Security
Recipes that find and eliminate vulnerable patterns in Java code.
Categories
Composite Recipes
Recipes that include further recipes, often including the individual recipes below.
- Java security best practices
- Remediate OWASP A01:2021 Broken access control
- Remediate OWASP A02:2021 Cryptographic failures
- Remediate OWASP A03:2021 Injection
- Remediate OWASP A08:2021 Software and data integrity failures
- Remediate vulnerabilities from the OWASP Top Ten
Recipes
- Find text-direction changes
- Fix CWE-338 with
SecureRandom - Improper privilege management
- Partial path traversal vulnerability
- Regular Expression Denial of Service (ReDOS)
- Remediate OWASP A05:2021 Security misconfiguration
- Remediate OWASP A06:2021 Vulnerable and outdated components
- Secure random
- SecureRandom seeds are not constant or predictable
- Use
Files#createTempDirectory - Use secure temporary file creation
- XML parser XXE vulnerability
- Zip slip