Code Security Report: 11 high severity findings, 16 total findings

[mend-for-github-com]

Code Security Report

Scan Metadata

Latest Scan: 2024-03-05 02:41am
Total Findings: 16 | New Findings: 16 | Resolved Findings: 16
Tested Project Files: 50
Detected Programming Languages: 1 (JavaScript / TypeScript*)

• Check this box to manually trigger a scan

Most Relevant Findings

The list below presents the 10 most relevant findings that need your attention. To view information on the remaining findings, navigate to the Mend Application.

Severity	Vulnerability Type	CWE	File	Data Flows	Date
High	Code Injection	CWE-94	contributions.js:33	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/routes/contributions.js Lines 28 to 33 in b6cc315 this.handleContributionsUpdate = (req, res, next) => { /*jslint evil: true */ // Insecure use of eval() to parse inputs const preTax = eval(req.body.preTax); const afterTax = eval(req.body.afterTax); 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 54 in b6cc315 app.post("/contributions", isLoggedIn, contributionsHandler.handleContributionsUpdate); NodeGoat/app/routes/contributions.js Line 28 in b6cc315 this.handleContributionsUpdate = (req, res, next) => { NodeGoat/app/routes/contributions.js Line 33 in b6cc315 const afterTax = eval(req.body.afterTax);
High	Code Injection	CWE-94	contributions.js:32	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/routes/contributions.js Lines 27 to 32 in b6cc315 this.handleContributionsUpdate = (req, res, next) => { /*jslint evil: true */ // Insecure use of eval() to parse inputs const preTax = eval(req.body.preTax); 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 54 in b6cc315 app.post("/contributions", isLoggedIn, contributionsHandler.handleContributionsUpdate); NodeGoat/app/routes/contributions.js Line 28 in b6cc315 this.handleContributionsUpdate = (req, res, next) => { NodeGoat/app/routes/contributions.js Line 32 in b6cc315 const preTax = eval(req.body.preTax);
High	Code Injection	CWE-94	error.js:10	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/routes/error.js Lines 5 to 10 in b6cc315 "use strict"; console.error(err.message); console.error(err.stack); res.status(500); res.render("error-template", { 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 97 in b6cc315 app.use(ErrorHandler); NodeGoat/app/routes/error.js Line 3 in b6cc315 const errorHandler = (err, req, res,next) => { NodeGoat/app/routes/error.js Line 11 in b6cc315 error: err NodeGoat/app/routes/error.js Line 10 in b6cc315 res.render("error-template", {
High	Code Injection	CWE-94	profile.js:65	7	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/routes/profile.js Lines 60 to 65 in b6cc315 // Allow only numbers with a suffix of the letter #, for example: 'XXXXXX#' const testComplyWithRequirements = regexPattern.test(bankRouting); // if the regex test fails we do not allow saving if (testComplyWithRequirements !== true) { const firstNameSafeString = firstName return res.render("profile", { 7 Data Flow/s detected View Data Flow 1 NodeGoat/app/routes/index.js Line 50 in b6cc315 app.post("/profile", isLoggedIn, profileHandler.handleProfileUpdate); NodeGoat/app/routes/profile.js Line 40 in b6cc315 this.handleProfileUpdate = (req, res, next) => { NodeGoat/app/routes/profile.js Line 45 in b6cc315 ssn, NodeGoat/app/routes/profile.js Line 69 in b6cc315 ssn, NodeGoat/app/routes/profile.js Line 65 in b6cc315 return res.render("profile", { View Data Flow 2 NodeGoat/app/routes/index.js Line 50 in b6cc315 app.post("/profile", isLoggedIn, profileHandler.handleProfileUpdate); NodeGoat/app/routes/profile.js Line 40 in b6cc315 this.handleProfileUpdate = (req, res, next) => { NodeGoat/app/routes/profile.js Line 44 in b6cc315 lastName, NodeGoat/app/routes/profile.js Line 68 in b6cc315 lastName, NodeGoat/app/routes/profile.js Line 65 in b6cc315 return res.render("profile", { View Data Flow 3 NodeGoat/app/routes/index.js Line 50 in b6cc315 app.post("/profile", isLoggedIn, profileHandler.handleProfileUpdate); NodeGoat/app/routes/profile.js Line 40 in b6cc315 this.handleProfileUpdate = (req, res, next) => { NodeGoat/app/routes/profile.js Line 46 in b6cc315 dob, NodeGoat/app/routes/profile.js Line 70 in b6cc315 dob, NodeGoat/app/routes/profile.js Line 65 in b6cc315 return res.render("profile", { View more Data Flows
High	Code Injection	CWE-94	contributions.js:34	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/routes/contributions.js Lines 29 to 34 in b6cc315 /*jslint evil: true */ // Insecure use of eval() to parse inputs const preTax = eval(req.body.preTax); const afterTax = eval(req.body.afterTax); const roth = eval(req.body.roth); 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 54 in b6cc315 app.post("/contributions", isLoggedIn, contributionsHandler.handleContributionsUpdate); NodeGoat/app/routes/contributions.js Line 28 in b6cc315 this.handleContributionsUpdate = (req, res, next) => { NodeGoat/app/routes/contributions.js Line 34 in b6cc315 const roth = eval(req.body.roth);
