cx_result.sarif

{"$schema":"https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json","version":"2.1.0","runs":[{"tool":{"driver":{"name":"Checkmarx One","version":"1.0","informationUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","rules":[{"id":"a9228976-10cf-4b5f-b902-9e962aad037a [Taken from query_id] (kics)","name":"Type Has Invalid Keyword (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Schema Object define type should not use a keyword of another type Value: Keyword uniqueItems is not valid for type string Excepted value: There shouldn't be any invalid keywords","markdown":"Schema Object define type should not use a keyword of another type \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Keyword uniqueItems is not valid for type string \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e There shouldn't be any invalid keywords"},"fullDescription":{"text":"Schema Object define type should not use a keyword of another type Value: Keyword uniqueItems is not valid for type string Excepted value: There shouldn't be any invalid keywords"},"properties":{"security-severity":"3.5","name":"Type Has Invalid Keyword (v3)","id":"a9228976-10cf-4b5f-b902-9e962aad037a [Taken from query_id] (kics)","description":"Schema Object define type should not use a keyword of another type Value: Keyword uniqueItems is not valid for type string Excepted value: There shouldn't be any invalid keywords","tags":["security","checkmarx","kics"]}},{"id":"d172a060-8569-4412-8045-3560ebd477e8 [Taken from query_id] (kics)","name":"Object Without Required Property (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"OpenAPI Object should contain all of its required fields Value: tags is missing required fields Excepted value: tags has all required fields","markdown":"OpenAPI Object should contain all of its required fields \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e tags is missing required fields \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e tags has all required fields"},"fullDescription":{"text":"OpenAPI Object should contain all of its required fields Value: tags is missing required fields Excepted value: tags has all required fields"},"properties":{"security-severity":"3.5","name":"Object Without Required Property (v3)","id":"d172a060-8569-4412-8045-3560ebd477e8 [Taken from query_id] (kics)","description":"OpenAPI Object should contain all of its required fields Value: tags is missing required fields Excepted value: tags has all required fields","tags":["security","checkmarx","kics"]}},{"id":"5915c20f-dffa-4cee-b5d4-f457ddc0151a [Taken from query_id] (kics)","name":"Empty Array","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"All array fields should not be empty Value: The array is empty Excepted value: The array should not be empty","markdown":"All array fields should not be empty \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e The array is empty \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e The array should not be empty"},"fullDescription":{"text":"All array fields should not be empty Value: The array is empty Excepted value: The array should not be empty"},"properties":{"security-severity":"3.5","name":"Empty Array","id":"5915c20f-dffa-4cee-b5d4-f457ddc0151a [Taken from query_id] (kics)","description":"All array fields should not be empty Value: The array is empty Excepted value: The array should not be empty","tags":["security","checkmarx","kics"]}},{"id":"a0bf7382-5d5a-4224-924c-3db8466026c9 [Taken from query_id] (kics)","name":"Server URL Not Absolute","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The Server URL should be an absolute URL Value: servers.{{0}}.url does not have an absolute URL Excepted value: servers.{{0}}.url has an absolute URL","markdown":"The Server URL should be an absolute URL \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e servers.{{0}}.url does not have an absolute URL \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e servers.{{0}}.url has an absolute URL"},"fullDescription":{"text":"The Server URL should be an absolute URL Value: servers.{{0}}.url does not have an absolute URL Excepted value: servers.{{0}}.url has an absolute URL"},"properties":{"security-severity":"3.5","name":"Server URL Not Absolute","id":"a0bf7382-5d5a-4224-924c-3db8466026c9 [Taken from query_id] (kics)","description":"The Server URL should be an absolute URL Value: servers.{{0}}.url does not have an absolute URL Excepted value: servers.{{0}}.url has an absolute URL","tags":["security","checkmarx","kics"]}},{"id":"ae9c56a6-3ed1-4ac0-9b54-31267f51151d [Taken from query_id] (kics)","name":"Apk Add Using Local Cache Path","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"When installing packages, use the '--no-cache' switch to avoid the need to use '--update' and remove '/var/cache/apk/*' Value: 'RUN' contains 'apk add' command without '--no-cache' switch Excepted value: 'RUN' should not contain 'apk add' command without '--no-cache' switch","markdown":"When installing packages, use the '--no-cache' switch to avoid the need to use '--update' and remove '/var/cache/apk/*' \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 'RUN' contains 'apk add' command without '--no-cache' switch \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 'RUN' should not contain 'apk add' command without '--no-cache' switch"},"fullDescription":{"text":"When installing packages, use the '--no-cache' switch to avoid the need to use '--update' and remove '/var/cache/apk/*' Value: 'RUN' contains 'apk add' command without '--no-cache' switch Excepted value: 'RUN' should not contain 'apk add' command without '--no-cache' switch"},"properties":{"security-severity":"3.5","name":"Apk Add Using Local Cache Path","id":"ae9c56a6-3ed1-4ac0-9b54-31267f51151d [Taken from query_id] (kics)","description":"When installing packages, use the '--no-cache' switch to avoid the need to use '--update' and remove '/var/cache/apk/*' Value: 'RUN' contains 'apk add' command without '--no-cache' switch Excepted value: 'RUN' should not contain 'apk add' command without '--no-cache' switch","tags":["security","checkmarx","kics"]}},{"id":"2783517675732844652 (sast)","name":"Use Of Hardcoded Password","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The application uses the hard-coded password @SourceElement for authentication purposes, either using it to verify users' identities, or to access another remote system. This password at line @SourceLine of @SourceFile appears in the code, implying it is accessible to anyone with source code access, and cannot be changed without rebuilding the application.\n\n","markdown":"The application uses the hard-coded password @SourceElement for authentication purposes, either using it to verify users' identities, or to access another remote system. This password at line @SourceLine of @SourceFile appears in the code, implying it is accessible to anyone with source code access, and cannot be changed without rebuilding the application.\n\n"},"fullDescription":{"text":"The application uses the hard-coded password @SourceElement for authentication purposes, either using it to verify users' identities, or to access another remote system. This password at line @SourceLine of @SourceFile appears in the code, implying it is accessible to anyone with source code access, and cannot be changed without rebuilding the application.\n\n"},"properties":{"security-severity":"6.5","name":"Use Of Hardcoded Password","id":"2783517675732844652 (sast)","description":"The application uses the hard-coded password @SourceElement for authentication purposes, either using it to verify users' identities, or to access another remote system. This password at line @SourceLine of @SourceFile appears in the code, implying it is accessible to anyone with source code access, and cannot be changed without rebuilding the application.\n\n","tags":["security","checkmarx","sast"]}},{"id":"2211341642471709656 (sast)","name":"Angular Usage of Unsafe DOM Sanitizer","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Usage of an unsafe class @DestinationElement, which overrides output sanitization, was found at @DestinationFile in line @DestinationLine.","markdown":"Usage of an unsafe class @DestinationElement, which overrides output sanitization, was found at @DestinationFile in line @DestinationLine."},"fullDescription":{"text":"Usage of an unsafe class @DestinationElement, which overrides output sanitization, was found at @DestinationFile in line @DestinationLine."