Add Semgrep CI by klchia · Pull Request #10 · cxworkshops/totallysecureapp

klchia · 2025-07-28T02:55:21Z

123

cxworkshops · 2025-07-28T02:56:52Z

Checkmarx One – Scan Summary & Details – 7b4a29fb-611f-4e05-87a5-e8b631547528

New Issues (42)

Checkmarx found the following issues in this Pull Request

Issue	Source File / Package	Checkmarx Insight
CVE-2016-2170	Maven-commons-collections:commons-collections-3.2.1	details Recommended version: 3.2.2 Description: Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java... Attack Vector: NETWORK Attack Complexity: LOW `ID: mIu%2FOCiCWsahNtINi4asmfqtnp%2BDXAVKjtauI7oDtgM%3D` Vulnerable Package
Cx07931ce7-8224	Npm-ua-parser-js-0.7.29	details Description: This package exfiltrates stored credentials and sensitive information ### About Data exfiltration may be done in numerous ways such as through HTT... `ID: %2FCTbj1eKr2YKKuD5%2BXoYi2%2B2mnXbONCSoyLV%2B1ota7k%3D` Vulnerable Package
Cx43050644-3add	Npm-momnet-2.29.1	details Description: This package name is similar to other popular package "moment" ### About Typosquatting attacks relies on user type errors being inputted into inst... `ID: Jv36%2F1YZZWsZK%2FYKDTbEktQ%2BDfFDgkMRrusgRAyw52g%3D` Vulnerable Package
Cx4737011d-347c	Npm-ua-parser-js-0.7.29	details Description: This package executes a crypto mining software ### About Using a dynamic analysis environment (also known as a Sandbox) we can monitor filesystem ... `ID: sxuGOcBoOd47tbb1T5xyUlFHWnUW7adXon80ZJ9tJUg%3D` Vulnerable Package
Cx4a52ebed-4106	Npm-momnet-2.29.1	details Description: This package was manually inspected by a security researcher and flagged as malicious ### About Classifying malicious packages is an internal proc... `ID: 8%2FMsBydAxeT0Uae1TCvWHqONYkcJAdjSlY9KS81T4YA%3D` Vulnerable Package
Cx558b006b-f4df	Npm-ua-parser-js-0.7.29	details Description: This package was manually inspected by a security researcher and flagged as malicious ### About Classifying malicious packages is an internal proc... `ID: Sn7MMR7bvCHyM7Vy5vJY1BmzFqpA87PjO7VNql6xP54%3D` Vulnerable Package
Cx9c42b5fe-7ada	Npm-ua-parser-js-0.7.29	details Description: This package downloads a harmful file. File hash: ```7f986cd3c946f274cdec73f80b84855a77bc2a3c765d68897fbc42835629a5d5``` ### About Using a dynamic... `ID: puGnBzr3CCWGJ%2FyQw4whAs27QVDLVgszQJHqCM30kkc%3D` Vulnerable Package
Cx9c42f2c3-f75f	Npm-ua-parser-js-0.7.29	details Description: This package exfiltrates computer and operating system information ### About Data exfiltration may be done in numerous ways such as through HTTP r... `ID: Df1R5oqLnMQ6mY5vkik%2BZoGBYEoNTSPUHpfpF1SFFvk%3D` Vulnerable Package
Cxb548375c-73ad	Npm-momnet-2.29.1	details Description: There is a weak link between the package's listed metadata and the referenced Git repository "https://github\.com/moment/moment" ### About Package ... `ID: kGpRiZm4n3WO8NvCF8mvAYy1KI9AX0Pel5ZVcAdm5Pw%3D` Vulnerable Package
Cxd59efdf2-2f00	Npm-ua-parser-js-0.7.29	details Description: This package downloads a harmful file. File hash: ```2a3acdcd76575762b18c18c644a745125f55ce121f742d2aad962521bc7f25fd``` ### About Using a dynamic... `ID: bLTnLHBzcYIzwgTwUnDoiESz4OH%2Bu6BxH630i5JT5ss%3D` Vulnerable Package
Cxec41bee3-fc56	Npm-ua-parser-js-0.7.29	details Description: This package downloads a harmful file. File hash: ```ea131cc5ccf6aa6544d6cb29cdb78130feed061d2097c6903215be1499464c2e``` ### About Using a dynamic... `ID: tdwrOoqkOljsRedYMWZVZgTJvmJrBo1YFmL2o64TrjE%3D` Vulnerable Package
CVE-2015-6420	Maven-commons-collections:commons-collections-3.2.1	details Recommended version: 3.2.2 Description: Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, a... Attack Vector: NETWORK Attack Complexity: LOW `ID: XxWp%2BDv%2Ft887VDpQpyaJu6trm6g7lDYn5LpXfAiaVFE%3D` Vulnerable Package
CVE-2023-22102	Maven-mysql:mysql-connector-java-5.1.26	details Description: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). The affected versions are through 8.1.0. The difficult-to-e... Attack Vector: NETWORK Attack Complexity: HIGH `ID: LSA5iB8UXWPNnuAZS50hf6VFmEy3UevRqJbb8kDg3BY%3D` Vulnerable Package
CVE-2023-24998	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Apache Commons FileUpload prior to 1.5 does not limit the number of request parts to be processed, resulting in the possibility of an attacker trig... Attack Vector: NETWORK Attack Complexity: LOW `ID: cALXjVHrjf9kAm%2FO3%2FrK%2FrGMMreVsVHqyI1yc72GGpA%3D` Vulnerable Package
CVE-2023-44487	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploi... Attack Vector: NETWORK Attack Complexity: LOW `ID: h49TuVJxJ7vlUUQXQsTeofPnywcR6u1I0ikR6KJqTpE%3D` Vulnerable Package
CVE-2023-5072	Maven-org.json:json-20131018	details Recommended version: 20231013 Description: Denial of Service (DoS) in JSON-Java in versions prior to 20231013. A bug in the parser means that an input string of modest size can lead to indef... Attack Vector: NETWORK Attack Complexity: LOW `ID: T2bNnz%2FTtjtVwzO3IFy8SXczoj0GjMmf8gDCqKUBT3w%3D` Vulnerable Package
CVE-2024-24549	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: According to the class of vulnerabilities "HTTP/2 CONTINUATION Flood," implementation of the HTTP/2 protocol without proper input validation or lim... Attack Vector: NETWORK Attack Complexity: LOW `ID: ZKP3b2nfTD7vop5dDzc1mWKCTb7FzhNw7SfL0T0oJnY%3D` Vulnerable Package
CVE-2024-34750	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, To... Attack Vector: NETWORK Attack Complexity: LOW `ID: SO25j%2BbcWbDVyzqtqUdY0YMLBdkhfsniqbl63mLy654%3D` Vulnerable Package
CVE-2024-38286	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat versions 9.0.13 through 9.0.8... Attack Vector: NETWORK Attack Complexity: LOW `ID: u3zULyHK%2F0Run3fBjOr%2BcaX4z%2ByXA%2F3Bz27i5ZFQ7S8%3D` Vulnerable Package
CVE-2025-52434	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when using the APR/Nativ... Attack Vector: NETWORK Attack Complexity: LOW `ID: 3Iddg7I9AU7PYmoKibj1l8AzdGf40kYsswH1Y4nxwFg%3D` Vulnerable Package
CVE-2025-53506	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces th... Attack Vector: NETWORK Attack Complexity: LOW `ID: %2BmZL2yBfDlIBSrpvucL%2FUBadUONkdn0%2BT3KOFDJagFU%3D` Vulnerable Package
Improper_Restriction_of_Stored_XXE_Ref	/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/XEEandXXEController.java: 107	details The doPost loads and parses XML using parse, at line 107 of /src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/XEEandXXEController.java. ... `ID: EmVyddF5r0zUwun6Qr1thFCwq0M%3D` Attack Vector
Passwords And Secrets - Generic Password	/docker-compose.yml: 103	details Query to find passwords and secrets in infrastructure code. `ID: WFCYvR8P8sYwhZO1%2B7jsxxSc6Lc%3D`
Passwords And Secrets - Generic Password	/docker-compose.yml: 109	details Query to find passwords and secrets in infrastructure code. `ID: siES8WnZgEW%2FYW3sGxvk2ioy2T8%3D`
Passwords And Secrets - Generic Password	/docker-compose.yml: 67	details Query to find passwords and secrets in infrastructure code. `ID: 1r4sLKylkaarRy7PcnwoPzVgFAg%3D`
Passwords And Secrets - Generic Password	/docker-compose.yml: 73	details Query to find passwords and secrets in infrastructure code. `ID: DDSke6oqjyndx%2BvUxPDjh6v3U%2F8%3D`
Passwords And Secrets - Generic Password	/docker-compose.yml: 27	details Query to find passwords and secrets in infrastructure code. `ID: %2BjmA5tGlTA0WvxT5n6T4Kmylh5o%3D`
CVE-2023-42795	Maven-org.apache.tomcat:tomcat-util-9.0.22	details Recommended version: 9.0.81 Description: Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat in versions prior to 8.5.94, 9.0.x prio... Attack Vector: NETWORK Attack Complexity: LOW `ID: e025u3ZzFTVyNOX7P4h9gsxZrILit0Xo4pQpiLgk5x8%3D` Vulnerable Package
CVE-2023-42795	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat in versions prior to 8.5.94, 9.0.x prio... Attack Vector: NETWORK Attack Complexity: LOW `ID: itm7LTbZlq2hhkfma8auJt9vLxrn9ZwCMNapWvJjbMw%3D` Vulnerable Package
