Implement DevSecOps4 page with GHAS 4.0 features and intentional security vulnerabilities #98
19 new alerts including 5 high severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 5 high
Other Alerts:
- 3 warnings
- 11 notes
See annotations below for details.
Annotations
Check notice on line 38 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Inefficient use of ContainsKey Note
Check failure on line 39 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check notice on line 49 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Inefficient use of ContainsKey Note
Check failure on line 52 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Denial of Service from comparison of user input against expensive regex High
Check failure on line 53 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check notice on line 59 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check failure on line 58 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check notice on line 69 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Inefficient use of ContainsKey Note
Check failure on line 71 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Log entries created from user input High
Check notice on line 76 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check warning on line 102 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Useless assignment to local variable Warning
Check warning on line 110 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Useless assignment to local variable Warning
Check notice on line 117 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check warning on line 143 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Useless assignment to local variable Warning
Check notice on line 157 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check notice on line 181 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check notice on line 206 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note
Check notice on line 215 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Call to System.IO.Path.Combine Note
Check notice on line 227 in src/webapp01/Pages/DevSecOps4.cshtml.cs
Code scanning / CodeQL
Generic catch clause Note