},"properties":{"security-severity":"6.5","name":"Angular Usage of Unsafe DOM Sanitizer","id":"2211341642471709656 (sast)","description":"Usage of an unsafe class @DestinationElement, which overrides output sanitization, was found at @DestinationFile in line @DestinationLine.","tags":["security","checkmarx","sast"]}},{"id":"3455652598283285801 (sast)","name":"Client Hardcoded Domain","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The JavaScript file imported in @SourceElement in @SourceFile at line @SourceLine is from a remote domain, which may allow attackers to replace its contents with malicious code.","markdown":"The JavaScript file imported in @SourceElement in @SourceFile at line @SourceLine is from a remote domain, which may allow attackers to replace its contents with malicious code."},"fullDescription":{"text":"The JavaScript file imported in @SourceElement in @SourceFile at line @SourceLine is from a remote domain, which may allow attackers to replace its contents with malicious code."},"properties":{"security-severity":"6.5","name":"Client Hardcoded Domain","id":"3455652598283285801 (sast)","description":"The JavaScript file imported in @SourceElement in @SourceFile at line @SourceLine is from a remote domain, which may allow attackers to replace its contents with malicious code.","tags":["security","checkmarx","sast"]}},{"id":"Cxda14f253-4e52 (sca)","name":"Cxda14f2534e52","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package `bluebird` is vulnerable to memory leak, when running the function longStackTraces() with the flag `--expose_gc`. This causes a significant increase in the memory usage, affecting the server's availability.","markdown":"The package `bluebird` is vulnerable to memory leak, when running the function longStackTraces() with the flag `--expose_gc`. This causes a significant increase in the memory usage, affecting the server's availability."},"fullDescription":{"text":"The package `bluebird` is vulnerable to memory leak, when running the function longStackTraces() with the flag `--expose_gc`. This causes a significant increase in the memory usage, affecting the server's availability."},"properties":{"security-severity":"6.5","name":"Cxda14f2534e52","id":"Cxda14f253-4e52 (sca)","description":"The package `bluebird` is vulnerable to memory leak, when running the function longStackTraces() with the flag `--expose_gc`. This causes a significant increase in the memory usage, affecting the server's availability.","tags":["security","checkmarx","sca"]}},{"id":"aa93e17f-b6db-4162-9334-c70334e7ac28 [Taken from query_id] (kics)","name":"Chown Flag Exists","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"It is considered a best practice for every executable in a container to be owned by the root user even if it is executed by a non-root user, only execution permissions are required on the file, not ownership Value: The 'Dockerfile' contains the 'chown' flag Excepted value: The 'Dockerfile' shouldn´t contain the 'chown' flag","markdown":"It is considered a best practice for every executable in a container to be owned by the root user even if it is executed by a non-root user, only execution permissions are required on the file, not ownership \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e The 'Dockerfile' contains the 'chown' flag \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e The 'Dockerfile' shouldn´t contain the 'chown' flag"},"fullDescription":{"text":"It is considered a best practice for every executable in a container to be owned by the root user even if it is executed by a non-root user, only execution permissions are required on the file, not ownership Value: The 'Dockerfile' contains the 'chown' flag Excepted value: The 'Dockerfile' shouldn´t contain the 'chown' flag"},"properties":{"security-severity":"6.5","name":"Chown Flag Exists","id":"aa93e17f-b6db-4162-9334-c70334e7ac28 [Taken from query_id] (kics)","description":"It is considered a best practice for every executable in a container to be owned by the root user even if it is executed by a non-root user, only execution permissions are required on the file, not ownership Value: The 'Dockerfile' contains the 'chown' flag Excepted value: The 'Dockerfile' shouldn´t contain the 'chown' flag","tags":["security","checkmarx","kics"]}},{"id":"ce76b7d0-9e77-464d-b86f-c5c48e03e22d [Taken from query_id] (kics)","name":"Container Capabilities Unrestricted","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well. Value: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities. Excepted value: Docker compose file to have 'cap_drop' attribute","markdown":"Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities. \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Docker compose file to have 'cap_drop' attribute"},"fullDescription":{"text":"Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well. Value: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities. Excepted value: Docker compose file to have 'cap_drop' attribute"},"properties":{"security-severity":"6.5","name":"Container Capabilities Unrestricted","id":"ce76b7d0-9e77-464d-b86f-c5c48e03e22d [Taken from query_id] (kics)","description":"Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well. Value: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities. Excepted value: Docker compose file to have 'cap_drop' attribute","tags":["security","checkmarx","kics"]}},{"id":"6b610c50-99fb-4ef0-a5f3-e312fd945bc3 [Taken from query_id] (kics)","name":"Cpus Not Limited","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests Value: 'deploy' is not defined Excepted value: 'deploy.resources.limits.cpus' should be defined","markdown":"CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 'deploy' is not defined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 'deploy.resources.limits.cpus' should be defined"},"fullDescription":{"text":"CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests Value: 'deploy' is not defined Excepted value: 'deploy.resources.limits.cpus' should be defined"},"properties":{"security-severity":"6.5","name":"Cpus Not Limited","id":"6b610c50-99fb-4ef0-a5f3-e312fd945bc3 [Taken from query_id] (kics)","description":"CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests Value: 'deploy' is not defined Excepted value: 'deploy.resources.limits.cpus' should be defined","tags":["security","checkmarx","kics"]}},{"id":"729519850006803664 (sast)","name":"Missing CSP Header","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A Content Security Policy is not explicitly defined within the web-application.\n\n","markdown":"A Content Security Policy is not explicitly defined within the web-application.\n\n"},"fullDescription":{"text":"A Content Security Policy is not explicitly defined within the web-application.\n\n"},"properties":{"security-severity":"6.5","name":"Missing CSP Header","id":"729519850006803664 (sast)","description":"A Content Security Policy is not explicitly defined within the web-application.\n\n","tags":["security","checkmarx","sast"]}},{"id":"b03a748a-542d-44f4-bb86-9199ab4fd2d5 [Taken from query_id] (kics)","name":"Healthcheck Instruction Missing","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working Value: Dockerfile doesn't contain instruction 'HEALTHCHECK' Excepted value: Dockerfile should contain instruction 'HEALTHCHECK'","markdown":"Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Dockerfile doesn't contain instruction 'HEALTHCHECK' \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Dockerfile should contain instruction 'HEALTHCHECK'"},"fullDescription":{"text":"Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working Value: Dockerfile doesn't contain instruction 'HEALTHCHECK' Excepted value: Dockerfile should contain instruction 'HEALTHCHECK'"},"properties":{"security-severity":"6.5","name":"Healthcheck Instruction Missing","id":"b03a748a-542d-44f4-bb86-9199ab4fd2d5 [Taken from query_id] (kics)","description":"Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working Value: Dockerfile doesn't contain instruction 'HEALTHCHECK' Excepted value: Dockerfile should contain instruction 'HEALTHCHECK'","tags":["security","checkmarx","kics"]}},{"id":"11100132039797172543 (sast)","name":"Client DOM Open Redirect","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n","markdown":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n"},"fullDescription":{"text":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n"},"properties":{"security-severity":"6.5","name":"Client DOM Open Redirect","id":"11100132039797172543 (sast)","description":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n","tags":["security","checkmarx","sast"]}},{"id":"6215771209953606521 (sast)","name":"Client Weak Cryptographic Hash","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The application employs weak hashing in @DestinationElement at @DestinationFile in line @DestinationLine.\n\n","markdown":"The application employs weak hashing in @DestinationElement at @DestinationFile in line @DestinationLine.\n\n"},"fullDescription":{"text":"The application employs weak hashing in @DestinationElement at @DestinationFile in line @DestinationLine.\n\n"},"properties":{"security-severity":"6.5","name":"Client Weak Cryptographic Hash","id":"6215771209953606521 (sast)","description":"The application employs weak hashing in @DestinationElement at @DestinationFile in line @DestinationLine.\n\n","tags":["security","checkmarx","sast"]}},{"id":"1110909642375850288 (sast)","name":"Open Redirect","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n","markdown":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n"},"fullDescription":{"text":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n"},"properties":{"security-severity":"6.5","name":"Open Redirect","id":"1110909642375850288 (sast)","description":"The potentially tainted value provided by @SourceElement in @SourceFile at line @SourceLine is used as a destination URL by @DestinationElement in @DestinationFile at line @DestinationLine, potentially allowing attackers to perform an open redirection.\n\n","tags":["security","checkmarx","sast"]}},{"id":"17155209939029667221 (sast)","name":"Unsafe Use Of Target blank","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Using @SourceElement at line @SourceLine of @SourceFile, without correctly setting the \"rel\" attribute, or disassociating the new window from its parent, is an unsafe way of opening a new window.","markdown":"Using @SourceElement at line @SourceLine of @SourceFile, without correctly setting the \"rel\" attribute, or disassociating the new window from its parent, is an unsafe way of opening a new window."},"fullDescription":{"text":"Using @SourceElement at line @SourceLine of @SourceFile, without correctly setting the \"rel\" attribute, or disassociating the new window from its parent, is an unsafe way of opening a new window."},"properties":{"security-severity":"6.5","name":"Unsafe Use Of Target blank","id":"17155209939029667221 (sast)","description":"Using @SourceElement at line @SourceLine of @SourceFile, without correctly setting the \"rel\" attribute, or disassociating the new window from its parent, is an unsafe way of opening a new window.","tags":["security","checkmarx","sast"]}},{"id":"9800224272094099502 (sast)","name":"Unprotected Cookie","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The web application's @SourceMethod method creates a cookie @SourceElement, at line @SourceLine of @SourceFile, and returns it in the response. However, the application is not configured to automatically set the cookie with the \"httpOnly\" attribute, and the code does not explicitly add this to the cookie.\n\n","markdown":"The web application's @SourceMethod method creates a cookie @SourceElement, at line @SourceLine of @SourceFile, and returns it in the response. However, the application is not configured to automatically set the cookie with the \"httpOnly\" attribute, and the code does not explicitly add this to the cookie.\n\n"},"fullDescription":{"text":"The web application's @SourceMethod method creates a cookie @SourceElement, at line @SourceLine of @SourceFile, and returns it in the response. However, the application is not configured to automatically set the cookie with the \"httpOnly\" attribute, and the code does not explicitly add this to the cookie.\n\n"},"properties":{"security-severity":"6.5","name":"Unprotected Cookie","id":"9800224272094099502 (sast)","description":"The web application's @SourceMethod method creates a cookie @SourceElement, at line @SourceLine of @SourceFile, and returns it in the response. However, the application is not configured to automatically set the cookie with the \"httpOnly\" attribute, and the code does not explicitly add this to the cookie.\n\n","tags":["security","checkmarx","sast"]}},{"id":"16841165964473079218 (sast)","name":"Use of Broken or Risky Cryptographic Algorithm","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"In @SourceMethod, the application protects sensitive data using a cryptographic algorithm, @SourceElement, that is considered weak or even trivially broken, in @SourceFile at line @SourceLine.\n\n","markdown":"In @SourceMethod, the application protects sensitive data using a cryptographic algorithm, @SourceElement, that is considered weak or even trivially broken, in @SourceFile at line @SourceLine.\n\n"},"fullDescription":{"text":"In @SourceMethod, the application protects sensitive data using a cryptographic algorithm, @SourceElement, that is considered weak or even trivially broken, in @SourceFile at line @SourceLine.\n\n"},"properties":{"security-severity":"6.5","name":"Use of Broken or Risky Cryptographic Algorithm","id":"16841165964473079218 (sast)","description":"In @SourceMethod, the application protects sensitive data using a cryptographic algorithm, @SourceElement, that is considered weak or even trivially broken, in @SourceFile at line @SourceLine.\n\n","tags":["security","checkmarx","sast"]}},{"id":"2526234764757185080 (sast)","name":"Client Privacy Violation","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n","markdown":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n"},"fullDescription":{"text":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n"},"properties":{"security-severity":"8.5","name":"Client Privacy Violation","id":"2526234764757185080 (sast)","description":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n","tags":["security","checkmarx","sast"]}},{"id":"9f88c88d-824d-4d9a-b985-e22977046042 [Taken from query_id] (kics)","name":"Additional Properties Too Permissive","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Objects should not accept 'additionalProperties' if it is possible Value: 'additionalProperties' is not set Excepted value: 'additionalProperties' should be set to true","markdown":"Objects should not accept 'additionalProperties' if it is possible \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 'additionalProperties' is not set \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 'additionalProperties' should be set to true"},"fullDescription":{"text":"Objects should not accept 'additionalProperties' if it is possible Value: 'additionalProperties' is not set Excepted value: 'additionalProperties' should be set to true"},"properties":{"security-severity":"8.5","name":"Additional Properties Too Permissive","id":"9f88c88d-824d-4d9a-b985-e22977046042 [Taken from query_id] (kics)","description":"Objects should not accept 'additionalProperties' if it is possible Value: 'additionalProperties' is not set Excepted value: 'additionalProperties' should be set to true","tags":["security","checkmarx","kics"]}},{"id":"86e3702f-c868-44b2-b61d-ea5316c18110 [Taken from query_id] (kics)","name":"Default Response Undefined On Operations (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Operations responses should have a default response defined Value: Default field is not defined on responses Excepted value: Default field should be defined on responses","markdown":"Operations responses should have a default response defined \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Default field is not defined on responses \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Default field should be defined on responses"},"fullDescription":{"text":"Operations responses should have a default response defined Value: Default field is not defined on responses Excepted value: Default field should be defined on responses"},"properties":{"security-severity":"8.5","name":"Default Response Undefined On Operations (v3)","id":"86e3702f-c868-44b2-b61d-ea5316c18110 [Taken from query_id] (kics)","description":"Operations responses should have a default response defined Value: Default field is not defined on responses Excepted value: Default field should be defined on responses","tags":["security","checkmarx","kics"]}},{"id":"2d8c175a-6d90-412b-8b0e-e034ea49a1fe [Taken from query_id] (kics)","name":"Global Server Object Uses