CVE-2023-45648	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Improper Input Validation vulnerability in Apache Tomcat. A specially crafted, invalid trailer header could cause Tomcat to treat a single request ... Attack Vector: NETWORK Attack Complexity: LOW `ID: DkAFOBLcae9yfsZ569yIwbDqxgF9%2B1I96XQVaPlbhs4%3D` Vulnerable Package
CVE-2024-21733	Maven-org.apache.tomcat:tomcat-coyote-9.0.22	details Recommended version: 9.0.107 Description: Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat. This issue affects the Apache Tomcat versions 8.5.7 th... Attack Vector: NETWORK Attack Complexity: LOW `ID: KpOzJ%2BDyfPxNANquTgUNkuZMXfrnDpuAF8dlxIin7eQ%3D` Vulnerable Package
Parameter_Tampering	/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/SQLInjectionController.java: 30	details Method process at line 30 of /src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/SQLInjectionController.java gets user input from element n... `ID: OxjN%2F%2FXXJLkbSjVTgWx2dOH4qoQ%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/webapp/eb/v1/dfi/style_bootstrap.html: 7	details The application loads an external library or source code file using "https://maxcdn\.bootstrapcdn\.com/bootstrap/3\.3\.7/js/bootstrap\.min\.js", at... `ID: mKYwXrB0KGd0brg2zpxk2KGJPIM%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/webapp/eb/v1/dfi/style_bootstrap.html: 5	details The application loads an external library or source code file using "https://ajax\.googleapis\.com/ajax/libs/jquery/3\.1\.1/jquery\.min\.js", at li... `ID: Vjx5M0RtS0EPGEtaWuPgsJ7E%2Bns%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/resources/templates/eb/v1/head.html: 17	details The application loads an external library or source code file using "https://cdnjs\.cloudflare\.com/ajax/libs/mathjax/2\.7\.0/MathJax\.js?config=Te... `ID: NIQ4BQLS7nNRd1ABv7eLbwxwDxw%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/resources/templates/eb/v1/head.html: 13	details The application loads an external library or source code file using "https://maxcdn\.bootstrapcdn\.com/bootstrap/3\.3\.7/js/bootstrap\.min\.js", at... `ID: xMytbkNyZzsT7ib71SDtMLn0F3I%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/resources/templates/eb/v1/head.html: 15	details The application loads an external library or source code file using "https://cdn\.rawgit\.com/google/code\-prettify/master/loader/run\_prettify\.js... `ID: sbLTzsWOHvk%2Fek22h%2BTX63t4AVQ%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/resources/templates/eb/v1/head.html: 11	details The application loads an external library or source code file using "https://ajax\.googleapis\.com/ajax/libs/jquery/3\.1\.1/jquery\.min\.js", at li... `ID: 9rZOQtD%2FHocT%2FpWevTsQBtlCvNE%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/webapp/eb/v1/uid/serverinfo.jsp: 2	details The application loads an external library or source code file using "https://ajax\.googleapis\.com/ajax/libs/jquery/3\.1\.1/jquery\.min\.js", at li... `ID: NeBGGyEbgvHPI0eHgDzEUrL1yNE%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/webapp/eb/v1/uid/clientinfo.jsp: 2	details The application loads an external library or source code file using "https://ajax\.googleapis\.com/ajax/libs/jquery/3\.1\.1/jquery\.min\.js", at li... `ID: M%2FnMtxl4Nm16owy4BmG1Djvm5PA%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/webapp/eb/v1/dfi/style_materialize.html: 3	details The application loads an external library or source code file using "https://cdnjs\.cloudflare\.com/ajax/libs/materialize/0\.98\.0/js/materialize\.... `ID: zrCjg4sPzY0PZRu2Xs36QlCYCQE%3D` Attack Vector
Client_Dangerous_File_Inclusion	/src/main/webapp/eb/v1/dfi/style_google_mdl.html: 5	details The application loads an external library or source code file using "https://cdn\.rtlcss\.com/mdl/1\.2\.1/material\.min\.js", at line 5 of /src/mai... `ID: A3xtOLJa04%2B6OoonmBLVmvWmR5g%3D` Attack Vector

