123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959 |
- {
- "ignored_warnings": [
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "0fcd117fd53301f531142fc075ee8d30219c1239affce9322f9939ac0572ba3b",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/models/ticket/number.rb",
- "line": 45,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "Setting.get(\"ticket_number\").constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Ticket::Number",
- "method": "Ticket::Number.adapter"
- },
- "user_input": "Setting.get(\"ticket_number\")",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "Setting.get(\"ticket_number\") returns defined ticket number backend class names"
- },
- {
- "warning_type": "Denial of Service",
- "warning_code": 76,
- "fingerprint": "15d4ddbc3ac2ae0a0fe27218a42a1920fe2c1868ae5f504422c4af8ffe893beb",
- "check_name": "RegexDoS",
- "message": "Model attribute used in regular expression",
- "file": "app/models/channel/filter/monitoring_base.rb",
- "line": 92,
- "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
- "code": "/#{(Setting.get(\"#{integration_name}_recovery_match\") or \"(OK|UP)\")}/i",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Channel::Filter::MonitoringBase",
- "method": "Channel::Filter::MonitoringBase.run"
- },
- "user_input": "Setting.get(\"#{integration_name}_recovery_match\")",
- "confidence": "Medium",
- "cwe_id": [
- 20,
- 185
- ],
- "note": "Admin configured RegExp"
- },
- {
- "warning_type": "Denial of Service",
- "warning_code": 76,
- "fingerprint": "15d4ddbc3ac2ae0a0fe27218a42a1920fe2c1868ae5f504422c4af8ffe893beb",
- "check_name": "RegexDoS",
- "message": "Model attribute used in regular expression",
- "file": "app/models/channel/filter/monitoring_base.rb",
- "line": 121,
- "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
- "code": "/#{(Setting.get(\"#{integration_name}_recovery_match\") or \"(OK|UP)\")}/i",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Channel::Filter::MonitoringBase",
- "method": "Channel::Filter::MonitoringBase.run"
- },
- "user_input": "Setting.get(\"#{integration_name}_recovery_match\")",
- "confidence": "Medium",
- "cwe_id": [
- 20,
- 185
- ],
- "note": "Admin configured RegExp"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "176994cedb6a57bc52f7a98b0fd93caad211f8f3b48fd010a5db164b37992e1f",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/models/avatar.rb",
- "line": 427,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "ObjectLookup.by_id(object_id).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Avatar",
- "method": "Avatar._add_init_avatar"
- },
- "user_input": "ObjectLookup.by_id(object_id)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "ObjectLookup.by_id works as designed"
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "2251415d8897d2c79a5c952dd0fe57dadd5ca96defd67ccefa27fc7b5ab06148",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/services/service/translation/search/collector/model.rb",
- "line": 28,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "Translation.not_customized.where(\"locale = :locale AND (source #{like_operator} :query OR target #{like_operator} :query OR target_initial #{like_operator} :query)\", :locale => locale, :query => like_query)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Service::Translation::Search::Collector::Model",
- "method": "search_by_query"
- },
- "user_input": "like_operator",
- "confidence": "Medium",
- "cwe_id": [
- 89
- ],
- "note": ""
- },
- {
- "warning_type": "Redirect",
- "warning_code": 18,
- "fingerprint": "2ebd9f5e35ae11122d5561fdbbef7432eeef6b34d7c61249365be7dc34cbfb82",
- "check_name": "Redirect",
- "message": "Possible unprotected redirect",
- "file": "app/controllers/external_credentials_controller.rb",
- "line": 38,
- "link": "https://brakemanscanner.org/docs/warning_types/redirect/",
- "code": "redirect_to(ExternalCredential.request_account_to_link(params[:provider].downcase, params)[:authorize_url], :allow_other_host => true)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "ExternalCredentialsController",
- "method": "link_account"
- },
- "user_input": "ExternalCredential.request_account_to_link(params[:provider].downcase, params)[:authorize_url]",
- "confidence": "Weak",
- "cwe_id": [
- 601
- ],
- "note": ""
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "34d5d0f52def9a9fbcb045f4f16b0117cb22d59d8ab6184f3bddd057d81d7cd1",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/models/channel/filter/internal_article_check.rb",
- "line": 31,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "ticket.articles.where(\"ticket_articles.to #{Rails.application.config.db_like} ?\", \"%#{parse_email(mail[:from_email])}%\")",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Channel::Filter::InternalArticleCheck",
- "method": "Channel::Filter::InternalArticleCheck.last_outgoing_mail_is_internal?"
