Uploaded image for project: 'Apache Cordova'
  1. Apache Cordova
  2. CB-11899

Veracode security vulnerability: Exposed Dangerous method or Function

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Duplicate
    • None
    • None
    • cordova-js
    • None
    • Important

    Description

      In a recent veracode scan oof one of the mobile applications, we found a high level vulnerability in Cordova.

      Exposed Dangerous Method or Function (CWE ID 749)

      Description: The application provides an API or similar interface to a dangerous method or function that is not property restricted. Recommendation is to restrict the exposed API, or avoid using the classes that exhibit the behavior.

      Instances found during static scan: .../SystemWebViewEngine.java: 259

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. CB-11719 Security Issues found with SystemWebViewEngine in static code analysis with Veracode

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              jcesarmobile jcesarmobile
              ajaygupta0512 Ajay Gupta
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: