Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A bug has been discovered which has meant that the rule "CWE-73: Avoid file path manipulation vulnerabilities - 7752" is returning false positive violations. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.

SCRAIP-33723 - False violation for the rule "CWE-79: Avoid cross-site scripting DOM vulnerabilities - 7740"

A bug has been discovered which has meant that the rule "CWE-79: Avoid cross-site scripting DOM vulnerabilities - 7740" is returning false positive violations for methods that are correctly sanitized in the code. This bug has been fixed and after an upgrade to CAST AIP 8.3.7 and the generation of a post-upgrade consistency snapshot on the same source code, results may be impacted: reduced number of violations increasing accuracy.

C/C++

SCRAIP-32901 - "Ensure you provide a user-defined copy constructor or disable copy when a class allocates memory in its constructor - 592"

...