- },
- "user_input": "Rails.application.config.db_like",
- "confidence": "Weak",
- "cwe_id": [
- 89
- ],
- "note": "The db_like config setting is safe to use in an SQL string."
- },
- {
- "warning_type": "Denial of Service",
- "warning_code": 76,
- "fingerprint": "381781925211cac1f2592a6537f4abc050f98b081e5554b7d3d70a9454157e35",
- "check_name": "RegexDoS",
- "message": "Model attribute used in regular expression",
- "file": "app/models/ticket/number/increment.rb",
- "line": 47,
- "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
- "code": "/(?<=\\W|^)#{Regexp.quote(Setting.get(\"ticket_hook\"))}\\s{0,2}(#{(\"\" or Setting.get(\"system_id\").to_s)}\\d{2,48})\\b/i",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Ticket::Number::Increment",
- "method": "Ticket::Number::Increment.check"
- },
- "user_input": "Setting.get(\"system_id\").to_s",
- "confidence": "Medium",
- "cwe_id": [
- 20,
- 185
- ],
- "note": "Admin configured RegExp"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "3c69accdb245b8493b7455698a454c70c2246c14f46f24e28e1c5329cee9ffac",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "config/initializers/store_provider_check.rb",
- "line": 11,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "\"Store::Provider::#{Setting.get(\"storage_provider\")}\".constantize",
- "render_path": null,
- "location": null,
- "user_input": "Setting.get(\"storage_provider\")",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": ""
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "49c4e60297a41654cfb9d8ac6b8232e0d3a68ee7ebd53f48b7c6d0ec6f830318",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/services/service/translation/search/collector/macro.rb",
- "line": 11,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "::Macro.where(\"name #{like_operator} :query\", :query => like_query)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Service::Translation::Search::Collector::Macro",
- "method": "search_sources"
- },
- "user_input": "like_operator",
- "confidence": "Weak",
- "cwe_id": [
- 89
- ],
- "note": ""
- },
- {
- "warning_type": "Denial of Service",
- "warning_code": 76,
- "fingerprint": "4ea1b96c11cdde309b0f31defd8af9dc39dd7605a7bb18b13b122469a74a5a70",
- "check_name": "RegexDoS",
- "message": "Model attribute used in regular expression",
- "file": "app/models/channel/filter/monitoring_base.rb",
- "line": 115,
- "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
- "code": "/#{(Setting.get(\"#{integration_name}_ignore_match\") or \"\")}/i",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Channel::Filter::MonitoringBase",
- "method": "Channel::Filter::MonitoringBase.run"
- },
- "user_input": "Setting.get(\"#{integration_name}_ignore_match\")",
- "confidence": "Medium",
- "cwe_id": [
- 20,
- 185
- ],
- "note": "Admin configured RegExp"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "55248822583e32826f88a68e27568416fe1f101d83b02791c10296d2393b83a5",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/models/store/file.rb",
- "line": 32,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "\"Store::Provider::#{(Setting.get(\"storage_provider\") or \"DB\")}\".constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "File",
- "method": "s(:self).add"
- },
- "user_input": "Setting.get(\"storage_provider\")",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "Setting.get('storage_provider') returns defined Store::Provider backend class names"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "582df3b442a09879f0c035b50f6c4fce9aa8285c907737476f16004246c67bc6",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `safe_constantize` called on parameter value",
- "file": "app/controllers/tests_controller.rb",
- "line": 37,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "params.fetch(:exception, \"StandardError\").safe_constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "TestsController",
- "method": "error_raised_exception"
- },
- "user_input": "params.fetch(:exception, \"StandardError\")",
- "confidence": "High",
- "cwe_id": [
- 470
- ],
- "note": "Only for testing purposes"
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "6f9bc95786e5e3904c8cf11eaff8d481d057ac2a15edad0a753587047a9bd785",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/services/service/translation/search/collector/overview.rb",
- "line": 11,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "::Overview.where(\"name #{like_operator} :query\", :query => like_query)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Service::Translation::Search::Collector::Overview",
- "method": "search_sources"
- },
- "user_input": "like_operator",
- "confidence": "Weak",
- "cwe_id": [
- 89
- ],
- "note": ""
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "73999042c4866cd2effe286fdd6a74c51659bc4a5fc760d1b96d35bd11b2bcda",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "lib/transaction_dispatcher.rb",
- "line": 37,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "Setting.get(setting.name).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "TransactionDispatcher",
- "method": "s(:self).perform"
- },
- "user_input": "Setting.get(setting.name)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "Setting.where(area: 'Transaction::Backend::Sync').order(:name) returns defined Transaction backend class names"
- },
- {
- "warning_type": "Dangerous Send",
- "warning_code": 23,
- "fingerprint": "73f7454b7fdc88e0fb9cfc849b74006956a7a031836897a0b61d8d13dde94340",
- "check_name": "Send",
- "message": "User controlled method execution",
- "file": "app/controllers/channels_sms_controller.rb",
- "line": 48,
- "link": "https://brakemanscanner.org/docs/warning_types/dangerous_send/",
- "code": "Channel.driver_class(params[:options][:adapter]).new.send(params[:options], test_options)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "ChannelsSmsController",
- "method": "test"
- },
- "user_input": "params[:options]",
- "confidence": "High",
- "cwe_id": [
- 77
- ],
- "note": "Channel#send is a custom implementation"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "7541faf8d3249dc4ac24f9c354024614ae79b0d6cd4c057f034ea88be1154bf7",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "lib/application_lib.rb",
- "line": 26,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "Setting.get(setting).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "ApplicationLib::ClassMethods",
- "method": "load_adapter_by_setting"
- },
- "user_input": "Setting.get(setting)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "ApplicationLib.load_adapter_by_setting works as designed"
- },
- {
- "warning_type": "Denial of Service",
- "warning_code": 76,
- "fingerprint": "768e035d4bcb32ab79f5f747ccd5561d3c5f3a8ea74b2be08638d892be2249b2",
- "check_name": "RegexDoS",
- "message": "Model attribute used in regular expression",
- "file": "app/models/ticket/number/date.rb",
- "line": 49,
- "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
- "code": "/(?<=\\W|^)#{Regexp.quote(Setting.get(\"ticket_hook\"))}\\s{0,2}(\\d{4,10}#{(Setting.get(\"system_id\") or \"\")}\\d{2,40})\\b/i",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Ticket::Number::Date",
- "method": "Ticket::Number::Date.check"
- },
- "user_input": "Setting.get(\"system_id\")",
- "confidence": "Medium",
- "cwe_id": [
- 20,
- 185
- ],
- "note": "Admin configured RegExp"
- },
- {
- "warning_type": "SSL Verification Bypass",
- "warning_code": 71,
- "fingerprint": "7d088914c00f93dddb545ad9e567d59bf89dad493884b550ba72c014c0190011",
- "check_name": "SSLVerify",
- "message": "SSL certificate verification was bypassed",
- "file": "lib/user_agent.rb",
- "line": 363,
- "link": "https://brakemanscanner.org/docs/warning_types/ssl_verification_bypass/",
- "code": "(Net::HTTP.Proxy($1, $2, ((options[\"proxy_username\"] or Setting.get(\"proxy_username\")) or nil), ((options[\"proxy_password\"] or Setting.get(\"proxy_password\")) or nil)).new(uri.host, uri.port) or Net::HTTP.new(uri.host, uri.port)).verify_mode = OpenSSL::SSL::VERIFY_NONE",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "UserAgent",
- "method": "s(:self).get_http"
- },
- "user_input": null,
- "confidence": "High",
- "cwe_id": [
- 295
- ],
- "note": "SSL Verification can already be requested from callers. The default value should be switched to true at some point."
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "8374304b5866de51754c98208fc3dcd434bc20e02bd4c9713f6d35f831a0ddd7",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/models/pgp_key.rb",
- "line": 32,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "PGPKey.where(([\"#{SqlHelper.new(:object => (PGPKey)).array_contains_one(:email_addresses, uid.downcase)} OR (? LIKE domain_alias)\", SqlHelper.quote_like(uid.downcase)] or SqlHelper.new(:object => (PGPKey)).array_contains_one(:email_addresses, uid.downcase)))",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "PGPKey",
- "method": "PGPKey.find_all_by_uid"
- },
- "user_input": "SqlHelper.new(:object => (PGPKey)).array_contains_one(:email_addresses, uid.downcase)",
- "confidence": "Medium",
- "cwe_id": [
- 89
- ],
- "note": ""
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "8db3b4731daa1ef96c53729b2fca4cc91b47af058564f61cba24833aacaa55ae",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/jobs/transaction_job.rb",
- "line": 25,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "Setting.get(setting.name).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "TransactionJob",
- "method": "perform"
- },
- "user_input": "Setting.get(setting.name)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "Setting.where(area: 'Transaction::Backend::Async').order(:name) returns defined Transaction backend class names"
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "9385240f75935e7ed242f9b52cc9471bcbb907d1990a33ec083f303d951df563",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/models/taskbar/has_attachments.rb",
- "line": 7,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "where(\"state LIKE '%#{SqlHelper.quote_like(\"form_id\")}%'\")",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Taskbar::HasAttachments",
- "method": null
- },
- "user_input": "SqlHelper.quote_like(\"form_id\")",
- "confidence": "Medium",
- "cwe_id": [
- 89
- ],
- "note": ""
- },
- {
- "warning_type": "Denial of Service",
- "warning_code": 76,
- "fingerprint": "949570adfbda072b1fa14632a6d7a0e829a632c699339dce93e1ff109bf79786",
- "check_name": "RegexDoS",
- "message": "Model attribute used in regular expression",
- "file": "app/models/ticket/number/increment.rb",
- "line": 41,
- "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
- "code": "/(?<=\\W|^)#{Regexp.quote(Setting.get(\"ticket_hook\"))}#{Regexp.quote(Setting.get(\"ticket_hook_divider\").to_s)}(#{(\"\" or Setting.get(\"system_id\").to_s)}\\d{2,48})\\b/i",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Ticket::Number::Increment",
- "method": "Ticket::Number::Increment.check"
- },
- "user_input": "Setting.get(\"system_id\").to_s",
- "confidence": "Medium",
- "cwe_id": [
- 20,
- 185
- ],
- "note": "Admin configured RegExp"
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "9ec74dbe0ca90264aab31f05df4f0565f53e28477c93ced418e0249913c519fc",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/models/organization/search.rb",
- "line": 133,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "Organization.select(\"DISTINCT(organizations.id), #{::SqlHelper.new(:object => (self)).get_order_select(::SqlHelper.new(:object => (self)).get_sort_by(params, [\"active\", \"updated_at\"]), ::SqlHelper.new(:object => (self)).get_order_by(params, [\"desc\", \"desc\"]), \"organizations.updated_at\")}\")",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Organization",
- "method": "search"
- },
- "user_input": "::SqlHelper.new(:object => (self)).get_order_select(::SqlHelper.new(:object => (self)).get_sort_by(params, [\"active\", \"updated_at\"]), ::SqlHelper.new(:object => (self)).get_order_by(params, [\"desc\", \"desc\"]), \"organizations.updated_at\")",
- "confidence": "Medium",
- "cwe_id": [
- 89
- ],
- "note": "SqlHelper does properly escape table and column names."