Fixed Issues (2119)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 2993
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 2918
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 5930
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 5777
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 5855
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 4357
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 648
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6080
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 4282
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6439
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 4132
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 5702
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 1705
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 2765
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6364
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 1552
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 723
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 1780
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6005
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 2615
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 1855
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 270
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 3068
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 5627
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 3979
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 4054
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6742
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 573
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6592
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 2690
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6817
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 420
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 498
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6514
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 1627
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 345
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 6667
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 4207
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 1477
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 2843
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 3904
	~~Array Without Maximum Number of Items (v2)~~	/swagger-eb.json: 1930
	~~CVE-2022-25927~~	Npm-ua-parser-js-0.7.29
	~~Client_DOM_Stored_XSS~~	/src/main/webapp/eb/v1/uid/clientinfo.jsp: 10
	~~Client_DOM_Stored_XSS~~	/src/main/webapp/eb/v1/uid/serverinfo.jsp: 10
	~~Cx21f588f7-f9cb~~	Npm-ua-parser-js-0.7.29
	~~Cx68e4da20-b53a~~	Npm-ua-parser-js-0.7.29
	~~Cx6a5f7948-7054~~	Maven-commons-collections:commons-collections-3.2.1
	~~Cx7401d0a9-2786~~	Npm-ua-parser-js-0.7.29
	~~Cx8079a3fb-ff1f~~	Npm-ua-parser-js-0.7.29
	~~Cxa45b0853-bee2~~	Npm-momnet-2.29.1
	~~Cxba94c01e-a95d~~	Npm-ua-parser-js-0.7.29
	~~Cxc73fdf59-ac18~~	Npm-ua-parser-js-0.7.29
	~~Cxfd197ca1-b64b~~	Npm-momnet-2.29.1
	~~Global Security Field Is Undefined (v2)~~	/swagger-eb.json: 2
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451
	~~No Global And Operation Security Defined (v2)~~	/swagger-eb.json: 7451

More results are available on the CxOne platform

Add Semgrep CI

6ace5cb

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add Semgrep CI#10

Add Semgrep CI#10
klchia wants to merge 1 commit intocxworkshops:masterfrom
klchia:master

klchia commented Jul 28, 2025

Uh oh!

cxworkshops commented Jul 28, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

klchia commented Jul 28, 2025

Uh oh!

cxworkshops commented Jul 28, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants