Release 2.0.7.0

Release Date: 29th October’21
Improvements and Bug fixes

  • We have added 4 C++ checks.
  1. unvalidated parameter as index
  2. Non POD memory operation
  3. unvalidated loop boundary
  4. unconditional pointer dereference
  • We have added 2 CPP checks that map to CWE

    Sr. No CPP checks CWE tags
    1 Unchecked Input for Loop Condition CWE-606
    2 Loop with Unreachable Exit Condition CWE- 835
  • Upgraded versions and added new checks for below linters such as:

    Sr No Linter Name Old version Upgraded version Changes
    1 staticcheck 0.1.2 0.2.1
    2 gosec 2.6.1 2.8.1
    3 brakeman 5.0.0 5.1.1
    4 PMD 6.26.0 6.39.0 16
    5 PYLINT 2.4.4 2.11.1 22
    6 Solhint 3.3.6 3.3.6 41
  • We have added 5 Java vulnerability checks that map to CWE

    Sr. No Java checks CWE tags
    1 Non Serializable In Session CWE- 579
    2 Public Static Field Should Be Final CWE- 500
    3 Empty Synchronized Block CWE- 585
    4 Return In Finally Block CWE- 584
    5 Explicit Call To Finalize CWE- 586