DevSecOps Demo 7492: GHAS Features Showcase #133
14 new alerts including 6 high severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 6 high
Other Alerts:
- 1 warning
- 7 notes
See annotations below for details.
Annotations
Check failure on line 45 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check failure on line 46 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check failure on line 61 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Denial of Service from comparison of user input against expensive regex High
Check failure on line 63 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check failure on line 68 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check failure on line 75 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Insecure SQL connection High
Check warning on line 111 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Useless assignment to local variable Warning
Check notice on line 42 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Inefficient use of ContainsKey Note
Check notice on line 55 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Inefficient use of ContainsKey Note
Check notice on line 69 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check notice on line 68 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Redundant ToString() call Note
Check notice on line 83 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check notice on line 150 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check notice on line 148 in src/webapp01/Pages/DevSecOps-7492.cshtml.cs
Code scanning / CodeQL
Redundant ToString() call Note