CX Jailbrake_File_Referenced_By_Name @ iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift [master]

tsunez commented 3 years ago

Jailbrake_File_Referenced_By_Name issue exists @ iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift in branch master

A method write:options:error: at line 30 of iGoat-Swift\iGoat-Swift\Source\Exercises\Key Management\Hard Coded Keys\BrokenCryptographyExerciseVC.swift accessing a file by filename.

Severity: Low

CWE:668

Vulnerability details and guidance

Checkmarx

Recommended Fix

Lines: [40](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L40)

[Code (Line #40):](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L40)

        try? encryptedData?.write(to: url, options: .atomic)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 3 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

Custodela / iGoat-Swift

CX Jailbrake_File_Referenced_By_Name @ iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift [master] #81

SUMMARY

SUMMARY