Support
API docs
Product updates Sign up for free

Swift rules

Rule (1) Path Traversal

CWE (23) Relative Path Traversal

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A01:2021 - Broken Access Control

Rule (2) Command Injection

CWE (78) Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A03:2021 - Injection

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (3) Cross-site Scripting (XSS)

CWE (79) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A03:2021 - Injection

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (4) SQL Injection

CWE (89) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A03:2021 - Injection

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (5) Code Injection

CWE (94) Improper Control of Generation of Code ('Code Injection')

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A03:2021 - Injection

Rule (6) Clear Text Logging

CWE (200, 312) Exposure of Sensitive Information to an Unauthorized Actor, Cleartext Storage of Sensitive Information

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A01:2021 - Broken Access Control

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A04:2021 - Insecure Design

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (7) Information Exposure

CWE (200) Exposure of Sensitive Information to an Unauthorized Actor

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A01:2021 - Broken Access Control

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (8) Use of Hardcoded Credentials

CWE (259, 798) Use of Hard-coded Password, Use of Hard-coded Credentials

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A07:2021 - Identification and Authentication Failures

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (9) Device Authentication Bypass

CWE (287) Improper Authentication

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A07:2021 - Identification and Authentication Failures

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (10) Improper Certificate Validation

CWE (295) Improper Certificate Validation

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A07:2021 - Identification and Authentication Failures

Rule (11) Inadequate Encryption Strength

CWE (326) Inadequate Encryption Strength

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures

Rule (12) Use of a Broken or Risky Cryptographic Algorithm

CWE (327) Use of a Broken or Risky Cryptographic Algorithm

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures

Rule (13) Use of Insufficiently Random Values

CWE (330) Use of Insufficiently Random Values

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures

Rule (14) Insecure Deserialization

CWE (502) Deserialization of Untrusted Data

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A08:2021 - Software and Data Integrity Failures

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (15) Hardcoded Secret

CWE (547) Use of Hard-coded, Security-relevant Constants

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A05:2021 - Security Misconfiguration

Rule (16) XML External Entity (XXE) Injection

CWE (611) Improper Restriction of XML External Entity Reference

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A05:2021 - Security Misconfiguration

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (17) Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

CWE (614) Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A05:2021 - Security Misconfiguration

Rule (18) Memory Corruption

CWE (822) Untrusted Pointer Dereference

Rule (19) Use of Password Hash With Insufficient Computational Effort

CWE (916) Use of Password Hash With Insufficient Computational Effort

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures

Rule (20) Server-Side Request Forgery (SSRF)

CWE (918) Server-Side Request Forgery (SSRF)

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A10:2021 - Server-Side Request Forgery (SSRF)

OWASP Top 10/SANS 25: SANS/CWE Top 25

Rule (21) Insecure Data Storage

CWE (922) Insecure Storage of Sensitive Information

OWASP Top 10/SANS 25: OWASP Top Ten 2021 Category A01:2021 - Broken Access Control

PreviousScala rulesNextVisual Basic rules

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.