoc", [{"end": {"col": 73, "line": 58, "offset": 1985}, "path": "lib/codingChallenges.ts", "start": {"col": 61, "line": 58, "offset": 1973}}, "challengeKey"]]}, "engine_kind": "OSS", "fingerprint": "4beb0ef5efde79fe3b584d2109fe1ceea237470d3b6dc88cdcf5ae8eaa93534fe28d14b89b596c14d827cc48b012a5dfcb6faa709a0eb1e7e9ef68e31224653a_1", "is_ignored": false, "lines": " } else if (new RegExp(`vuln-code-snippet neutral-line.*${challengeKey}`).exec(lines[i]) != null) {", "message": "RegExp() called with a `challengeKey` function argument, this might allow an attacker to cause a Regular Expression Denial-of-Service (ReDoS) within your application as RegExP blocks the main thread. For this reason, it is recommended to use hardcoded regexes instead. If your regex is run on user-controlled input, consider performing input validation or use a regex checking/sanitization library such as https://www.npmjs.com/package/recheck to verify that the regex does not appear vulnerable to ReDoS.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-1333: Inefficient Regular Expression Complexity"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "MEDIUM", "owasp": ["A05:2021 - Security Misconfiguration", "A06:2017 - Security Misconfiguration"], "references": ["https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 12685, "rule_id": "zdU1gD", "rv_id": 109915, "url": "https://semgrep.dev/playground/r/w8T9nxz/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "version_id": "w8T9nxz"}}, "shortlink": "https://sg.run/gr65", "source": "https://semgrep.dev/r/javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp", "source-rule-url": "https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-non-literal-regexp.js", "subcategory": ["vuln"], "technology": ["javascript"], "vulnerability_class": ["Denial-of-Service (DoS)"]}, "metavars": {"$ARG": {"abstract_content": "challengeKey", "end": {"col": 73, "line": 58, "offset": 1985}, "start": {"col": 61, "line": 58, "offset": 1973}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/codingChallenges.ts", "start": {"col": 16, "line": 78, "offset": 3103}}, {"check_id": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "end": {"col": 94, "line": 44, "offset": 2382}, "extra": {"engine_kind": "OSS", "fingerprint": "569e806f7e4276ac73f185c72e97867ad00c7577b6de01cb8ddf4d0baac7e4e87d2a1332921d7904bc42be66144ec687c33426d62ca235adbef07da7962cfc84_0", "is_ignored": false, "lines": "export const hmac = (data: string) => crypto.createHmac('sha256', 'pa4qacea4VK9t9nGv7yZtwmj').update(data).digest('hex')", "message": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-798: Use of Hard-coded Credentials"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2021 - Identification and Authentication Failures"], "references": ["https://rules.sonarsource.com/javascript/RSPEC-2068", "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22555, "rule_id": "v8UGEw", "rv_id": 109918, "url": "https://semgrep.dev/playground/r/e1T01kp/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "version_id": "e1T01kp"}}, "shortlink": "https://sg.run/K9bn", "source": "https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "subcategory": ["audit"], "technology": ["crypto", "hmac"], "vulnerability_class": ["Hard-coded Secrets"]}, "metavars": {"$ALGO": {"abstract_content": "'sha256'", "end": {"col": 65, "line": 44, "offset": 2353}, "start": {"col": 57, "line": 44, "offset": 2345}}, "$CRYPTO": {"abstract_content": "crypto", "end": {"col": 45, "line": 44, "offset": 2333}, "start": {"col": 39, "line": 44, "offset": 2327}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/insecurity.ts", "start": {"col": 39, "line": 44, "offset": 2327}}, {"check_id": "javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret", "end": {"col": 66, "line": 56, "offset": 2822}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "privateKey", "location": {"end": {"col": 17, "line": 23, "offset": 815}, "path": "lib/insecurity.ts", "start": {"col": 7, "line": 23, "offset": 805}}}], "taint_sink": ["CliLoc", [{"end": {"col": 66, "line": 56, "offset": 2822}, "path": "lib/insecurity.ts", "start": {"col": 56, "line": 56, "offset": 2812}}, "privateKey"]], "taint_source": ["CliLoc", [{"end": {"col": 902, "line": 23, "offset": 1700}, "path": "lib/insecurity.ts", "start": {"col": 7, "line": 23, "offset": 805}}, "privateKey = '-----BEGIN RSA PRIVATE KEY-----\\r\\nMIICXAIBAAKBgQDNwqLEe9wgTXCbC7+RPdDbBbeqjdbs4kOPOIGzqLpXvJXlxxW8iMz0EaM4BKUqYsIa+ndv3NAn2RxCd5ubVdJJcX43zO6Ko0TFEZx/65gY3BE0O6syCEmUP4qbSd6exou/F+WTISzbQ5FBVPVmhnYhG/kpwt/cIxK5iUn5hm+4tQIDAQABAoGBAI+8xiPoOrA+KMnG/T4jJsG6TsHQcDHvJi7o1IKC/hnIXha0atTX5AUkRRce95qSfvKFweXdJXSQ0JMGJyfuXgU6dI0TcseFRfewXAa/ssxAC+iUVR6KUMh1PE2wXLitfeI6JLvVtrBYswm2I7CtY0q8n5AGimHWVXJPLfGV7m0BAkEA+fqFt2LXbLtyg6wZyxMA/cnmt5Nt3U2dAu77MzFJvibANUNHE4HPLZxjGNXN+a6m0K6TD4kDdh5HfUYLWWRBYQJBANK3carmulBwqzcDBjsJ0YrIONBpCAsXxk8idXb8jL9aNIg15Wumm2enqqObahDHB5jnGOLmbasizvSVqypfM9UCQCQl8xIqy+YgURXzXCN+kwUgHinrutZms87Jyi+D8Br8NY0+Nlf+zHvXAomD2W5CsEK7C+8SLBr3k/TsnRWHJuECQHFE9RA2OP8WoaLPuGCyFXaxzICThSRZYluVnWkZtxsBhW2W8z1b8PvWUE7kMy7TnkzeJS2LSnaNHoyxi7IaPQUCQCwWU4U+v4lD7uYBw00Ga/xt+7+UqFPlPVdz1yyr4q24Zxaw0LgmuEvgU5dycq8N7JxjTubX0MIRR+G9fmDBBl8=\\r\\n-----END RSA PRIVATE KEY-----'"]]}, "engine_kind": "OSS", "fingerprint": "a49b6df23d44cd84c24a0a46333b4f84c29344ebd6fc6983dc550cf5fbd28961e8d6e2ef41c00fc6ba2402f3d6970d98309fdad1dfcaa451c3046661ba13881a_0", "is_ignored": false, "lines": "export const authorize = (user = {}) => jwt.sign(user, privateKey, { expiresIn: '6h', algorithm: 'RS256' })", "message": "A hard-coded credential was detected. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).", "metadata": {"asvs": {"control_id": "3.5.2 Static API keys or secret", "control_url": "https://github.com/OWASP/ASVS/blob/master/4.0/en/0x12-V3-Session-management.md#v35-token-based-session-management", "section": "V3: Session Management Verification Requirements", "version": "4"}, "category": "security", "confidence": "HIGH", "cwe": ["CWE-798: Use of Hard-coded Credentials"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A07:2021 - Identification and Authentication Failures"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9300, "rule_id": "WAUon7", "rv_id": 230007, "url": "https://semgrep.dev/playground/r/e1TgQKG/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret", "version_id": "e1TgQKG"}}, "shortlink": "https://sg.run/4xN9", "source": "https://semgrep.dev/r/javascript.jsonwebtoken.security.jwt-hardcode.hardcoded-jwt-secret", "subcategory": ["vuln"], "technology": ["jwt", "javascript", "secrets"], "vulnerability_class": ["Hard-coded Secrets"]}, "metavars": {"$DATA": {"abstract_content": "user", "end": {"col": 54, "line": 56, "offset": 2810}, "start": {"col": 50, "line": 56, "offset": 2806}}, "$JWT": {"abstract_content": "jwt", "end": {"col": 44, "line": 56, "offset": 2800}, "start": {"col": 41, "line": 56, "offset": 2797}}, "$VALUE": {"abstract_content": "privateKey", "end": {"col": 66, "line": 56, "offset": 2822}, "propagated_value": {"svalue_abstract_content": "'-----BEGIN RSA PRIVATE KEY-----\\r\\nMIICXAIBAAKBgQDNwqLEe9wgTXCbC7+RPdDbBbeqjdbs4kOPOIGzqLpXvJXlxxW8iMz0EaM4BKUqYsIa+ndv3NAn2RxCd5ubVdJJcX43zO6Ko0TFEZx/65gY3BE0O6syCEmUP4qbSd6exou/F+WTISzbQ5FBVPVmhnYhG/kpwt/cIxK5iUn5hm+4tQIDAQABAoGBAI+8xiPoOrA+KMnG/T4jJsG6TsHQcDHvJi7o1IKC/hnIXha0atTX5AUkRRce95qSfvKFweXdJXSQ0JMGJyfuXgU6dI0TcseFRfewXAa/ssxAC+iUVR6KUMh1PE2wXLitfeI6JLvVtrBYswm2I7CtY0q8n5AGimHWVXJPLfGV7m0BAkEA+fqFt2LXbLtyg6wZyxMA/cnmt5Nt3U2dAu77MzFJvibANUNHE4HPLZxjGNXN+a6m0K6TD4kDdh5HfUYLWWRBYQJBANK3carmulBwqzcDBjsJ0YrIONBpCAsXxk8idXb8jL9aNIg15Wumm2enqqObahDHB5jnGOLmbasizvSVqypfM9UCQCQl8xIqy+YgURXzXCN+kwUgHinrutZms87Jyi+D8Br8NY0+Nlf+zHvXAomD2W5CsEK7C+8SLBr3k/TsnRWHJuECQHFE9RA2OP8WoaLPuGCyFXaxzICThSRZYluVnWkZtxsBhW2W8z1b8PvWUE7kMy7TnkzeJS2LSnaNHoyxi7IaPQUCQCwWU4U+v4lD7uYBw00Ga/xt+7+UqFPlPVdz1yyr4q24Zxaw0LgmuEvgU5dycq8N7JxjTubX0MIRR+G9fmDBBl8=\\r\\n-----END RSA PRIVATE KEY-----'", "svalue_end": {"col": 902, "line": 23, "offset": 1700}, "svalue_start": {"col": 20, "line": 23, "offset": 818}}, "start": {"col": 56, "line": 56, "offset": 2812}}, "$X": {"abstract_content": "privateKey", "end": {"col": 17, "line": 23, "offset": 815}, "start": {"col": 7, "line": 23, "offset": 805}}, "$Y": {"abstract_content": "-----BEGIN RSA PRIVATE KEY-----\\r\\nMIICXAIBAAKBgQDNwqLEe9wgTXCbC7+RPdDbBbeqjdbs4kOPOIGzqLpXvJXlxxW8iMz0EaM4BKUqYsIa+ndv3NAn2RxCd5ubVdJJcX43zO6Ko0TFEZx/65gY3BE0O6syCEmUP4qbSd6exou/F+WTISzbQ5FBVPVmhnYhG/kpwt/cIxK5iUn5hm+4tQIDAQABAoGBAI+8xiPoOrA+KMnG/T4jJsG6TsHQcDHvJi7o1IKC/hnIXha0atTX5AUkRRce95qSfvKFweXdJXSQ0JMGJyfuXgU6dI0TcseFRfewXAa/ssxAC+iUVR6KUMh1PE2wXLitfeI6JLvVtrBYswm2I7CtY0q8n5AGimHWVXJPLfGV7m0BAkEA+fqFt2LXbLtyg6wZyxMA/cnmt5Nt3U2dAu77MzFJvibANUNHE4HPLZxjGNXN+a6m0K6TD4kDdh5HfUYLWWRBYQJBANK3carmulBwqzcDBjsJ0YrIONBpCAsXxk8idXb8jL9aNIg15Wumm2enqqObahDHB5jnGOLmbasizvSVqypfM9UCQCQl8xIqy+YgURXzXCN+kwUgHinrutZms87Jyi+D8Br8NY0+Nlf+zHvXAomD2W5CsEK7C+8SLBr3k/TsnRWHJuECQHFE9RA2OP8WoaLPuGCyFXaxzICThSRZYluVnWkZtxsBhW2W8z1b8PvWUE7kMy7TnkzeJS2LSnaNHoyxi7IaPQUCQCwWU4U+v4lD7uYBw00Ga/xt+7+UqFPlPVdz1yyr4q24Zxaw0LgmuEvgU5dycq8N7JxjTubX0MIRR+G9fmDBBl8=\\r\\n-----END RSA PRIVATE KEY-----", "end": {"col": 901, "line": 23, "offset": 1699}, "start": {"col": 21, "line": 23, "offset": 819}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/insecurity.ts", "start": {"col": 56, "line": 56, "offset": 2812}}, {"check_id": "javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "end": {"col": 55, "line": 158, "offset": 6401}, "extra": {"engine_kind": "OSS", "fingerprint": "569e806f7e4276ac73f185c72e97867ad00c7577b6de01cb8ddf4d0baac7e4e87d2a1332921d7904bc42be66144ec687c33426d62ca235adbef07da7962cfc84_1", "is_ignored": false, "lines": " const hmac = crypto.createHmac('sha256', privateKey)", "message": "Detected a hardcoded hmac key. Avoid hardcoding secrets and consider using an alternate option such as reading the secret from a config file or using an environment variable.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-798: Use of Hard-coded Credentials"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "LOW", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A07:2021 - Identification and Authentication Failures"], "references": ["https://rules.sonarsource.com/javascript/RSPEC-2068", "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#key-management"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22555, "rule_id": "v8UGEw", "rv_id": 109918, "url": "https://semgrep.dev/playground/r/e1T01kp/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "version_id": "e1T01kp"}}, "shortlink": "https://sg.run/K9bn", "source": "https://semgrep.dev/r/javascript.lang.security.audit.hardcoded-hmac-key.hardcoded-hmac-key", "subcategory": ["audit"], "technology": ["crypto", "hmac"], "vulnerability_class": ["Hard-coded Secrets"]}, "metavars": {"$ALGO": {"abstract_content": "'sha256'", "end": {"col": 42, "line": 158, "offset": 6388}, "start": {"col": 34, "line": 158, "offset": 6380}}, "$CRYPTO": {"abstract_content": "crypto", "end": {"col": 22, "line": 158, "offset": 6368}, "start": {"col": 16, "line": 158, "offset": 6362}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/insecurity.ts", "start": {"col": 16, "line": 158, "offset": 6362}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 129, "line": 30, "offset": 1066}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "filename", "location": {"end": {"col": 26, "line": 30, "offset": 963}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 18, "line": 30, "offset": 955}}}], "taint_sink": ["CliLoc", [{"end": {"col": 129, "line": 30, "offset": 1066}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 80, "line": 30, "offset": 1017}}, "filename.substring(filename.lastIndexOf('/') + 1)"]], "taint_source": ["CliLoc", [{"end": {"col": 26, "line": 30, "offset": 963}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 18, "line": 30, "offset": 955}}, "filename"]]}, "engine_kind": "OSS", "fingerprint": "2c1ed46a95df027eb77813b1205bf0482eae6338d0b4921cc2584dd56e7ea6f48a513a398c46a0dcf5cac18a363e5dca9147878eea933fcb6ace30864c751009_0", "is_ignored": false, "lines": " files.map((filename: string) => copyFile(filename, path.resolve('i18n/', filename.substring(filename.lastIndexOf('/') + 1))))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "filename.substring(filename.lastIndexOf('/')+1)", "end": {"col": 129, "line": 30, "offset": 1066}, "start": {"col": 80, "line": 30, "offset": 1017}}, "$X": {"abstract_content": "filename", "end": {"col": 26, "line": 30, "offset": 963}, "start": {"col": 18, "line": 30, "offset": 955}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/startup/restoreOverwrittenFilesWithOriginals.ts", "start": {"col": 80, "line": 30, "offset": 1017}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 55, "line": 116, "offset": 4742}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "pathRelativeToProjectRoot", "location": {"end": {"col": 67, "line": 113, "offset": 4572}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 42, "line": 113, "offset": 4547}}}], "taint_sink": ["CliLoc", [{"end": {"col": 55, "line": 116, "offset": 4742}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 30, "line": 116, "offset": 4717}}, "pathRelativeToProjectRoot"]], "taint_source": ["CliLoc", [{"end": {"col": 67, "line": 113, "offset": 4572}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 42, "line": 113, "offset": 4547}}, "pathRelativeToProjectRoot"]]}, "engine_kind": "OSS", "fingerprint": "eece54dc5f65980d98c700ee02453e9a4b301c904bd3a0a8053aa8d91b0421a6f7f6773f8c05ae90b778d852ccff55d567da1a5816e61d1c33e6663699c299c0_0", "is_ignored": false, "lines": " return access(path.resolve(pathRelativeToProjectRoot)).then(() => {", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 21, "line": 116, "offset": 4708}, "start": {"col": 17, "line": 116, "offset": 4704}}, "$SINK": {"abstract_content": "pathRelativeToProjectRoot", "end": {"col": 55, "line": 116, "offset": 4742}, "start": {"col": 30, "line": 116, "offset": 4717}}, "$X": {"abstract_content": "pathRelativeToProjectRoot", "end": {"col": 67, "line": 113, "offset": 4572}, "start": {"col": 42, "line": 113, "offset": 4547}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "lib/startup/validatePreconditions.ts", "start": {"col": 30, "line": 116, "offset": 4717}}, {"check_id": "javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage", "end": {"col": 80, "line": 22, "offset": 842}, "extra": {"engine_kind": "OSS", "fingerprint": "a7c1157f627c0e1215d1ff43f3a6d9b1b5567cb820656c0d47ba71699d5f1777339d8c02e423a9838fd65d018b6cdae86d10d52cc0e4f33f3812e21c6c7694aa_0", "is_ignored": false, "lines": " vm.runInContext('safeEval(orderLinesData)', sandbox, { timeout: 2000 })", "message": "Detected usage of the `notevil` package, which is unmaintained and has vulnerabilities. Using any sort of `eval()` functionality can be very dangerous, but if you must, the `eval` package is an up to date alternative. Be sure that only trusted input reaches an `eval()` function.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-1104: Use of Unmaintained Third Party Components"], "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A06:2021 - Vulnerable and Outdated Components"], "references": ["https://github.com/mmckegg/notevil"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22553, "rule_id": "OrUX9K", "rv_id": 109840, "url": "https://semgrep.dev/playground/r/K3Tvj1g/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage", "version_id": "K3Tvj1g"}}, "shortlink": "https://sg.run/W70E", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-detect-notevil-usage.express-detect-notevil-usage", "subcategory": ["audit"], "technology": ["javascript", "typescript"], "vulnerability_class": ["Other"]}, "metavars": {"$CMD": {"abstract_content": "safeEval(orderLinesData)", "end": {"col": 50, "line": 22, "offset": 812}, "start": {"col": 26, "line": 22, "offset": 788}}, "$EVAL": {"abstract_content": "safeEval", "end": {"col": 15, "line": 12, "offset": 376}, "start": {"col": 7, "line": 12, "offset": 368}}, "$VM": {"abstract_content": "vm", "end": {"col": 11, "line": 22, "offset": 773}, "start": {"col": 9, "line": 22, "offset": 771}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/b2bOrder.ts", "start": {"col": 9, "line": 22, "offset": 771}}, {"check_id": "javascript.browser.security.eval-detected.eval-detected", "end": {"col": 36, "line": 23, "offset": 928}, "extra": {"engine_kind": "OSS", "fingerprint": "30e76aaa5bef79d7d1e08ea08a077f36bd5d9208a7539558327aaa05a7eeef20a0ebbda2e94cc6c562cdde67be2b6ab108bdfa8ceb90fa79d57cd6dff4c9bfee_0", "is_ignored": false, "lines": " const answer = eval(expression).toString() // eslint-disable-line no-eval", "message": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.", "metadata": {"asvs": {"control_id": "5.2.4 Dynamic Code Execution Features", "control_url": "https://github.com/OWASP/ASVS/blob/master/4.0/en/0x13-V5-Validation-Sanitization-Encoding.md#v52-sanitization-and-sandboxing", "section": "V5 Validation, Sanitization and Encoding", "version": "4"}, "category": "security", "confidence": "LOW", "cwe": ["CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A03:2021 - Injection"], "references": ["https://owasp.org/Top10/A03_2021-Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9238, "rule_id": "GdU7dw", "rv_id": 109815, "url": "https://semgrep.dev/playground/r/xyTKZ6r/javascript.browser.security.eval-detected.eval-detected", "version_id": "xyTKZ6r"}}, "shortlink": "https://sg.run/7ope", "source": "https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected", "subcategory": ["audit"], "technology": ["browser"], "vulnerability_class": ["Code Injection"]}, "metavars": {}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/captcha.ts", "start": {"col": 20, "line": 23, "offset": 912}}, {"check_id": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "end": {"col": 60, "line": 69, "offset": 2341}, "extra": {"dataflow_trace": {"intermediate_vars": [], "taint_sink": ["CliLoc", [{"end": {"col": 60, "line": 69, "offset": 2341}, "path": "routes/dataErasure.ts", "start": {"col": 45, "line": 69, "offset": 2326}}, "req.body.layout"]], "taint_source": ["CliLoc", [{"end": {"col": 53, "line": 69, "offset": 2334}, "path": "routes/dataErasure.ts", "start": {"col": 45, "line": 69, "offset": 2326}}, "req.body"]]}, "engine_kind": "OSS", "fingerprint": "d9646d5b70dc0f1cfaf65c4f780b4838b32f18a2551abec56de0f7eb5a2db13c4ecd0700d7bb9ed42edae19e1b1dfbac66be3feb6ce9d4f82157afc53f03c188_0", "is_ignored": false, "lines": " const filePath: string = path.resolve(req.body.layout).toLowerCase()", "message": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9273, "rule_id": "L1Uyb8", "rv_id": 109845, "url": "https://semgrep.dev/playground/r/o5Tgl6W/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "version_id": "o5Tgl6W"}}, "shortlink": "https://sg.run/weRn", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["express", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$1": {"abstract_content": "post", "end": {"col": 5, "line": 1, "offset": 4}, "start": {"col": 1, "line": 1, "offset": 0}}, "$APP": {"abstract_content": "router", "end": {"col": 7, "line": 54, "offset": 1748}, "propagated_value": {"svalue_abstract_content": "express.Router()", "svalue_end": {"col": 32, "line": 15, "offset": 658}, "svalue_start": {"col": 16, "line": 15, "offset": 642}}, "start": {"col": 1, "line": 54, "offset": 1742}}, "$METHOD": {"abstract_content": "post", "end": {"col": 12, "line": 54, "offset": 1753}, "start": {"col": 8, "line": 54, "offset": 1749}}, "$NEXT": {"abstract_content": "next", "end": {"col": 134, "line": 54, "offset": 1875}, "start": {"col": 130, "line": 54, "offset": 1871}}, "$PATH": {"abstract_content": "path", "end": {"col": 36, "line": 69, "offset": 2317}, "start": {"col": 32, "line": 69, "offset": 2313}}, "$REQ": {"abstract_content": "req", "end": {"col": 48, "line": 69, "offset": 2329}, "start": {"col": 45, "line": 69, "offset": 2326}}, "$RES": {"abstract_content": "res", "end": {"col": 118, "line": 54, "offset": 1859}, "start": {"col": 115, "line": 54, "offset": 1856}}, "$SINK": {"abstract_content": "req.body.layout", "end": {"col": 60, "line": 69, "offset": 2341}, "start": {"col": 45, "line": 69, "offset": 2326}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/dataErasure.ts", "start": {"col": 45, "line": 69, "offset": 2326}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 60, "line": 69, "offset": 2341}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "req", "location": {"end": {"col": 28, "line": 54, "offset": 1769}, "path": "routes/dataErasure.ts", "start": {"col": 25, "line": 54, "offset": 1766}}}], "taint_sink": ["CliLoc", [{"end": {"col": 60, "line": 69, "offset": 2341}, "path": "routes/dataErasure.ts", "start": {"col": 45, "line": 69, "offset": 2326}}, "req.body.layout"]], "taint_source": ["CliLoc", [{"end": {"col": 28, "line": 54, "offset": 1769}, "path": "routes/dataErasure.ts", "start": {"col": 25, "line": 54, "offset": 1766}}, "req"]]}, "engine_kind": "OSS", "fingerprint": "8f6f91eeb13bdb8118b87cf066031dd72e61e05bec64d88574f743d851fd60f45b2051285e3133cdf29e0dca864535851ec5870820b19b6015b20e807407f3a0_0", "is_ignored": false, "lines": " const filePath: string = path.resolve(req.body.layout).toLowerCase()", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 36, "line": 69, "offset": 2317}, "start": {"col": 32, "line": 69, "offset": 2313}}, "$SINK": {"abstract_content": "req.body.layout", "end": {"col": 60, "line": 69, "offset": 2341}, "start": {"col": 45, "line": 69, "offset": 2326}}, "$X": {"abstract_content": "req", "end": {"col": 28, "line": 54, "offset": 1769}, "start": {"col": 25, "line": 54, "offset": 1766}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/dataErasure.ts", "start": {"col": 45, "line": 69, "offset": 2326}}, {"check_id": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "end": {"col": 46, "line": 33, "offset": 1192}, "extra": {"dataflow_trace": {"intermediate_vars": [], "taint_sink": ["CliLoc", [{"end": {"col": 46, "line": 33, "offset": 1192}, "path": "routes/fileServer.ts", "start": {"col": 20, "line": 33, "offset": 1166}}, "path.resolve('ftp/', file)"]], "taint_source": ["CliLoc", [{"end": {"col": 4, "line": 38, "offset": 1300}, "path": "routes/fileServer.ts", "start": {"col": 3, "line": 26, "offset": 759}}, "function verify (file: string, res: Response, next: NextFunction) {\n if (file && (endsWithAllowlistedFileType(file) || (file === 'incident-support.kdbx'))) {\n file = security.cutOffPoisonNullByte(file)\n\n challengeUtils.solveIf(challenges.directoryListingChallenge, () => { return file.toLowerCase() === 'acquisitions.md' })\n verifySuccessfulPoisonNullByteExploit(file)\n\n res.sendFile(path.resolve('ftp/', file))\n } else {\n res.status(403)\n next(new Error('Only .md and .pdf files are allowed!'))\n }\n }"]]}, "engine_kind": "OSS", "fingerprint": "33b7141eed49238da420ec9577803fb8853ce0c26f5dbccf88323265a789cf24f5c8147d6baf6b15c489dd2b1b36fefae7843207e9f3f8e0af88de44306e520a_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('ftp/', file))", "message": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-73: External Control of File Name or Path"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A04:2021 - Insecure Design"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22082, "rule_id": "j2UzDx", "rv_id": 109846, "url": "https://semgrep.dev/playground/r/zyTK8E9/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "version_id": "zyTK8E9"}}, "shortlink": "https://sg.run/7DJk", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$1": {"abstract_content": "string", "end": {"col": 7, "line": 1, "offset": 6}, "start": {"col": 1, "line": 1, "offset": 0}}, "$METH": {"abstract_content": "sendFile", "end": {"col": 19, "line": 33, "offset": 1165}, "start": {"col": 11, "line": 33, "offset": 1157}}, "$QUERY": {"abstract_content": "path.resolve('ftp/'file)", "end": {"col": 46, "line": 33, "offset": 1192}, "start": {"col": 20, "line": 33, "offset": 1166}}, "$REQ": {"abstract_content": "file", "end": {"col": 24, "line": 26, "offset": 780}, "start": {"col": 20, "line": 26, "offset": 776}}, "$RES": {"abstract_content": "res", "end": {"col": 10, "line": 33, "offset": 1156}, "start": {"col": 7, "line": 33, "offset": 1153}}, "$TYPE": {"abstract_content": "string", "end": {"col": 32, "line": 26, "offset": 788}, "start": {"col": 26, "line": 26, "offset": 782}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/fileServer.ts", "start": {"col": 20, "line": 33, "offset": 1166}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 45, "line": 33, "offset": 1191}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 24, "line": 26, "offset": 780}, "path": "routes/fileServer.ts", "start": {"col": 20, "line": 26, "offset": 776}}}], "taint_sink": ["CliLoc", [{"end": {"col": 45, "line": 33, "offset": 1191}, "path": "routes/fileServer.ts", "start": {"col": 41, "line": 33, "offset": 1187}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 24, "line": 26, "offset": 780}, "path": "routes/fileServer.ts", "start": {"col": 20, "line": 26, "offset": 776}}, "file"]]}, "engine_kind": "OSS", "fingerprint": "1e3f3b33d36e8279b541c97a9a40a03f2c1fd84c4eba94e9360fe6ffa9cd156a042ce1538c8e963a85cb673ca5eb2fd36fc2ec7ebea0a6d492e7c339e9b06477_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('ftp/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 45, "line": 33, "offset": 1191}, "propagated_value": {"svalue_abstract_content": "security.cutOffPoisonNullByte(file)", "svalue_end": {"col": 49, "line": 28, "offset": 968}, "svalue_start": {"col": 14, "line": 28, "offset": 933}}, "start": {"col": 41, "line": 33, "offset": 1187}}, "$X": {"abstract_content": "file", "end": {"col": 24, "line": 26, "offset": 780}, "start": {"col": 20, "line": 26, "offset": 776}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/fileServer.ts", "start": {"col": 41, "line": 33, "offset": 1187}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 55, "line": 29, "offset": 1007}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "file", "location": {"end": {"col": 37, "line": 24, "offset": 679}, "path": "routes/fileUpload.ts", "start": {"col": 33, "line": 24, "offset": 675}}}, {"content": "filename", "location": {"end": {"col": 21, "line": 28, "offset": 918}, "path": "routes/fileUpload.ts", "start": {"col": 13, "line": 28, "offset": 910}}}], "taint_sink": ["CliLoc", [{"end": {"col": 55, "line": 29, "offset": 1007}, "path": "routes/fileUpload.ts", "start": {"col": 47, "line": 29, "offset": 999}}, "filename"]], "taint_source": ["CliLoc", [{"end": {"col": 48, "line": 24, "offset": 690}, "path": "routes/fileUpload.ts", "start": {"col": 31, "line": 24, "offset": 673}}, "{ file }: Request"]]}, "engine_kind": "OSS", "fingerprint": "c5cd5a4ff3f416f299e1ebcbee485bf38788735d21a163f5aec1fe6fe92c6a45c0f8b5d9971a1cbf31261c6ad8fb9586c1ad2603c9e1275c94f39f6a0d8ecdc7_0", "is_ignored": false, "lines": " const tempFile = path.join(os.tmpdir(), filename)", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 28, "line": 29, "offset": 980}, "start": {"col": 24, "line": 29, "offset": 976}}, "$SINK": {"abstract_content": "filename", "end": {"col": 55, "line": 29, "offset": 1007}, "propagated_value": {"svalue_abstract_content": "file.originalname.toLowerCase()", "svalue_end": {"col": 55, "line": 28, "offset": 952}, "svalue_start": {"col": 24, "line": 28, "offset": 921}}, "start": {"col": 47, "line": 29, "offset": 999}}, "$X": {"abstract_content": "{file file}Request", "end": {"col": 48, "line": 24, "offset": 690}, "start": {"col": 31, "line": 24, "offset": 673}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/fileUpload.ts", "start": {"col": 47, "line": 29, "offset": 999}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 83, "line": 39, "offset": 1503}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "entry", "location": {"end": {"col": 43, "line": 37, "offset": 1368}, "path": "routes/fileUpload.ts", "start": {"col": 38, "line": 37, "offset": 1363}}}, {"content": "fileName", "location": {"end": {"col": 31, "line": 38, "offset": 1407}, "path": "routes/fileUpload.ts", "start": {"col": 23, "line": 38, "offset": 1399}}}], "taint_sink": ["CliLoc", [{"end": {"col": 83, "line": 39, "offset": 1503}, "path": "routes/fileUpload.ts", "start": {"col": 51, "line": 39, "offset": 1471}}, "'uploads/complaints/' + fileName"]], "taint_source": ["CliLoc", [{"end": {"col": 43, "line": 37, "offset": 1368}, "path": "routes/fileUpload.ts", "start": {"col": 38, "line": 37, "offset": 1363}}, "entry"]]}, "engine_kind": "OSS", "fingerprint": "02e960aad52bb6a6ac53d36883a93b820d27ba8c4ae6198a5d1fb6d7d7219a598e38daaf8d58979554318156073c83d0df83bc965a5feea3c9eadf70b3c93528_0", "is_ignored": false, "lines": " const absolutePath = path.resolve('uploads/complaints/' + fileName)", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$PATH": {"abstract_content": "path", "end": {"col": 42, "line": 39, "offset": 1462}, "start": {"col": 38, "line": 39, "offset": 1458}}, "$SINK": {"abstract_content": "'uploads/complaints/'+fileName", "end": {"col": 83, "line": 39, "offset": 1503}, "start": {"col": 51, "line": 39, "offset": 1471}}, "$X": {"abstract_content": "entry", "end": {"col": 43, "line": 37, "offset": 1368}, "start": {"col": 38, "line": 37, "offset": 1363}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/fileUpload.ts", "start": {"col": 51, "line": 39, "offset": 1471}}, {"check_id": "javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent", "end": {"col": 140, "line": 80, "offset": 3281}, "extra": {"engine_kind": "OSS", "fingerprint": "fb1a0af0f9c22fdf942dbf02cb817d29328027189abae102be114f5e8abeff7f3fb88a86e113c84f85eb88fa06095246952f29eae8ce1f0e6434f256290e47f8_0", "is_ignored": false, "lines": " const xmlDoc = vm.runInContext('libxml.parseXml(data, { noblanks: true, noent: true, nocdata: true })', sandbox, { timeout: 2000 })", "message": "Detected use of parseXml() function with the `noent` field set to `true`. This can lead to an XML External Entities (XXE) attack if untrusted data is passed into it.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-611: Improper Restriction of XML External Entity Reference"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A04:2017 - XML External Entities (XXE)", "A05:2021 - Security Misconfiguration"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22080, "rule_id": "2ZUY52", "rv_id": 109843, "url": "https://semgrep.dev/playground/r/YDTp2dO/javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent", "version_id": "YDTp2dO"}}, "shortlink": "https://sg.run/n8Ag", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-libxml-vm-noent.express-libxml-vm-noent", "subcategory": ["audit"], "technology": ["express"], "vulnerability_class": ["XML Injection"]}, "metavars": {"$CMD": {"abstract_content": "libxml.parseXml(data, { noblanks: true, noent: true, nocdata: true })", "end": {"col": 110, "line": 80, "offset": 3251}, "start": {"col": 41, "line": 80, "offset": 3182}}, "$DATA": {"abstract_content": "data", "end": {"col": 61, "line": 80, "offset": 3202}, "start": {"col": 57, "line": 80, "offset": 3198}}, "$LIBXML": {"abstract_content": "libxml", "end": {"col": 47, "line": 80, "offset": 3188}, "start": {"col": 41, "line": 80, "offset": 3182}}, "$VM": {"abstract_content": "vm", "end": {"col": 26, "line": 80, "offset": 3167}, "start": {"col": 24, "line": 80, "offset": 3165}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/fileUpload.ts", "start": {"col": 24, "line": 80, "offset": 3165}}, {"check_id": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "end": {"col": 57, "line": 14, "offset": 458}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/keyServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 355}, "path": "routes/keyServer.ts", "start": {"col": 11, "line": 11, "offset": 351}}}], "taint_sink": ["CliLoc", [{"end": {"col": 57, "line": 14, "offset": 458}, "path": "routes/keyServer.ts", "start": {"col": 20, "line": 14, "offset": 421}}, "path.resolve('encryptionkeys/', file)"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/keyServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "169fd21661d97adbf183e909974bcc252fa19a91d68176a8e888d61c2e5283b516ae384c4576ecb09d96af8f1fcb4c5f99af3db7af83ec34f5fc9f11ecd9c927_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('encryptionkeys/', file))", "message": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-73: External Control of File Name or Path"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A04:2021 - Insecure Design"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22082, "rule_id": "j2UzDx", "rv_id": 109846, "url": "https://semgrep.dev/playground/r/zyTK8E9/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "version_id": "zyTK8E9"}}, "shortlink": "https://sg.run/7DJk", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$1": {"abstract_content": "sendFile", "end": {"col": 9, "line": 1, "offset": 8}, "start": {"col": 1, "line": 1, "offset": 0}}, "$METH": {"abstract_content": "sendFile", "end": {"col": 19, "line": 14, "offset": 420}, "start": {"col": 11, "line": 14, "offset": 412}}, "$NEXT": {"abstract_content": "next", "end": {"col": 51, "line": 10, "offset": 320}, "start": {"col": 47, "line": 10, "offset": 316}}, "$QUERY": {"abstract_content": "path.resolve('encryptionkeys/'file)", "end": {"col": 57, "line": 14, "offset": 458}, "start": {"col": 20, "line": 14, "offset": 421}}, "$REQ": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 288}, "start": {"col": 13, "line": 10, "offset": 282}}, "$RES": {"abstract_content": "res", "end": {"col": 35, "line": 10, "offset": 304}, "start": {"col": 32, "line": 10, "offset": 301}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/keyServer.ts", "start": {"col": 20, "line": 14, "offset": 421}}, {"check_id": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "end": {"col": 56, "line": 14, "offset": 457}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/keyServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 355}, "path": "routes/keyServer.ts", "start": {"col": 11, "line": 11, "offset": 351}}}], "taint_sink": ["CliLoc", [{"end": {"col": 56, "line": 14, "offset": 457}, "path": "routes/keyServer.ts", "start": {"col": 52, "line": 14, "offset": 453}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/keyServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "61ff0ef3a6438f8e69ef8457e3f95f844787ad58ef6a9b2a93dc684a1504d223617e6708689b4ece9b8a784fdacc6357e52220b0226dae233c0aadd44003b493_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('encryptionkeys/', file))", "message": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9273, "rule_id": "L1Uyb8", "rv_id": 109845, "url": "https://semgrep.dev/playground/r/o5Tgl6W/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "version_id": "o5Tgl6W"}}, "shortlink": "https://sg.run/weRn", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["express", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$NEXT": {"abstract_content": "next", "end": {"col": 51, "line": 10, "offset": 320}, "start": {"col": 47, "line": 10, "offset": 316}}, "$REQ": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 288}, "start": {"col": 13, "line": 10, "offset": 282}}, "$RES": {"abstract_content": "res", "end": {"col": 35, "line": 10, "offset": 304}, "start": {"col": 32, "line": 10, "offset": 301}}, "$SINK": {"abstract_content": "file", "end": {"col": 56, "line": 14, "offset": 457}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 369}, "svalue_start": {"col": 18, "line": 11, "offset": 358}}, "start": {"col": 52, "line": 14, "offset": 453}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/keyServer.ts", "start": {"col": 52, "line": 14, "offset": 453}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 56, "line": 14, "offset": 457}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/keyServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 355}, "path": "routes/keyServer.ts", "start": {"col": 11, "line": 11, "offset": 351}}}], "taint_sink": ["CliLoc", [{"end": {"col": 56, "line": 14, "offset": 457}, "path": "routes/keyServer.ts", "start": {"col": 52, "line": 14, "offset": 453}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 30, "line": 10, "offset": 299}, "path": "routes/keyServer.ts", "start": {"col": 11, "line": 10, "offset": 280}}, "{ params }: Request"]]}, "engine_kind": "OSS", "fingerprint": "d6a1f2a7ec88f13dc1646a422a889ebd39f9157ee9c3f2cd3b062eb5f611538b0074038e1a55041852ece8757e09f64e2d482558da63bf62a590986b3aaa04f4_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('encryptionkeys/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 56, "line": 14, "offset": 457}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 369}, "svalue_start": {"col": 18, "line": 11, "offset": 358}}, "start": {"col": 52, "line": 14, "offset": 453}}, "$X": {"abstract_content": "{params params}Request", "end": {"col": 30, "line": 10, "offset": 299}, "start": {"col": 11, "line": 10, "offset": 280}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/keyServer.ts", "start": {"col": 52, "line": 14, "offset": 453}}, {"check_id": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "end": {"col": 