- },
- {
- "warning_type": "Cross-Site Scripting",
- "warning_code": 2,
- "fingerprint": "a9e68e841f16226b94c736d272962dd57d02c2333ead2855f2494dfb2c994de7",
- "check_name": "CrossSiteScripting",
- "message": "Unescaped parameter value",
- "file": "app/views/knowledge_base/public/answers/show.html.erb",
- "line": 11,
- "link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
- "code": "prepare_rich_text(find_answer(find_category(params[:category]).answers, params[:answer]).translation.content.body_with_urls)",
- "render_path": [
- {
- "type": "controller",
- "class": "KnowledgeBase::Public::AnswersController",
- "method": "show",
- "line": 11,
- "file": "app/controllers/knowledge_base/public/answers_controller.rb",
- "rendered": {
- "name": "knowledge_base/public/answers/show",
- "file": "app/views/knowledge_base/public/answers/show.html.erb"
- }
- }
- ],
- "location": {
- "type": "template",
- "template": "knowledge_base/public/answers/show"
- },
- "user_input": "params[:category]",
- "confidence": "Weak",
- "cwe_id": [
- 79
- ],
- "note": ""
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "b4e5b1ad22930f849b12cbdf519dced6ec46b6cc653504f0a8e910c0a9590d61",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/models/object_manager/attribute.rb",
- "line": 924,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "ObjectLookup.by_id(object_lookup_id).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "ObjectManager::Attribute",
- "method": "check_name"
- },
- "user_input": "ObjectLookup.by_id(object_lookup_id)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "ObjectLookup.by_id works as designed"
- },
- {
- "warning_type": "Command Injection",
- "warning_code": 14,
- "fingerprint": "be422b13e9cd280bc5ae570cd575777a4d48d8a53aed09bb59d1db85eee4927b",
- "check_name": "Execute",
- "message": "Possible command injection",
- "file": "lib/mysql_strategy.rb",
- "line": 62,
- "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
- "code": "system(\"mysqldump #{mysql_arguments} > #{backup_file}\", :exception => true)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "MysqlStrategy",
- "method": "s(:self).backup"
- },
- "user_input": "mysql_arguments",
- "confidence": "Medium",
- "cwe_id": [
- 77
- ],
- "note": "Mysql arguments are internal / from config."
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "c3e251f444d988a200ae5c5e811dc7264337906df99740007bfa499c35e203c9",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/services/service/translation/search/collector/priority.rb",
- "line": 11,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "Ticket::Priority.where(\"name #{like_operator} :query\", :query => like_query)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Service::Translation::Search::Collector::Priority",
- "method": "search_sources"
- },
- "user_input": "like_operator",
- "confidence": "Medium",
- "cwe_id": [
- 89
- ],
- "note": ""
- },
- {
- "warning_type": "Command Injection",
- "warning_code": 14,
- "fingerprint": "c47bddc058fcf0381c1a91f2d107606a76bb1a5c40130c555ff1dfec713f2775",
- "check_name": "Execute",
- "message": "Possible command injection",
- "file": "lib/secure_mailing/pgp/tool/exec/agent.rb",
- "line": 32,
- "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
- "code": "Open3.capture3(\"GNUPGHOME\" => (@gnupg_home), *([\"#{File.dirname(binary_path)}/gpgconf\"] + cmdline), :binmode => true)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "SecureMailing::PGP::Tool::Exec::Agent",
- "method": "gpgconf"
- },
- "user_input": "File.dirname(binary_path)",
- "confidence": "Medium",
- "cwe_id": [
- 77
- ],
- "note": "gpg command line tool stuff."
- },
- {
- "warning_type": "Dynamic Render Path",
- "warning_code": 15,
- "fingerprint": "c52f57d32456c9ab6dba6dfc93bd8effa16829a87a9ce9368da83a35fc6cf1a7",
- "check_name": "Render",
- "message": "Render path contains parameter value",
- "file": "app/controllers/tests_controller.rb",
- "line": 13,
- "link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/",
- "code": "render(action => params[:name], {})",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "TestsController",
- "method": "show"
- },
- "user_input": "params[:name]",
- "confidence": "High",
- "cwe_id": [
- 22
- ],
- "note": "Running QUnit tests"
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "c686d86a18e1345c9216a074fb8cd86f1e4d4bc1f6d78c8f00891f4c13dfb849",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "app/services/service/translation/search/collector/state.rb",
- "line": 11,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "Ticket::State.where(\"name #{like_operator} :query\", :query => like_query)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Service::Translation::Search::Collector::State",
- "method": "search_sources"
- },
- "user_input": "like_operator",
- "confidence": "Medium",
- "cwe_id": [
- 89
- ],
- "note": ""
- },
- {
- "warning_type": "SSL Verification Bypass",
- "warning_code": 71,
- "fingerprint": "c7311ebfec11c51dead99054a31ec84773b4d0d4848c11a15801c439d35d2171",
- "check_name": "SSLVerify",
- "message": "SSL certificate verification was bypassed",
- "file": "app/controllers/integration/exchange_controller.rb",
- "line": 93,
- "link": "https://brakemanscanner.org/docs/warning_types/ssl_verification_bypass/",
- "code": "Autodiscover::Client.new(:email => params[:user], :password => params[:password]).http.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Integration::ExchangeController",
- "method": "autodiscover_basic_auth_check"
- },
- "user_input": null,
- "confidence": "High",
- "cwe_id": [
- 295
- ],
- "note": "Only if requester sends `:disable_ssl_verify` param"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "d48809837203098f7be4803f19b4f180f93361030bcf145560c65582d44f8edc",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/models/channel/email_parser.rb",
- "line": 159,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "Setting.get(setting.name).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Channel::EmailParser",
- "method": "_process"
- },
- "user_input": "Setting.get(setting.name)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "Setting.where(area: 'Postmaster::PreFilter').order(:name) returns defined postmaster backend class names"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "d48809837203098f7be4803f19b4f180f93361030bcf145560c65582d44f8edc",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/models/channel/email_parser.rb",
- "line": 324,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "Setting.get(setting.name).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Channel::EmailParser",
- "method": "_process"
- },
- "user_input": "Setting.get(setting.name)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": "Setting.where(area: 'Postmaster::PreFilter').order(:name) returns defined postmaster backend class names"
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "d5d1526bf7a888d1965405d0e3dc5c63f11fe2de47f9704c0e1717ee0410dd6b",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `safe_constantize` called on model attribute",
- "file": "app/models/online_notification.rb",
- "line": 38,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "ObjectLookup.by_id(object_lookup_id).safe_constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "OnlineNotification",
- "method": "related_object"
- },
- "user_input": "ObjectLookup.by_id(object_lookup_id)",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": ""
- },
- {
- "warning_type": "Denial of Service",
- "warning_code": 76,
- "fingerprint": "ea2a3af842a48c9ef4dc8d142abd56978baa4823a598d2a76dc8f840799d6967",
- "check_name": "RegexDoS",
- "message": "Model attribute used in regular expression",
- "file": "app/models/ticket/number/date.rb",
- "line": 44,
- "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/",
- "code": "/(?<=\\W|^)#{Regexp.quote(Setting.get(\"ticket_hook\"))}#{Regexp.quote((Setting.get(\"ticket_hook_divider\") or \"\"))}(\\d{4,10}#{(Setting.get(\"system_id\") or \"\")}\\d{2,40})\\b/i",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Ticket::Number::Date",
- "method": "Ticket::Number::Date.check"
- },
- "user_input": "Setting.get(\"system_id\")",
- "confidence": "Medium",
- "cwe_id": [
- 20,
- 185
- ],
- "note": "Admin configured RegExp"
- },
- {
- "warning_type": "Session Setting",
- "warning_code": 29,
- "fingerprint": "f0ee1cc1980474c82a013645508f002dcc801e00db5592f7dd8cd6bdb93c73fe",
- "check_name": "SessionSettings",
- "message": "Session secret should not be included in version control",
- "file": "config/secrets.yml",
- "line": 2,
- "link": "https://brakemanscanner.org/docs/warning_types/session_setting/",
- "code": null,
- "render_path": null,
- "location": null,
- "user_input": null,
- "confidence": "High",
- "cwe_id": [
- 798
- ],
- "note": "Since Sessions are stored in the database and not in cookies, the session secret is not used / not relevant.\""
- },
- {
- "warning_type": "Remote Code Execution",
- "warning_code": 24,
- "fingerprint": "fc299f57cedf226dc79a25c6bca84ceb85d5896a86820648d49c0e59d865575a",
- "check_name": "UnsafeReflection",
- "message": "Unsafe reflection method `constantize` called on model attribute",
- "file": "app/graphql/gql/resolvers/belongs_to_resolver.rb",
- "line": 18,
- "link": "https://brakemanscanner.org/docs/warning_types/remote_code_execution/",
- "code": "ObjectLookup.by_id(object.send(field.through_key)).constantize",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Gql::Resolvers::BelongsToResolver",
- "method": "target_object_klass"
- },
- "user_input": "ObjectLookup.by_id(object.send(field.through_key))",
- "confidence": "Medium",
- "cwe_id": [
- 470
- ],
- "note": ""
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "fcad47a712a324ace0e97560767e5420500df03fd3de3057198800bdea5fd324",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "lib/models.rb",
- "line": 172,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "model_class.where(\"#{reflection_value.name}_id\" => object_id)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Models",
- "method": "s(:self).references"
- },
- "user_input": "reflection_value.name",
- "confidence": "Weak",
- "cwe_id": [
- 89
- ],
- "note": "Reflections come from the models themselves and are thus safe to use."
- },
- {
- "warning_type": "SQL Injection",
- "warning_code": 0,
- "fingerprint": "fcad47a712a324ace0e97560767e5420500df03fd3de3057198800bdea5fd324",
- "check_name": "SQL",
- "message": "Possible SQL injection",
- "file": "lib/models.rb",
- "line": 185,
- "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
- "code": "model_class.where(\"#{reflection_value.name}_id\" => object_id)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "Models",
- "method": "s(:self).references"
- },
- "user_input": "reflection_value.name",
- "confidence": "Weak",
- "cwe_id": [
- 89
- ],
- "note": "Reflections come from the models themselves and are thus safe to use."
- },
- {
- "warning_type": "Command Injection",
- "warning_code": 14,
- "fingerprint": "fe15417756eed2c518c355309ee042b57df5f88a5410858dce3fa9fe9c893b84",
- "check_name": "Execute",
- "message": "Possible command injection",
- "file": "lib/mysql_strategy.rb",
- "line": 54,
- "link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
- "code": "system(\"mysql #{mysql_arguments} < #{backup_file}\", :exception => true)",
- "render_path": null,
- "location": {
- "type": "method",
- "class": "MysqlStrategy",
- "method": "s(:self).rollback"
- },
- "user_input": "mysql_arguments",
- "confidence": "Medium",
- "cwe_id": [
- 77
- ],
- "note": "Mysql arguments are internal / from config."
- }
- ],
- "updated": "2024-03-15 20:16:59 +0100",
- "brakeman_version": "6.1.2"
- }
|