High	Path/Directory Traversal	CWE-22	index.js:88	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/routes/index.js Lines 83 to 88 in b6cc315 app.get("/tutorial/:page", (req, res) => { const { page } = req.params return res.render(`tutorial/${page}`, { 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 84 in b6cc315 app.get("/tutorial/:page", (req, res) => { NodeGoat/app/routes/index.js Line 86 in b6cc315 page NodeGoat/app/routes/index.js Line 88 in b6cc315 return res.render(`tutorial/${page}`, {
High	NoSQL Injection	CWE-943	user-dao.js:91	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/data/user-dao.js Lines 86 to 91 in b6cc315 noSuchUserError.noSuchUser = true; callback(noSuchUserError, null); } } usersCol.findOne({ 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 36 in b6cc315 app.post("/login", sessionHandler.handleLoginRequest); NodeGoat/app/routes/session.js Line 51 in b6cc315 this.handleLoginRequest = (req, res, next) => { NodeGoat/app/routes/session.js Line 53 in b6cc315 userName, NodeGoat/app/routes/session.js Line 56 in b6cc315 userDAO.validateLogin(userName, password, (err, user) => { NodeGoat/app/data/user-dao.js Line 57 in b6cc315 this.validateLogin = (userName, password, callback) => { NodeGoat/app/data/user-dao.js Line 92 in b6cc315 userName: userName NodeGoat/app/data/user-dao.js Line 91 in b6cc315 usersCol.findOne({
High	NoSQL Injection	CWE-943	memos-dao.js:23	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/data/memos-dao.js Lines 18 to 23 in b6cc315 const memos = { memo, timestamp: new Date() }; memosCol.insert(memos, (err, result) => !err ? callback(null, result) : callback(err, null)); 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 69 in b6cc315 app.post("/memos", isLoggedIn, memosHandler.addMemos); NodeGoat/app/routes/memos.js Line 11 in b6cc315 this.addMemos = (req, res, next) => { NodeGoat/app/routes/memos.js Line 13 in b6cc315 memosDAO.insert(req.body.memo, (err, docs) => { NodeGoat/app/data/memos-dao.js Line 15 in b6cc315 this.insert = (memo, callback) => { NodeGoat/app/data/memos-dao.js Line 19 in b6cc315 memo, NodeGoat/app/data/memos-dao.js Line 23 in b6cc315 memosCol.insert(memos, (err, result) => !err ? callback(null, result) : callback(err, null));
High	Server Side Request Forgery	CWE-918	research.js:16	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/routes/research.js Lines 11 to 16 in b6cc315 this.displayResearch = (req, res) => { if (req.query.symbol) { const url = req.query.url + req.query.symbol; return needle.get(url, (error, newResponse, body) => { 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 94 in b6cc315 app.get("/research", isLoggedIn, researchHandler.displayResearch); NodeGoat/app/routes/research.js Line 12 in b6cc315 this.displayResearch = (req, res) => { NodeGoat/app/routes/research.js Line 15 in b6cc315 const url = req.query.url + req.query.symbol; NodeGoat/app/routes/research.js Line 16 in b6cc315 return needle.get(url, (error, newResponse, body) => {
High	NoSQL Injection	CWE-943	user-dao.js:104	1	2024-03-05 02:41am
Vulnerable Code NodeGoat/app/data/user-dao.js Lines 99 to 104 in b6cc315 _id: parseInt(userId) }, callback); }; this.getUserByUserName = (userName, callback) => { usersCol.findOne({ 1 Data Flow/s detected NodeGoat/app/routes/index.js Line 40 in b6cc315 app.post("/signup", sessionHandler.handleSignup); NodeGoat/app/routes/session.js Line 183 in b6cc315 this.handleSignup = (req, res, next) => { NodeGoat/app/routes/session.js Line 187 in b6cc315 userName, NodeGoat/app/routes/session.js Line 200 in b6cc315 if (validateSignup(userName, firstName, lastName, password, verify, email, errors)) { NodeGoat/app/routes/session.js Line 132 in b6cc315 const validateSignup = (userName, firstName, lastName, password, verify, email, errors) => { NodeGoat/app/routes/session.js Line 200 in b6cc315 if (validateSignup(userName, firstName, lastName, password, verify, email, errors)) { NodeGoat/app/routes/session.js Line 202 in b6cc315 userDAO.getUserByUserName(userName, (err, user) => { NodeGoat/app/data/user-dao.js Line 103 in b6cc315 this.getUserByUserName = (userName, callback) => { NodeGoat/app/data/user-dao.js Line 105 in b6cc315 userName: userName NodeGoat/app/data/user-dao.js Line 104 in b6cc315 usersCol.findOne({

Findings Overview

Severity	Vulnerability Type	CWE	Language	Count
High	Server Side Request Forgery	CWE-918	JavaScript / TypeScript*	1
High	NoSQL Injection	CWE-943	JavaScript / TypeScript*	4
High	Path/Directory Traversal	CWE-22	JavaScript / TypeScript*	1
High	Code Injection	CWE-94	JavaScript / TypeScript*	5
Medium	Regex Denial of Service (ReDoS)	CWE-1333	JavaScript / TypeScript*	1
Low	Log Forging	CWE-117	JavaScript / TypeScript*	2
Low	Sensitive Cookie Without Secure	CWE-614	JavaScript / TypeScript*	1
Low	Unvalidated/Open Redirect	CWE-601	JavaScript / TypeScript*	1