47, "line": 14, "offset": 448}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/logfileServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 355}, "path": "routes/logfileServer.ts", "start": {"col": 11, "line": 11, "offset": 351}}}], "taint_sink": ["CliLoc", [{"end": {"col": 47, "line": 14, "offset": 448}, "path": "routes/logfileServer.ts", "start": {"col": 20, "line": 14, "offset": 421}}, "path.resolve('logs/', file)"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/logfileServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "961a9260d800a2bb91582c6046728dc167574254fcc85628c7c79a7fd47557c3587663de55a9715bcf22c43160119c80d17b890e7a12090b6b091eb77fd2750e_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('logs/', file))", "message": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-73: External Control of File Name or Path"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A04:2021 - Insecure Design"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22082, "rule_id": "j2UzDx", "rv_id": 109846, "url": "https://semgrep.dev/playground/r/zyTK8E9/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "version_id": "zyTK8E9"}}, "shortlink": "https://sg.run/7DJk", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$1": {"abstract_content": "sendFile", "end": {"col": 9, "line": 1, "offset": 8}, "start": {"col": 1, "line": 1, "offset": 0}}, "$METH": {"abstract_content": "sendFile", "end": {"col": 19, "line": 14, "offset": 420}, "start": {"col": 11, "line": 14, "offset": 412}}, "$NEXT": {"abstract_content": "next", "end": {"col": 51, "line": 10, "offset": 320}, "start": {"col": 47, "line": 10, "offset": 316}}, "$QUERY": {"abstract_content": "path.resolve('logs/'file)", "end": {"col": 47, "line": 14, "offset": 448}, "start": {"col": 20, "line": 14, "offset": 421}}, "$REQ": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 288}, "start": {"col": 13, "line": 10, "offset": 282}}, "$RES": {"abstract_content": "res", "end": {"col": 35, "line": 10, "offset": 304}, "start": {"col": 32, "line": 10, "offset": 301}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/logfileServer.ts", "start": {"col": 20, "line": 14, "offset": 421}}, {"check_id": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "end": {"col": 46, "line": 14, "offset": 447}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/logfileServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 355}, "path": "routes/logfileServer.ts", "start": {"col": 11, "line": 11, "offset": 351}}}], "taint_sink": ["CliLoc", [{"end": {"col": 46, "line": 14, "offset": 447}, "path": "routes/logfileServer.ts", "start": {"col": 42, "line": 14, "offset": 443}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/logfileServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "b006dd478b7c4c3e581ffefa653e2acc49ff508e726936cf55711b71057a86100d2a66b55e0d7b9b04e48aad88892b8b168b8825d679db573dd93efd650d76d8_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('logs/', file))", "message": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9273, "rule_id": "L1Uyb8", "rv_id": 109845, "url": "https://semgrep.dev/playground/r/o5Tgl6W/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "version_id": "o5Tgl6W"}}, "shortlink": "https://sg.run/weRn", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["express", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$NEXT": {"abstract_content": "next", "end": {"col": 51, "line": 10, "offset": 320}, "start": {"col": 47, "line": 10, "offset": 316}}, "$REQ": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 288}, "start": {"col": 13, "line": 10, "offset": 282}}, "$RES": {"abstract_content": "res", "end": {"col": 35, "line": 10, "offset": 304}, "start": {"col": 32, "line": 10, "offset": 301}}, "$SINK": {"abstract_content": "file", "end": {"col": 46, "line": 14, "offset": 447}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 369}, "svalue_start": {"col": 18, "line": 11, "offset": 358}}, "start": {"col": 42, "line": 14, "offset": 443}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/logfileServer.ts", "start": {"col": 42, "line": 14, "offset": 443}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 46, "line": 14, "offset": 447}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 288}, "path": "routes/logfileServer.ts", "start": {"col": 13, "line": 10, "offset": 282}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 355}, "path": "routes/logfileServer.ts", "start": {"col": 11, "line": 11, "offset": 351}}}], "taint_sink": ["CliLoc", [{"end": {"col": 46, "line": 14, "offset": 447}, "path": "routes/logfileServer.ts", "start": {"col": 42, "line": 14, "offset": 443}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 30, "line": 10, "offset": 299}, "path": "routes/logfileServer.ts", "start": {"col": 11, "line": 10, "offset": 280}}, "{ params }: Request"]]}, "engine_kind": "OSS", "fingerprint": "3bba6cfdecb0035223a10864e147292351806a048d94984f5f54cd5bf5411ee61e13cb17274bcff7a63b09c91c0985047a40f13e213952b1a9dd4473f0acfaa9_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('logs/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 46, "line": 14, "offset": 447}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 369}, "svalue_start": {"col": 18, "line": 11, "offset": 358}}, "start": {"col": 42, "line": 14, "offset": 443}}, "$X": {"abstract_content": "{params params}Request", "end": {"col": 30, "line": 10, "offset": 299}, "start": {"col": 11, "line": 10, "offset": 280}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/logfileServer.ts", "start": {"col": 42, "line": 14, "offset": 443}}, {"check_id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "end": {"col": 169, "line": 36, "offset": 1667}, "extra": {"dataflow_trace": {"intermediate_vars": [], "taint_sink": ["CliLoc", [{"end": {"col": 169, "line": 36, "offset": 1667}, "path": "routes/login.ts", "start": {"col": 28, "line": 36, "offset": 1526}}, "`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL"]], "taint_source": ["CliLoc", [{"end": {"col": 74, "line": 36, "offset": 1572}, "path": "routes/login.ts", "start": {"col": 66, "line": 36, "offset": 1564}}, "req.body"]]}, "engine_kind": "OSS", "fingerprint": "eddeedb9d7b92de284db849dde09cb92bbf70d79bbccdbfcbe4afefa3453b08a168120add4e27289a60190707c286b16e61dd9c57feb1988e62e8f89d93669aa_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: UserModel, plain: true }) // vuln-code-snippet vuln-line loginAdminChallenge loginBenderChallenge loginJimChallenge", "message": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.", "metadata": {"category": "security", "confidence": "HIGH", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22085, "rule_id": "yyU0GX", "rv_id": 109973, "url": "https://semgrep.dev/playground/r/3ZTkQwW/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "version_id": "3ZTkQwW"}}, "shortlink": "https://sg.run/gjoe", "source": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$DB": {"abstract_content": "models", "end": {"col": 11, "line": 36, "offset": 1509}, "start": {"col": 5, "line": 36, "offset": 1503}}, "$NEXT": {"abstract_content": "next", "end": {"col": 44, "line": 34, "offset": 1413}, "start": {"col": 40, "line": 34, "offset": 1409}}, "$QUERY": {"abstract_content": "`SELECT * FROM Users WHERE email = 'req.body.email||''' AND password = 'security.hash(req.body.password||'')' AND deletedAt IS NULL", "end": {"col": 169, "line": 36, "offset": 1667}, "start": {"col": 28, "line": 36, "offset": 1526}}, "$REQ": {"abstract_content": "req", "end": {"col": 69, "line": 36, "offset": 1567}, "start": {"col": 66, "line": 36, "offset": 1564}}, "$RES": {"abstract_content": "res", "end": {"col": 28, "line": 34, "offset": 1397}, "start": {"col": 25, "line": 34, "offset": 1394}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "routes/login.ts", "start": {"col": 28, "line": 36, "offset": 1526}}, {"check_id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "end": {"col": 86, "line": 36, "offset": 1584}, "extra": {"dataflow_trace": {"intermediate_vars": [], "taint_sink": ["CliLoc", [{"end": {"col": 86, "line": 36, "offset": 1584}, "path": "routes/login.ts", "start": {"col": 66, "line": 36, "offset": 1564}}, "req.body.email || ''"]], "taint_source": ["CliLoc", [{"end": {"col": 74, "line": 36, "offset": 1572}, "path": "routes/login.ts", "start": {"col": 66, "line": 36, "offset": 1564}}, "req.body"]]}, "engine_kind": "OSS", "fingerprint": "d8a104585448ae04063600f33c6dacedc3c65f34e6fe8dc832221e9e6d0b91cf4488ef09ae78a1a16d4c8b5e26ee4dbe2e626ce9a584a5499bb9d5688650e7b0_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Users WHERE email = '${req.body.email || ''}' AND password = '${security.hash(req.body.password || '')}' AND deletedAt IS NULL`, { model: UserModel, plain: true }) // vuln-code-snippet vuln-line loginAdminChallenge loginBenderChallenge loginJimChallenge", "message": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://owasp.org/www-community/attacks/SQL_Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 14715, "rule_id": "NbUNpr", "rv_id": 751091, "url": "https://semgrep.dev/playground/r/l4TWDPx/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "version_id": "l4TWDPx"}}, "shortlink": "https://sg.run/66ZL", "source": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$1": {"abstract_content": "SELECT", "end": {"col": 7, "line": 1, "offset": 6}, "start": {"col": 1, "line": 1, "offset": 0}}, "$EXPR": {"abstract_content": "req.body.email||''", "end": {"col": 86, "line": 36, "offset": 1584}, "start": {"col": 66, "line": 36, "offset": 1564}}, "$REQ": {"abstract_content": "req", "end": {"col": 69, "line": 36, "offset": 1567}, "start": {"col": 66, "line": 36, "offset": 1564}}, "$SQLSTR": {"abstract_content": "SELECT * FROM Users WHERE email = '", "end": {"col": 64, "line": 36, "offset": 1562}, "start": {"col": 29, "line": 36, "offset": 1527}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "routes/login.ts", "start": {"col": 66, "line": 36, "offset": 1564}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 85, "line": 46, "offset": 1826}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "req", "location": {"end": {"col": 14, "line": 35, "offset": 1084}, "path": "routes/order.ts", "start": {"col": 11, "line": 35, "offset": 1081}}}, {"content": "customer", "location": {"end": {"col": 25, "line": 40, "offset": 1382}, "path": "routes/order.ts", "start": {"col": 17, "line": 40, "offset": 1374}}}, {"content": "email", "location": {"end": {"col": 22, "line": 41, "offset": 1444}, "path": "routes/order.ts", "start": {"col": 17, "line": 41, "offset": 1439}}}, {"content": "orderId", "location": {"end": {"col": 24, "line": 42, "offset": 1527}, "path": "routes/order.ts", "start": {"col": 17, "line": 42, "offset": 1520}}}, {"content": "pdfFile", "location": {"end": {"col": 24, "line": 43, "offset": 1620}, "path": "routes/order.ts", "start": {"col": 17, "line": 43, "offset": 1613}}}], "taint_sink": ["CliLoc", [{"end": {"col": 85, "line": 46, "offset": 1826}, "path": "routes/order.ts", "start": {"col": 78, "line": 46, "offset": 1819}}, "pdfFile"]], "taint_source": ["CliLoc", [{"end": {"col": 14, "line": 35, "offset": 1084}, "path": "routes/order.ts", "start": {"col": 11, "line": 35, "offset": 1081}}, "req"]]}, "engine_kind": "OSS", "fingerprint": "1fc353b4547904b691d2b711a5bc2312c013f79c9ee1b797db9e9f027f0ebd62a8f0ef476a112235ffeeb21966c5fec55b300554ebca2faf27e7a7d70c8fb592_0", "is_ignored": false, "lines": " const fileWriter = doc.pipe(fs.createWriteStream(path.join('ftp/', pdfFile)))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "pdfFile", "end": {"col": 85, "line": 46, "offset": 1826}, "propagated_value": {"svalue_abstract_content": "`order_ orderId.pdf", "svalue_end": {"col": 48, "line": 43, "offset": 1644}, "svalue_start": {"col": 27, "line": 43, "offset": 1623}}, "start": {"col": 78, "line": 46, "offset": 1819}}, "$X": {"abstract_content": "req", "end": {"col": 14, "line": 35, "offset": 1084}, "start": {"col": 11, "line": 35, "offset": 1081}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/order.ts", "start": {"col": 78, "line": 46, "offset": 1819}}, {"check_id": "javascript.express.security.audit.express-ssrf.express-ssrf", "end": {"col": 19, "line": 23, "offset": 884}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "url", "location": {"end": {"col": 16, "line": 18, "offset": 594}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 13, "line": 18, "offset": 591}}}], "taint_sink": ["CliLoc", [{"end": {"col": 19, "line": 23, "offset": 884}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 16, "line": 23, "offset": 881}}, "url"]], "taint_source": ["CliLoc", [{"end": {"col": 27, "line": 18, "offset": 605}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 19, "line": 18, "offset": 597}}, "req.body"]]}, "engine_kind": "OSS", "fingerprint": "ed8c9c010a8fcf039af83ee959f95f90a19f060d498c289b67f6c1e89e86573ac8762f43b37e7c8f73ba0459470dd780cbfc28d74a1b74a5982160fac68c2503_0", "is_ignored": false, "lines": " .get(url)", "message": "The following request request.get() was found to be crafted from user-input `req` which can lead to Server-Side Request Forgery (SSRF) vulnerabilities. It is recommended where possible to not allow user-input to craft the base request, but to be treated as part of the path or query parameter. When user-input is necessary to craft the request, it is recommeneded to follow OWASP best practices to prevent abuse. ", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-918: Server-Side Request Forgery (SSRF)"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "MEDIUM", "owasp": ["A10:2021 - Server-Side Request Forgery (SSRF)"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22554, "rule_id": "eqU9l2", "rv_id": 109848, "url": "https://semgrep.dev/playground/r/2KTzr9N/javascript.express.security.audit.express-ssrf.express-ssrf", "version_id": "2KTzr9N"}}, "shortlink": "https://sg.run/0PNw", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-ssrf.express-ssrf", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Server-Side Request Forgery (SSRF)"]}, "metavars": {"$1": {"abstract_content": "get", "end": {"col": 4, "line": 1, "offset": 3}, "start": {"col": 1, "line": 1, "offset": 0}}, "$ASSIGN": {"abstract_content": "url", "end": {"col": 19, "line": 23, "offset": 884}, "propagated_value": {"svalue_abstract_content": "req.body.imageUrl", "svalue_end": {"col": 36, "line": 18, "offset": 614}, "svalue_start": {"col": 19, "line": 18, "offset": 597}}, "start": {"col": 16, "line": 23, "offset": 881}}, "$METHOD": {"abstract_content": "get", "end": {"col": 15, "line": 23, "offset": 880}, "start": {"col": 12, "line": 23, "offset": 877}}, "$REQ": {"abstract_content": "req", "end": {"col": 22, "line": 18, "offset": 600}, "start": {"col": 19, "line": 18, "offset": 597}}, "$REQUEST": {"abstract_content": "request", "end": {"col": 37, "line": 22, "offset": 865}, "start": {"col": 30, "line": 22, "offset": 858}}, "$VALUE": {"abstract_content": "imageUrl", "end": {"col": 36, "line": 18, "offset": 614}, "start": {"col": 28, "line": 18, "offset": 606}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/profileImageUrlUpload.ts", "start": {"col": 16, "line": 23, "offset": 881}}, {"check_id": "javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "end": {"col": 57, "line": 14, "offset": 472}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 295}, "path": "routes/quarantineServer.ts", "start": {"col": 13, "line": 10, "offset": 289}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 369}, "path": "routes/quarantineServer.ts", "start": {"col": 11, "line": 11, "offset": 365}}}], "taint_sink": ["CliLoc", [{"end": {"col": 57, "line": 14, "offset": 472}, "path": "routes/quarantineServer.ts", "start": {"col": 20, "line": 14, "offset": 435}}, "path.resolve('ftp/quarantine/', file)"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 295}, "path": "routes/quarantineServer.ts", "start": {"col": 13, "line": 10, "offset": 289}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "b63e4f429cf1e1ec583179c073415fef8f2f5962f472dec6d360f25cba12a7a9b9f55a1ded242cfa05827ee23a9d89aafff68d871dd32580e783f6f6d1536c1a_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('ftp/quarantine/', file))", "message": "The application processes user-input, this is passed to res.sendFile which can allow an attacker to arbitrarily read files on the system through path traversal. It is recommended to perform input validation in addition to canonicalizing the path. This allows you to validate the path against the intended directory it should be accessing.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-73: External Control of File Name or Path"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A04:2021 - Insecure Design"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22082, "rule_id": "j2UzDx", "rv_id": 109846, "url": "https://semgrep.dev/playground/r/zyTK8E9/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "version_id": "zyTK8E9"}}, "shortlink": "https://sg.run/7DJk", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-res-sendfile.express-res-sendfile", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$1": {"abstract_content": "sendFile", "end": {"col": 9, "line": 1, "offset": 8}, "start": {"col": 1, "line": 1, "offset": 0}}, "$METH": {"abstract_content": "sendFile", "end": {"col": 19, "line": 14, "offset": 434}, "start": {"col": 11, "line": 14, "offset": 426}}, "$NEXT": {"abstract_content": "next", "end": {"col": 58, "line": 10, "offset": 334}, "start": {"col": 54, "line": 10, "offset": 330}}, "$QUERY": {"abstract_content": "path.resolve('ftp/quarantine/'file)", "end": {"col": 57, "line": 14, "offset": 472}, "start": {"col": 20, "line": 14, "offset": 435}}, "$REQ": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 295}, "start": {"col": 13, "line": 10, "offset": 289}}, "$RES": {"abstract_content": "res", "end": {"col": 42, "line": 10, "offset": 318}, "start": {"col": 39, "line": 10, "offset": 315}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/quarantineServer.ts", "start": {"col": 20, "line": 14, "offset": 435}}, {"check_id": "javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "end": {"col": 56, "line": 14, "offset": 471}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 295}, "path": "routes/quarantineServer.ts", "start": {"col": 13, "line": 10, "offset": 289}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 369}, "path": "routes/quarantineServer.ts", "start": {"col": 11, "line": 11, "offset": 365}}}], "taint_sink": ["CliLoc", [{"end": {"col": 56, "line": 14, "offset": 471}, "path": "routes/quarantineServer.ts", "start": {"col": 52, "line": 14, "offset": 467}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 19, "line": 10, "offset": 295}, "path": "routes/quarantineServer.ts", "start": {"col": 13, "line": 10, "offset": 289}}, "params"]]}, "engine_kind": "OSS", "fingerprint": "c56fde85159a4267f7b3cb6642b732d750f67ba5e8a4550aa0e9213b802ebf3c27ebd8e6a3183d267eadc3d12749de80ac659ac2d28eabc6b17f92d20307241f_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('ftp/quarantine/', file))", "message": "Possible writing outside of the destination, make sure that the target path is nested in the intended destination", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9273, "rule_id": "L1Uyb8", "rv_id": 109845, "url": "https://semgrep.dev/playground/r/o5Tgl6W/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "version_id": "o5Tgl6W"}}, "shortlink": "https://sg.run/weRn", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["express", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$NEXT": {"abstract_content": "next", "end": {"col": 58, "line": 10, "offset": 334}, "start": {"col": 54, "line": 10, "offset": 330}}, "$REQ": {"abstract_content": "params", "end": {"col": 19, "line": 10, "offset": 295}, "start": {"col": 13, "line": 10, "offset": 289}}, "$RES": {"abstract_content": "res", "end": {"col": 42, "line": 10, "offset": 318}, "start": {"col": 39, "line": 10, "offset": 315}}, "$SINK": {"abstract_content": "file", "end": {"col": 56, "line": 14, "offset": 471}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 383}, "svalue_start": {"col": 18, "line": 11, "offset": 372}}, "start": {"col": 52, "line": 14, "offset": 467}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/quarantineServer.ts", "start": {"col": 52, "line": 14, "offset": 467}}, {"check_id": "javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "end": {"col": 56, "line": 14, "offset": 471}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "params", "location": {"end": {"col": 19, "line": 10, "offset": 295}, "path": "routes/quarantineServer.ts", "start": {"col": 13, "line": 10, "offset": 289}}}, {"content": "file", "location": {"end": {"col": 15, "line": 11, "offset": 369}, "path": "routes/quarantineServer.ts", "start": {"col": 11, "line": 11, "offset": 365}}}], "taint_sink": ["CliLoc", [{"end": {"col": 56, "line": 14, "offset": 471}, "path": "routes/quarantineServer.ts", "start": {"col": 52, "line": 14, "offset": 467}}, "file"]], "taint_source": ["CliLoc", [{"end": {"col": 37, "line": 10, "offset": 313}, "path": "routes/quarantineServer.ts", "start": {"col": 11, "line": 10, "offset": 287}}, "{ params, query }: Request"]]}, "engine_kind": "OSS", "fingerprint": "e198c7dc4b73c836c60be1491e90c1d58e78cc87af53fb9247499cdcbd5e2d9316e886ac2d496a8b7db8586f269a3a108af4638edf0e5ba6eac718636dad8de0_0", "is_ignored": false, "lines": " res.sendFile(path.resolve('ftp/quarantine/', file))", "message": "Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.", "metadata": {"category": "security", "confidence": "LOW", "cwe": ["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A05:2017 - Broken Access Control", "A01:2021 - Broken Access Control"], "references": ["https://owasp.org/www-community/attacks/Path_Traversal"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9331, "rule_id": "8GUjrq", "rv_id": 109922, "url": "https://semgrep.dev/playground/r/nWTxP4n/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "version_id": "nWTxP4n"}}, "shortlink": "https://sg.run/OPqk", "source": "https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal", "subcategory": ["vuln"], "technology": ["javascript", "node.js"], "vulnerability_class": ["Path Traversal"]}, "metavars": {"$SINK": {"abstract_content": "file", "end": {"col": 56, "line": 14, "offset": 471}, "propagated_value": {"svalue_abstract_content": "params.file", "svalue_end": {"col": 29, "line": 11, "offset": 383}, "svalue_start": {"col": 18, "line": 11, "offset": 372}}, "start": {"col": 52, "line": 14, "offset": 467}}, "$X": {"abstract_content": "{params params query query}Request", "end": {"col": 37, "line": 10, "offset": 313}, "start": {"col": 11, "line": 10, "offset": 287}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/quarantineServer.ts", "start": {"col": 52, "line": 14, "offset": 467}}, {"check_id": "javascript.express.security.audit.express-open-redirect.express-open-redirect", "end": {"col": 25, "line": 19, "offset": 1066}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "query", "location": {"end": {"col": 18, "line": 14, "offset": 461}, "path": "routes/redirect.ts", "start": {"col": 13, "line": 14, "offset": 456}}}, {"content": "toUrl", "location": {"end": {"col": 16, "line": 15, "offset": 529}, "path": "routes/redirect.ts", "start": {"col": 11, "line": 15, "offset": 524}}}], "taint_sink": ["CliLoc", [{"end": {"col": 25, "line": 19, "offset": 1066}, "path": "routes/redirect.ts", "start": {"col": 20, "line": 19, "offset": 1061}}, "toUrl"]], "taint_source": ["CliLoc", [{"end": {"col": 18, "line": 14, "offset": 461}, "path": "routes/redirect.ts", "start": {"col": 13, "line": 14, "offset": 456}}, "query"]]}, "engine_kind": "OSS", "fingerprint": "d41f6282eed135404633f9b172ae34b6b783636a9e9999642e5db986f80d77b827c3a67cf9fe9aae749d4f0bdcb63ae1f7743fc1db2162f97aa3ddd63f41fd56_0", "is_ignored": false, "lines": " res.redirect(toUrl as string)", "message": "The application redirects to a URL specified by user-supplied input `query` that is not validated. This could redirect users to malicious locations. Consider using an allow-list approach to validate URLs, or warn users they are being redirected to a third-party website.", "metadata": {"category": "security", "confidence": "HIGH", "cwe": ["CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2021 - Broken Access Control"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22081, "rule_id": "X5ULkq", "rv_id": 109844, "url": "https://semgrep.dev/playground/r/6xTvJN0/javascript.express.security.audit.express-open-redirect.express-open-redirect", "version_id": "6xTvJN0"}}, "shortlink": "https://sg.run/EpoP", "source": "https://semgrep.dev/r/javascript.express.security.audit.express-open-redirect.express-open-redirect", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["Open Redirect"]}, "metavars": {"$ASSIGN": {"abstract_content": "toUrl", "end": {"col": 25, "line": 19, "offset": 1066}, "propagated_value": {"svalue_abstract_content": "query.to", "svalue_end": {"col": 27, "line": 15, "offset": 540}, "svalue_start": {"col": 19, "line": 15, "offset": 532}}, "start": {"col": 20, "line": 19, "offset": 1061}}, "$NEXT": {"abstract_content": "next", "end": {"col": 50, "line": 14, "offset": 493}, "start": {"col": 46, "line": 14, "offset": 489}}, "$REQ": {"abstract_content": "query", "end": {"col": 24, "line": 15, "offset": 537}, "start": {"col": 19, "line": 15, "offset": 532}}, "$RES": {"abstract_content": "res", "end": {"col": 10, "line": 19, "offset": 1051}, "start": {"col": 7, "line": 19, "offset": 1048}}, "$VALUE": {"abstract_content": "to", "end": {"col": 27, "line": 15, "offset": 540}, "start": {"col": 25, "line": 15, "offset": 538}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/redirect.ts", "start": {"col": 20, "line": 19, "offset": 1061}}, {"check_id": "javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "end": {"col": 159, "line": 23, "offset": 1001}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 21, "offset": 702}, "path": "routes/search.ts", "start": {"col": 9, "line": 21, "offset": 694}}}], "taint_sink": ["CliLoc", [{"end": {"col": 159, "line": 23, "offset": 1001}, "path": "routes/search.ts", "start": {"col": 28, "line": 23, "offset": 870}}, "`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 21, "offset": 754}, "path": "routes/search.ts", "start": {"col": 60, "line": 21, "offset": 745}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "eec4f3b0e3caf0301754e875531abac913fef9be533240d23947ddebae2d44e701050fe63bd4f09afad7732e717b405cc181a3d00462ca54b871ea1fcd0e5822_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`) // vuln-code-snippet vuln-line unionSqlInjectionChallenge dbSchemaChallenge", "message": "Detected a sequelize statement that is tainted by user-input. This could lead to SQL injection if the variable is user-controlled and is not properly sanitized. In order to prevent SQL injection, it is recommended to use parameterized queries or prepared statements.", "metadata": {"category": "security", "confidence": "HIGH", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "HIGH", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://sequelize.org/docs/v6/core-concepts/raw-queries/#replacements"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 22085, "rule_id": "yyU0GX", "rv_id": 109973, "url": "https://semgrep.dev/playground/r/3ZTkQwW/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "version_id": "3ZTkQwW"}}, "shortlink": "https://sg.run/gjoe", "source": "https://semgrep.dev/r/javascript.sequelize.security.audit.sequelize-injection-express.express-sequelize-injection", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$DB": {"abstract_content": "models", "end": {"col": 11, "line": 23, "offset": 853}, "start": {"col": 5, "line": 23, "offset": 847}}, "$NEXT": {"abstract_content": "next", "end": {"col": 44, "line": 20, "offset": 665}, "start": {"col": 40, "line": 20, "offset": 661}}, "$QUERY": {"abstract_content": "`SELECT * FROM Products WHERE ((name LIKE '%criteria%' OR description LIKE '%criteria%') AND deletedAt IS NULL) ORDER BY name", "end": {"col": 159, "line": 23, "offset": 1001}, "start": {"col": 28, "line": 23, "offset": 870}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 21, "offset": 748}, "start": {"col": 60, "line": 21, "offset": 745}}, "$RES": {"abstract_content": "res", "end": {"col": 28, "line": 20, "offset": 649}, "start": {"col": 25, "line": 20, "offset": 646}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "routes/search.ts", "start": {"col": 28, "line": 23, "offset": 870}}, {"check_id": "javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "end": {"col": 82, "line": 23, "offset": 924}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "criteria", "location": {"end": {"col": 17, "line": 21, "offset": 702}, "path": "routes/search.ts", "start": {"col": 9, "line": 21, "offset": 694}}}], "taint_sink": ["CliLoc", [{"end": {"col": 82, "line": 23, "offset": 924}, "path": "routes/search.ts", "start": {"col": 74, "line": 23, "offset": 916}}, "criteria"]], "taint_source": ["CliLoc", [{"end": {"col": 69, "line": 21, "offset": 754}, "path": "routes/search.ts", "start": {"col": 60, "line": 21, "offset": 745}}, "req.query"]]}, "engine_kind": "OSS", "fingerprint": "ed4aa726128425d6e32977ee28aac79b5242f7145be635e09de93f87f2dff4be41e822d21901b302d3cc3d2aeb9dd63cec921f757f596a796310f349db882fbb_0", "is_ignored": false, "lines": " models.sequelize.query(`SELECT * FROM Products WHERE ((name LIKE '%${criteria}%' OR description LIKE '%${criteria}%') AND deletedAt IS NULL) ORDER BY name`) // vuln-code-snippet vuln-line unionSqlInjectionChallenge dbSchemaChallenge", "message": "Detected user input used to manually construct a SQL string. This is usually bad practice because manual construction could accidentally result in a SQL injection. An attacker could use a SQL injection to steal or modify contents of the database. Instead, use a parameterized query which is available by default in most database engines. Alternatively, consider using an object-relational mapper (ORM) such as Sequelize which will protect your queries.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"], "cwe2021-top25": true, "cwe2022-top25": true, "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "HIGH", "owasp": ["A01:2017 - Injection", "A03:2021 - Injection"], "references": ["https://owasp.org/www-community/attacks/SQL_Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 14715, "rule_id": "NbUNpr", "rv_id": 751091, "url": "https://semgrep.dev/playground/r/l4TWDPx/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "version_id": "l4TWDPx"}}, "shortlink": "https://sg.run/66ZL", "source": "https://semgrep.dev/r/javascript.express.security.injection.tainted-sql-string.tainted-sql-string", "subcategory": ["vuln"], "technology": ["express"], "vulnerability_class": ["SQL Injection"]}, "metavars": {"$1": {"abstract_content": "SELECT", "end": {"col": 7, "line": 1, "offset": 6}, "start": {"col": 1, "line": 1, "offset": 0}}, "$EXPR": {"abstract_content": "criteria", "end": {"col": 82, "line": 23, "offset": 924}, "start": {"col": 74, "line": 23, "offset": 916}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 21, "offset": 748}, "start": {"col": 60, "line": 21, "offset": 745}}, "$SQLSTR": {"abstract_content": "SELECT * FROM Products WHERE ((name LIKE '%", "end": {"col": 72, "line": 23, "offset": 914}, "start": {"col": 29, "line": 23, "offset": 871}}}, "severity": "ERROR", "validation_state": "NO_VALIDATOR"}, "path": "routes/search.ts", "start": {"col": 74, "line": 23, "offset": 916}}, {"check_id": "javascript.browser.security.eval-detected.eval-detected", "end": {"col": 36, "line": 36, "offset": 1494}, "extra": {"engine_kind": "OSS", "fingerprint": "d15c8803dcd0a83365b887c4207db4e681c9470c390b31cbb40733b5c358b1dc30a01071b536a6c562cf1d1dff32b7529c508947d34cd8da6bad5958cb4f531a_0", "is_ignored": false, "lines": " username = eval(code) // eslint-disable-line no-eval", "message": "Detected the use of eval(). eval() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.", "metadata": {"asvs": {"control_id": "5.2.4 Dynamic Code Execution Features", "control_url": "https://github.com/OWASP/ASVS/blob/master/4.0/en/0x13-V5-Validation-Sanitization-Encoding.md#v52-sanitization-and-sandboxing", "section": "V5 Validation, Sanitization and Encoding", "version": "4"}, "category": "security", "confidence": "LOW", "cwe": ["CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"], "impact": "MEDIUM", "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "LOW", "owasp": ["A03:2021 - Injection"], "references": ["https://owasp.org/Top10/A03_2021-Injection"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 9238, "rule_id": "GdU7dw", "rv_id": 109815, "url": "https://semgrep.dev/playground/r/xyTKZ6r/javascript.browser.security.eval-detected.eval-detected", "version_id": "xyTKZ6r"}}, "shortlink": "https://sg.run/7ope", "source": "https://semgrep.dev/r/javascript.browser.security.eval-detected.eval-detected", "subcategory": ["audit"], "technology": ["browser"], "vulnerability_class": ["Code Injection"]}, "metavars": {}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/userProfile.ts", "start": {"col": 26, "line": 36, "offset": 1484}}, {"check_id": "javascript.express.security.express-insecure-template-usage.express-insecure-template-usage", "end": {"col": 43, "line": 56, "offset": 2591}, "extra": {"dataflow_trace": {"intermediate_vars": [{"content": "loggedInUser", "location": {"end": {"col": 25, "line": 24, "offset": 896}, "path": "routes/userProfile.ts", "start": {"col": 13, "line": 24, "offset": 884}}}, {"content": "user", "location": {"end": {"col": 60, "line": 26, "offset": 1035}, "path": "routes/userProfile.ts", "start": {"col": 56, "line": 26, "offset": 1031}}}, {"content": "template", "location": {"end": {"col": 19, "line": 47, "offset": 1872}, "path": "routes/userProfile.ts", "start": {"col": 11, "line": 47, "offset": 1864}}}], "taint_sink": ["CliLoc", [{"end": {"col": 43, "line": 56, "offset": 2591}, "path": "routes/userProfile.ts", "start": {"col": 22, "line": 56, "offset": 2570}}, "pug.compile(template)"]], "taint_source": ["CliLoc", [{"end": {"col": 71, "line": 24, "offset": 942}, "path": "routes/userProfile.ts", "start": {"col": 60, "line": 24, "offset": 931}}, "req.cookies"]]}, "engine_kind": "OSS", "fingerprint": "991294b6eb598a144349574d0ba9796c68c1a4db1a2c24e484b969a230ed900cb16f4627b84a4cfdcbe8f0c0a1637796d66aa27e934cb77c2a94348604f928ac_0", "is_ignored": false, "lines": " const fn = pug.compile(template)", "message": "User data from `req` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability.", "metadata": {"category": "security", "confidence": "MEDIUM", "cwe": ["CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"], "impact": "MEDIUM", "interfile": true, "license": "Commons Clause License Condition v1.0[LGPL-2.1-only]", "likelihood": "MEDIUM", "owasp": ["A03:2021 - Injection", "A01:2017 - Injection"], "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html"], "semgrep.dev": {"rule": {"origin": "community", "r_id": 19226, "rule_id": "EwUr9k", "rv_id": 109870, "url": "https://semgrep.dev/playground/r/gET3xQ6/javascript.express.security.express-insecure-template-usage.express-insecure-template-usage", "version_id": "gET3xQ6"}}, "shortlink": "https://sg.run/b49v", "source": "https://semgrep.dev/r/javascript.express.security.express-insecure-template-usage.express-insecure-template-usage", "source_rule_url": ["https://github.com/github/codeql/blob/2ba2642c7ab29b9eedef33bcc2b8cd1d203d0c10/javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/template-sinks.js"], "subcategory": ["vuln"], "technology": ["javascript", "typescript", "express", "pug", "jade", "dot", "ejs", "nunjucks", "lodash", "handlbars", "mustache", "hogan.js", "eta", "squirrelly"], "vulnerability_class": ["Code Injection"]}, "metavars": {"$NEXT": {"abstract_content": "next", "end": {"col": 44, "line": 21, "offset": 755}, "start": {"col": 40, "line": 21, "offset": 751}}, "$PUG": {"abstract_content": "pug", "end": {"col": 25, "line": 56, "offset": 2573}, "start": {"col": 22, "line": 56, "offset": 2570}}, "$REQ": {"abstract_content": "req", "end": {"col": 63, "line": 24, "offset": 934}, "start": {"col": 60, "line": 24, "offset": 931}}, "$RES": {"abstract_content": "res", "end": {"col": 28, "line": 21, "offset": 739}, "start": {"col": 25, "line": 21, "offset": 736}}}, "severity": "WARNING", "validation_state": "NO_VALIDATOR"}, "path": "routes/userProfile.ts", "start": {"col": 22, "line": 56, "offset": 2570}}, {"check_id": "javascript.lang.security.audit.unknown-value-with-script-tag.unknown-value-with-script-tag", "end": {"col": 94, "line": 57, "offset": 1911}, "extra": {"engine_kind": "OSS", "fingerprint": "e4b02808f1038a915ab7df4473e7c597698ea1457a76d1f78398678d11b9ead64f6e3acee2f93e5a31b40d2ae234bdfa608e03426cd5bf8e7d0bb76c60ddbcb1_0", "is_ignored": false, "lines": " challengeUtils.solveIf(challenges.videoXssChallenge, () => { return utils.contains(subs, '') })", "message": "Cannot determine what 'subs' is and it is used with a '', '')", "message": "Cannot determine what 'subs' is and it is used with a '