HTTP","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Global server object URL should use 'https' protocol instead of 'http' Value: Global servers' URL are not using HTTPS protocol Excepted value: Global servers' URL should use HTTPS protocol","markdown":"Global server object URL should use 'https' protocol instead of 'http' \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Global servers' URL are not using HTTPS protocol \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Global servers' URL should use HTTPS protocol"},"fullDescription":{"text":"Global server object URL should use 'https' protocol instead of 'http' Value: Global servers' URL are not using HTTPS protocol Excepted value: Global servers' URL should use HTTPS protocol"},"properties":{"security-severity":"8.5","name":"Global Server Object Uses HTTP","id":"2d8c175a-6d90-412b-8b0e-e034ea49a1fe [Taken from query_id] (kics)","description":"Global server object URL should use 'https' protocol instead of 'http' Value: Global servers' URL are not using HTTPS protocol Excepted value: Global servers' URL should use HTTPS protocol","tags":["security","checkmarx","kics"]}},{"id":"698ed579-b239-4f8f-a388-baa4bcb13ef8 [Taken from query_id] (kics)","name":"Healthcheck Not Set","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Check containers periodically to see if they are running properly. Value: Healthcheck is not defined. Excepted value: Healthcheck should be defined.","markdown":"Check containers periodically to see if they are running properly. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Healthcheck is not defined. \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Healthcheck should be defined."},"fullDescription":{"text":"Check containers periodically to see if they are running properly. Value: Healthcheck is not defined. Excepted value: Healthcheck should be defined."},"properties":{"security-severity":"8.5","name":"Healthcheck Not Set","id":"698ed579-b239-4f8f-a388-baa4bcb13ef8 [Taken from query_id] (kics)","description":"Check containers periodically to see if they are running properly. Value: Healthcheck is not defined. Excepted value: Healthcheck should be defined.","tags":["security","checkmarx","kics"]}},{"id":"4f31dd9f-2cc3-4751-9b53-67e4af83dac0 [Taken from query_id] (kics)","name":"Host Namespace is Shared","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The hosts process namespace should not be shared by containers Value: There is no pid declared Excepted value: There shouldn't be a pid mode declared","markdown":"The hosts process namespace should not be shared by containers \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e There is no pid declared \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e There shouldn't be a pid mode declared"},"fullDescription":{"text":"The hosts process namespace should not be shared by containers Value: There is no pid declared Excepted value: There shouldn't be a pid mode declared"},"properties":{"security-severity":"8.5","name":"Host Namespace is Shared","id":"4f31dd9f-2cc3-4751-9b53-67e4af83dac0 [Taken from query_id] (kics)","description":"The hosts process namespace should not be shared by containers Value: There is no pid declared Excepted value: There shouldn't be a pid mode declared","tags":["security","checkmarx","kics"]}},{"id":"9efb0b2d-89c9-41a3-91ca-dcc0aec911fd [Taken from query_id] (kics)","name":"Image Version Not Explicit","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Always tag the version of an image explicitly Value: FROM alpine' Excepted value: FROM alpine:'version'","markdown":"Always tag the version of an image explicitly \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e FROM alpine' \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e FROM alpine:'version'"},"fullDescription":{"text":"Always tag the version of an image explicitly Value: FROM alpine' Excepted value: FROM alpine:'version'"},"properties":{"security-severity":"8.5","name":"Image Version Not Explicit","id":"9efb0b2d-89c9-41a3-91ca-dcc0aec911fd [Taken from query_id] (kics)","description":"Always tag the version of an image explicitly Value: FROM alpine' Excepted value: FROM alpine:'version'","tags":["security","checkmarx","kics"]}},{"id":"e2ffa504-d22a-4c94-b6c5-f661849d2db7 [Taken from query_id] (kics)","name":"JSON Object Schema Without Type (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Schema of the JSON object should have 'type' defined. Value: Schema of the JSON object does not have 'type' defined Excepted value: Schema of the JSON object should have 'type' defined","markdown":"Schema of the JSON object should have 'type' defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Schema of the JSON object does not have 'type' defined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Schema of the JSON object should have 'type' defined"},"fullDescription":{"text":"Schema of the JSON object should have 'type' defined. Value: Schema of the JSON object does not have 'type' defined Excepted value: Schema of the JSON object should have 'type' defined"},"properties":{"security-severity":"8.5","name":"JSON Object Schema Without Type (v3)","id":"e2ffa504-d22a-4c94-b6c5-f661849d2db7 [Taken from query_id] (kics)","description":"Schema of the JSON object should have 'type' defined. Value: Schema of the JSON object does not have 'type' defined Excepted value: Schema of the JSON object should have 'type' defined","tags":["security","checkmarx","kics"]}},{"id":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","name":"Maximum Length Undefined (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"String schema should have 'maxLength' defined. Value: 'maxLength' is undefined Excepted value: 'maxLength' should be defined","markdown":"String schema should have 'maxLength' defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 'maxLength' is undefined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 'maxLength' should be defined"},"fullDescription":{"text":"String schema should have 'maxLength' defined. Value: 'maxLength' is undefined Excepted value: 'maxLength' should be defined"},"properties":{"security-severity":"8.5","name":"Maximum Length Undefined (v3)","id":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","description":"String schema should have 'maxLength' defined. Value: 'maxLength' is undefined Excepted value: 'maxLength' should be defined","tags":["security","checkmarx","kics"]}},{"id":"bb9ac4f7-e13b-423d-a010-c74a1bfbe492 [Taken from query_id] (kics)","name":"Memory Not Limited","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory Value: 'deploy' is not defined Excepted value: 'deploy.resources.limits.memory' should be defined","markdown":"Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 'deploy' is not defined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 'deploy.resources.limits.memory' should be defined"},"fullDescription":{"text":"Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory Value: 'deploy' is not defined Excepted value: 'deploy.resources.limits.memory' should be defined"},"properties":{"security-severity":"8.5","name":"Memory Not Limited","id":"bb9ac4f7-e13b-423d-a010-c74a1bfbe492 [Taken from query_id] (kics)","description":"Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory Value: 'deploy' is not defined Excepted value: 'deploy.resources.limits.memory' should be defined","tags":["security","checkmarx","kics"]}},{"id":"e36d8880-3f78-4546-b9a1-12f0745ca0d5 [Taken from query_id] (kics)","name":"NPM Install Command Without Pinned Version","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Check if packages installed by npm are pinning a specific version. Value: 'RUN npm i -g typescript ts-node' does not uses npm install with a pinned version Excepted value: 'RUN npm i -g typescript ts-node' uses npm install with a pinned version","markdown":"Check if packages installed by npm are pinning a specific version. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 'RUN npm i -g typescript ts-node' does not uses npm install with a pinned version \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 'RUN npm i -g typescript ts-node' uses npm install with a pinned version"},"fullDescription":{"text":"Check if packages installed by npm are pinning a specific version. Value: 'RUN npm i -g typescript ts-node' does not uses npm install with a pinned version Excepted value: 'RUN npm i -g typescript ts-node' uses npm install with a pinned version"},"properties":{"security-severity":"8.5","name":"NPM Install Command Without Pinned Version","id":"e36d8880-3f78-4546-b9a1-12f0745ca0d5 [Taken from query_id] (kics)","description":"Check if packages installed by npm are pinning a specific version. Value: 'RUN npm i -g typescript ts-node' does not uses npm install with a pinned version Excepted value: 'RUN npm i -g typescript ts-node' uses npm install with a pinned version","tags":["security","checkmarx","kics"]}},{"id":"ce14a68b-1668-41a0-ab7d-facd9f784742 [Taken from query_id] (kics)","name":"Networks Not Set","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Setting networks in services ensures you are not using dockers default bridge (docker0), which shares traffic bewteen all containers. Value: There is no network declared for the service 'sut' Excepted value: There should be a network declared for the service 'sut'","markdown":"Setting networks in services ensures you are not using dockers default bridge (docker0), which shares traffic bewteen all containers. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e There is no network declared for the service 'sut' \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e There should be a network declared for the service 'sut'"},"fullDescription":{"text":"Setting networks in services ensures you are not using dockers default bridge (docker0), which shares traffic bewteen all containers. Value: There is no network declared for the service 'sut' Excepted value: There should be a network declared for the service 'sut'"},"properties":{"security-severity":"8.5","name":"Networks Not Set","id":"ce14a68b-1668-41a0-ab7d-facd9f784742 [Taken from query_id] (kics)","description":"Setting networks in services ensures you are not using dockers default bridge (docker0), which shares traffic bewteen all containers. Value: There is no network declared for the service 'sut' Excepted value: There should be a network declared for the service 'sut'","tags":["security","checkmarx","kics"]}},{"id":"fbf699b5-ef74-4542-9cf1-f6eeac379373 [Taken from query_id] (kics)","name":"Numeric Schema Without Format (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Numeric schema (type set to 'integer' or 'number') should have 'format' defined. Value: Numeric schema does not have 'format' defined Excepted value: Numeric schema should have 'format' defined","markdown":"Numeric schema (type set to 'integer' or 'number') should have 'format' defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Numeric schema does not have 'format' defined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Numeric schema should have 'format' defined"},"fullDescription":{"text":"Numeric schema (type set to 'integer' or 'number') should have 'format' defined. Value: Numeric schema does not have 'format' defined Excepted value: Numeric schema should have 'format' defined"},"properties":{"security-severity":"8.5","name":"Numeric Schema Without Format (v3)","id":"fbf699b5-ef74-4542-9cf1-f6eeac379373 [Taken from query_id] (kics)","description":"Numeric schema (type set to 'integer' or 'number') should have 'format' defined. Value: Numeric schema does not have 'format' defined Excepted value: Numeric schema should have 'format' defined","tags":["security","checkmarx","kics"]}},{"id":"2ea04bef-c769-409e-9179-ee3a50b5c0ac [Taken from query_id] (kics)","name":"Numeric Schema Without Maximum (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Numeric schema (type set to 'integer' or 'number') should have 'maximum' defined. Value: Numeric schema does not have 'maximum' defined Excepted value: Numeric schema should have 'maximum' defined","markdown":"Numeric schema (type set to 'integer' or 'number') should have 'maximum' defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Numeric schema does not have 'maximum' defined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Numeric schema should have 'maximum' defined"},"fullDescription":{"text":"Numeric schema (type set to 'integer' or 'number') should have 'maximum' defined. Value: Numeric schema does not have 'maximum' defined Excepted value: Numeric schema should have 'maximum' defined"},"properties":{"security-severity":"8.5","name":"Numeric Schema Without Maximum (v3)","id":"2ea04bef-c769-409e-9179-ee3a50b5c0ac [Taken from query_id] (kics)","description":"Numeric schema (type set to 'integer' or 'number') should have 'maximum' defined. Value: Numeric schema does not have 'maximum' defined Excepted value: Numeric schema should have 'maximum' defined","tags":["security","checkmarx","kics"]}},{"id":"181bd815-767e-4e95-a24d-bb3c87328e19 [Taken from query_id] (kics)","name":"Numeric Schema Without Minimum (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Numeric schema (type set to 'integer' or 'number') should have 'minimum' defined. Value: Numeric schema does not have 'minimum' defined Excepted value: Numeric schema should have 'minimum' defined","markdown":"Numeric schema (type set to 'integer' or 'number') should have 'minimum' defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Numeric schema does not have 'minimum' defined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Numeric schema should have 'minimum' defined"},"fullDescription":{"text":"Numeric schema (type set to 'integer' or 'number') should have 'minimum' defined. Value: Numeric schema does not have 'minimum' defined Excepted value: Numeric schema should have 'minimum' defined"},"properties":{"security-severity":"8.5","name":"Numeric Schema Without Minimum (v3)","id":"181bd815-767e-4e95-a24d-bb3c87328e19 [Taken from query_id] (kics)","description":"Numeric schema (type set to 'integer' or 'number') should have 'minimum' defined. Value: Numeric schema does not have 'minimum' defined Excepted value: Numeric schema should have 'minimum' defined","tags":["security","checkmarx","kics"]}},{"id":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","name":"Pattern Undefined (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"String schema should have 'pattern' defined. Value: 'pattern' is undefined Excepted value: 'pattern' should be defined","markdown":"String schema should have 'pattern' defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 'pattern' is undefined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 'pattern' should be defined"},"fullDescription":{"text":"String schema should have 'pattern' defined. Value: 'pattern' is undefined Excepted value: 'pattern' should be defined"},"properties":{"security-severity":"8.5","name":"Pattern Undefined (v3)","id":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","description":"String schema should have 'pattern' defined. Value: 'pattern' is undefined Excepted value: 'pattern' should be defined","tags":["security","checkmarx","kics"]}},{"id":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","name":"Response Code Missing (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"500, 429 and 400 responses should be defined for all operations, except head operation. 415 response should be defined for the post, put, and patch operations. 404 response should be defined for the get, put, head, delete operations. 200 response should be defined for options operation. 401 and 403 response should be defined for all operations when the security field is defined. Value: 429 response is undefined Excepted value: 429 response should be set","markdown":"500, 429 and 400 responses should be defined for all operations, except head operation. 415 response should be defined for the post, put, and patch operations. 404 response should be defined for the get, put, head, delete operations. 200 response should be defined for options operation. 401 and 403 response should be defined for all operations when the security field is defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e 429 response is undefined \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e 429 response should be set"},"fullDescription":{"text":"500, 429 and 400 responses should be defined for all operations, except head operation. 415 response should be defined for the post, put, and patch operations. 404 response should be defined for the get, put, head, delete operations. 200 response should be defined for options operation. 401 and 403 response should be defined for all operations when the security field is defined. Value: 429 response is undefined Excepted value: 429 response should be set"},"properties":{"security-severity":"8.5","name":"Response Code Missing (v3)","id":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","description":"500, 429 and 400 responses should be defined for all operations, except head operation. 415 response should be defined for the post, put, and patch operations. 404 response should be defined for the get, put, head, delete operations. 200 response should be defined for options operation. 401 and 403 response should be defined for all operations when the security field is defined. Value: 429 response is undefined Excepted value: 429 response should be set","tags":["security","checkmarx","kics"]}},{"id":"610e266e-6c12-4bca-9925-1ed0cd29742b [Taken from query_id] (kics)","name":"Security Opt Not Set","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Attribute 'security_opt' should be defined. Value: Docker compose file does not have 'security_opt' attribute Excepted value: Docker compose file to have 'security_opt' attribute","markdown":"Attribute 'security_opt' should be defined. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Docker compose file does not have 'security_opt' attribute \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Docker compose file to have 'security_opt' attribute"},"fullDescription":{"text":"Attribute 'security_opt' should be defined. Value: Docker compose file does not have 'security_opt' attribute Excepted value: Docker compose file to have 'security_opt' attribute"},"properties":{"security-severity":"8.5","name":"Security Opt Not Set","id":"610e266e-6c12-4bca-9925-1ed0cd29742b [Taken from query_id] (kics)","description":"Attribute 'security_opt' should be defined. Value: Docker compose file does not have 'security_opt' attribute Excepted value: Docker compose file to have 'security_opt' attribute","tags":["security","checkmarx","kics"]}},{"id":"d3499f6d-1651-41bb-a9a7-de925fea487b [Taken from query_id] (kics)","name":"Unpinned Package Version in Apk Add","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes Value: RUN instruction apk add curl does not use package pinning form Excepted value: RUN instruction with 'apk add \u003cpackage\u003e' should use package pinning form 'apk add \u003cpackage\u003e=\u003cversion\u003e'","markdown":"Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e RUN instruction apk add curl does not use package pinning form \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e RUN instruction with 'apk add \u003cpackage\u003e' should use package pinning form 'apk add \u003cpackage\u003e=\u003cversion\u003e'"},"fullDescription":{"text":"Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes Value: RUN instruction apk add curl does not use package pinning form Excepted value: RUN instruction with 'apk add \u003cpackage\u003e' should use package pinning form 'apk add \u003cpackage\u003e=\u003cversion\u003e'"},"properties":{"security-severity":"8.5","name":"Unpinned Package Version in Apk Add","id":"d3499f6d-1651-41bb-a9a7-de925fea487b [Taken from query_id] (kics)","description":"Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes Value: RUN instruction apk add curl does not use package pinning form Excepted value: RUN instruction with 'apk add \u003cpackage\u003e' should use package pinning form 'apk add \u003cpackage\u003e=\u003cversion\u003e'","tags":["security","checkmarx","kics"]}},{"id":"14792830140728517792 (sast)","name":"Angular Improper Type Pipe Usage","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The value used in @SourceElement at @SourceFile in line @SourceLine may throw an exception with the pipe @DestinationElement in @DestinationFile at line @DestinationLine.","markdown":"The value used in @SourceElement at @SourceFile in line @SourceLine may throw an exception with the pipe @DestinationElement in @DestinationFile at line @DestinationLine."},"fullDescription":{"text":"The value used in @SourceElement at @SourceFile in line @SourceLine may throw an exception with the pipe @DestinationElement in @DestinationFile at line @DestinationLine."},"properties":{"security-severity":"8.5","name":"Angular Improper Type Pipe Usage","id":"14792830140728517792 (sast)","description":"The value used in @SourceElement at @SourceFile in line @SourceLine may throw an exception with the pipe @DestinationElement in @DestinationFile at line @DestinationLine.","tags":["security","checkmarx","sast"]}},{"id":"12781463151729500738 (sast)","name":"Client HTML5 Store Sensitive data In Web Storage","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The application stores data @DestinationElement on the client, in an insecure manner, at line @DestinationLine of @DestinationFile.","markdown":"The application stores data @DestinationElement on the client, in an insecure manner, at line @DestinationLine of @DestinationFile."},"fullDescription":{"text":"The application stores data @DestinationElement on the client, in an insecure manner, at line @DestinationLine of @DestinationFile."},"properties":{"security-severity":"8.5","name":"Client HTML5 Store Sensitive data In Web Storage","id":"12781463151729500738 (sast)","description":"The application stores data @DestinationElement on the client, in an insecure manner, at line @DestinationLine of @DestinationFile.","tags":["security","checkmarx","sast"]}},{"id":"7567754570932744334 (sast)","name":"Client Potential XSS","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n","markdown":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n"},"fullDescription":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n"},"properties":{"security-severity":"8.5","name":"Client Potential XSS","id":"7567754570932744334 (sast)","description":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n","tags":["security","checkmarx","sast"]}},{"id":"7664451733520405070 (sast)","name":"Missing Encryption of Sensitive Data","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The sensitive data in @SourceElement at @SourceFile in line @SourceLine is stored in plain-text by @DestinationElement at @DestinationFile in line @DestinationLine.\n\n","markdown":"The sensitive data in @SourceElement at @SourceFile in line @SourceLine is stored in plain-text by @DestinationElement at @DestinationFile in line @DestinationLine.\n\n"},"fullDescription":{"text":"The sensitive data in @SourceElement at @SourceFile in line @SourceLine is stored in plain-text by @DestinationElement at @DestinationFile in line @DestinationLine.\n\n"},"properties":{"security-severity":"8.5","name":"Missing Encryption of Sensitive Data","id":"7664451733520405070 (sast)","description":"The sensitive data in @SourceElement at @SourceFile in line @SourceLine is stored in plain-text by @DestinationElement at @DestinationFile in line @DestinationLine.\n\n","tags":["security","checkmarx","sast"]}},{"id":"16735444075637946876 (sast)","name":"Privacy Violation","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n","markdown":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n"},"fullDescription":{"text":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n"},"properties":{"security-severity":"8.5","name":"Privacy Violation","id":"16735444075637946876 (sast)","description":"Method @SourceMethod at line @SourceLine of @SourceFile sends user information outside the application. This may constitute a Privacy Violation.\n\n","tags":["security","checkmarx","sast"]}},{"id":"7630264517191277634 (sast)","name":"Missing HSTS Header","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The web-application does not define an HSTS header, leaving it vulnerable to attack.\n\n","markdown":"The web-application does not define an HSTS header, leaving it vulnerable to attack.\n\n"},"fullDescription":{"text":"The web-application does not define an HSTS header, leaving it vulnerable to attack.\n\n"},"properties":{"security-severity":"8.5","name":"Missing HSTS Header","id":"7630264517191277634 (sast)","description":"The web-application does not define an HSTS header, leaving it vulnerable to attack.\n\n","tags":["security","checkmarx","sast"]}},{"id":"CVE-2021-4231 (sca)","name":"Cve20214231","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A vulnerability was found in Angular prior to 9.1.13, 10.x prior to 10.2.4, 11.0.x prior to 11.0.5, 11.1.x prior to 11.1.0-next3. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. It is recommended to upgrade the affected component.","markdown":"A vulnerability was found in Angular prior to 9.1.13, 10.x prior to 10.2.4, 11.0.x prior to 11.0.5, 11.1.x prior to 11.1.0-next3. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. It is recommended to upgrade the affected component."},"fullDescription":{"text":"A vulnerability was found in Angular prior to 9.1.13, 10.x prior to 10.2.4, 11.0.x prior to 11.0.5, 11.1.x prior to 11.1.0-next3. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. It is recommended to upgrade the affected component."},"properties":{"security-severity":"8.5","name":"Cve20214231","id":"CVE-2021-4231 (sca)","description":"A vulnerability was found in Angular prior to 9.1.13, 10.x prior to 10.2.4, 11.0.x prior to 11.0.5, 11.1.x prior to 11.1.0-next3. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. It is recommended to upgrade the affected component.","tags":["security","checkmarx","sca"]}},{"id":"Cx7c42edbf-d5f1 (sca)","name":"Cx7c42edbfd5f1","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"base64url before 3.0.0 allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.","markdown":"base64url before 3.0.0 allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below."},"fullDescription":{"text":"base64url before 3.0.0 allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below."},"properties":{"security-severity":"8.5","name":"Cx7c42edbfd5f1","id":"Cx7c42edbf-d5f1 (sca)","description":"base64url before 3.0.0 allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.","tags":["security","checkmarx","sca"]}},{"id":"Cx65603961-769c (sca)","name":"Cx65603961769c","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package debug is vulnerable to memory leakage when instance is created inside a function. The function `debug` in the file `common.js` does not free up used memory unless there's a call to `destroy()` function. This affects the availability.","markdown":"The package debug is vulnerable to memory leakage when instance is created inside a function. The function `debug` in the file `common.js` does not free up used memory unless there's a call to `destroy()` function. This affects the availability."},"fullDescription":{"text":"The package debug is vulnerable to memory leakage when instance is created inside a function. The function `debug` in the file `common.js` does not free up used memory unless there's a call to `destroy()` function. This affects the availability."},"properties":{"security-severity":"8.5","name":"Cx65603961769c","id":"Cx65603961-769c (sca)","description":"The package debug is vulnerable to memory leakage when instance is created inside a function. The function `debug` in the file `common.js` does not free up used memory unless there's a call to `destroy()` function. This affects the availability.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2020-7639 (sca)","name":"Cve20207639","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.","markdown":"eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload."},"fullDescription":{"text":"eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload."},"properties":{"security-severity":"8.5","name":"Cve20207639","id":"CVE-2020-7639 (sca)","description":"eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-41940 (sca)","name":"Cve202241940","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io package, including those who uses depending packages like socket.io. There is no known workaround except upgrading to a safe version. This issue affects versions prior to 3.6.1, and 4.0.x prior to 6.2.1. ","markdown":"Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io package, including those who uses depending packages like socket.io. There is no known workaround except upgrading to a safe version. This issue affects versions prior to 3.6.1, and 4.0.x prior to 6.2.1. "},"fullDescription":{"text":"Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io package, including those who uses depending packages like socket.io. There is no known workaround except upgrading to a safe version. This issue affects versions prior to 3.6.1, and 4.0.x prior to 6.2.1. "},"properties":{"security-severity":"8.5","name":"Cve202241940","id":"CVE-2022-41940 (sca)","description":"Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io package, including those who uses depending packages like socket.io. There is no known workaround except upgrading to a safe version. This issue affects versions prior to 3.6.1, and 4.0.x prior to 6.2.1. ","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-33987 (sca)","name":"Cve202233987","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The got package before 11.8.5, and 12.x before 12.1.0 for Node.js allows a redirect to a UNIX socket.","markdown":"The got package before 11.8.5, and 12.x before 12.1.0 for Node.js allows a redirect to a UNIX socket."},"fullDescription":{"text":"The got package before 11.8.5, and 12.x before 12.1.0 for Node.js allows a redirect to a UNIX socket."},"properties":{"security-severity":"8.5","name":"Cve202233987","id":"CVE-2022-33987 (sca)","description":"The got package before 11.8.5, and 12.x before 12.1.0 for Node.js allows a redirect to a UNIX socket.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-32822 (sca)","name":"Cve202132822","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020.","markdown":"The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020."},"fullDescription":{"text":"The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020."},"properties":{"security-severity":"8.5","name":"Cve202132822","id":"CVE-2021-32822 (sca)","description":"The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options a file disclosure vulnerability may be triggered in downstream applications. For an example PoC see the referenced GHSL-2021-020.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2018-3721 (sca)","name":"Cve20183721","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"lodash node module suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects.","markdown":"lodash node module suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects."},"fullDescription":{"text":"lodash node module suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects."},"properties":{"security-severity":"8.5","name":"Cve20183721","id":"CVE-2018-3721 (sca)","description":"lodash node module suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2019-1010266 (sca)","name":"Cve20191010266","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11.","markdown":"lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11."},"fullDescription":{"text":"lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11."},"properties":{"security-severity":"8.5","name":"Cve20191010266","id":"CVE-2019-1010266 (sca)","description":"lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2020-28500 (sca)","name":"Cve202028500","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Lodash before 4.17.21 is vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.","markdown":"Lodash before 4.17.21 is vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions."},"fullDescription":{"text":"Lodash before 4.17.21 is vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions."},"properties":{"security-severity":"8.5","name":"Cve202028500","id":"CVE-2020-28500 (sca)","description":"Lodash before 4.17.21 is vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2018-16487 (sca)","name":"Cve201816487","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A prototype pollution vulnerability was found in lodash where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.","markdown":"A prototype pollution vulnerability was found in lodash where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype."},"fullDescription":{"text":"A prototype pollution vulnerability was found in lodash where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype."},"properties":{"security-severity":"8.5","name":"Cve201816487","id":"CVE-2018-16487 (sca)","description":"A prototype pollution vulnerability was found in lodash where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2016-4055 (sca)","name":"Cve20164055","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\"","markdown":"The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\""},"fullDescription":{"text":"The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\""},"properties":{"security-severity":"8.5","name":"Cve20164055","id":"CVE-2016-4055 (sca)","description":"The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\"","tags":["security","checkmarx","sca"]}},{"id":"Cx5c009a1a-2054 (sca)","name":"Cx5c009a1a2054","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The `format` method in npm moment before version 2.15.2 is vulnerable to regular expression denial of service.","markdown":"The `format` method in npm moment before version 2.15.2 is vulnerable to regular expression denial of service."},"fullDescription":{"text":"The `format` method in npm moment before version 2.15.2 is vulnerable to regular expression denial of service."},"properties":{"security-severity":"8.5","name":"Cx5c009a1a2054","id":"Cx5c009a1a-2054 (sca)","description":"The `format` method in npm moment before version 2.15.2 is vulnerable to regular expression denial of service.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-23566 (sca)","name":"Cve202123566","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.","markdown":"The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated."},"fullDescription":{"text":"The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated."},"properties":{"security-severity":"8.5","name":"Cve202123566","id":"CVE-2021-23566 (sca)","description":"The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-24773 (sca)","name":"Cve202224773","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.","markdown":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds."},"fullDescription":{"text":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds."},"properties":{"security-severity":"8.5","name":"Cve202224773","id":"CVE-2022-24773 (sca)","description":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-0122 (sca)","name":"Cve20220122","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"forge prior to 1.0.0 is vulnerable to URL Redirection to Untrusted Site.","markdown":"forge prior to 1.0.0 is vulnerable to URL Redirection to Untrusted Site."},"fullDescription":{"text":"forge prior to 1.0.0 is vulnerable to URL Redirection to Untrusted Site."},"properties":{"security-severity":"8.5","name":"Cve20220122","id":"CVE-2022-0122 (sca)","description":"forge prior to 1.0.0 is vulnerable to URL Redirection to Untrusted Site.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-23771 (sca)","name":"Cve202123771","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Version 1.3.3 of notevil and all versions of argencoders-notevil are vulnerable to Sandbox Escape leading to Prototype pollution. The packages fail to restrict access to the main context, allowing an attacker to add or modify an object's prototype.","markdown":"Version 1.3.3 of notevil and all versions of argencoders-notevil are vulnerable to Sandbox Escape leading to Prototype pollution. The packages fail to restrict access to the main context, allowing an attacker to add or modify an object's prototype."},"fullDescription":{"text":"Version 1.3.3 of notevil and all versions of argencoders-notevil are vulnerable to Sandbox Escape leading to Prototype pollution. The packages fail to restrict access to the main context, allowing an attacker to add or modify an object's prototype."},"properties":{"security-severity":"8.5","name":"Cve202123771","id":"CVE-2021-23771 (sca)","description":"Version 1.3.3 of notevil and all versions of argencoders-notevil are vulnerable to Sandbox Escape leading to Prototype pollution. The packages fail to restrict access to the main context, allowing an attacker to add or modify an object's prototype.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2016-1000237 (sca)","name":"Cve20161000237","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"sanitize-html before 1.4.3 has XSS.","markdown":"sanitize-html before 1.4.3 has XSS."},"fullDescription":{"text":"sanitize-html before 1.4.3 has XSS."},"properties":{"security-severity":"8.5","name":"Cve20161000237","id":"CVE-2016-1000237 (sca)","description":"sanitize-html before 1.4.3 has XSS.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2017-16016 (sca)","name":"Cve201716016","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.3 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability.","markdown":"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.3 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability."},"fullDescription":{"text":"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.3 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability."},"properties":{"security-severity":"8.5","name":"Cve201716016","id":"CVE-2017-16016 (sca)","description":"Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.3 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-26539 (sca)","name":"Cve202126539","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.","markdown":"Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option."},"fullDescription":{"text":"Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option."},"properties":{"security-severity":"8.5","name":"Cve202126539","id":"CVE-2021-26539 (sca)","description":"Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-26540 (sca)","name":"Cve202126540","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".","markdown":"Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\"."},"fullDescription":{"text":"Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\"."},"properties":{"security-severity":"8.5","name":"Cve202126540","id":"CVE-2021-26540 (sca)","description":"Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".","tags":["security","checkmarx","sca"]}},{"id":"Cx24228ad1-81fd (sca)","name":"Cx24228ad181fd","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package sanitize-html is vulnerable to a whitelist bypass due to a faulty condition in the sanitzeHtml() function. When a string is supplied as an input to `allowedTags`, instead of a strings array, the application behaves differently, allowing an attacker to use tags which doesn't fall under allowedTags. This allows an attacker to carry out further attacks such as XSS.","markdown":"The package sanitize-html is vulnerable to a whitelist bypass due to a faulty condition in the sanitzeHtml() function. When a string is supplied as an input to `allowedTags`, instead of a strings array, the application behaves differently, allowing an attacker to use tags which doesn't fall under allowedTags. This allows an attacker to carry out further attacks such as XSS."},"fullDescription":{"text":"The package sanitize-html is vulnerable to a whitelist bypass due to a faulty condition in the sanitzeHtml() function. When a string is supplied as an input to `allowedTags`, instead of a strings array, the application behaves differently, allowing an attacker to use tags which doesn't fall under allowedTags. This allows an attacker to carry out further attacks such as XSS."},"properties":{"security-severity":"8.5","name":"Cx24228ad181fd","id":"Cx24228ad1-81fd (sca)","description":"The package sanitize-html is vulnerable to a whitelist bypass due to a faulty condition in the sanitzeHtml() function. When a string is supplied as an input to `allowedTags`, instead of a strings array, the application behaves differently, allowing an attacker to use tags which doesn't fall under allowedTags. This allows an attacker to carry out further attacks such as XSS.","tags":["security","checkmarx","sca"]}},{"id":"Cx7d063416-6f02 (sca)","name":"Cx7d0634166f02","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A vulnerability was discovered in sanitize-html up to 1.4.2. Affected versions do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript.","markdown":"A vulnerability was discovered in sanitize-html up to 1.4.2. Affected versions do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript."},"fullDescription":{"text":"A vulnerability was discovered in sanitize-html up to 1.4.2. Affected versions do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript."},"properties":{"security-severity":"8.5","name":"Cx7d0634166f02","id":"Cx7d063416-6f02 (sca)","description":"A vulnerability was discovered in sanitize-html up to 1.4.2. Affected versions do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript.","tags":["security","checkmarx","sca"]}},{"id":"Cx3fe16d6b-d031 (sca)","name":"Cx3fe16d6bd031","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package sanitize-html is vulnerable to \"Cross-site Scripting\", as the function `sanitizeHtml()` in the file `index.js` fails to sanitize which were turned into inline text. An attacker can abuse applications using 'custom tag transformation' by injecting malicious javascript into the attribute field.","markdown":"The package sanitize-html is vulnerable to \"Cross-site Scripting\", as the function `sanitizeHtml()` in the file `index.js` fails to sanitize which were turned into inline text. An attacker can abuse applications using 'custom tag transformation' by injecting malicious javascript into the attribute field."},"fullDescription":{"text":"The package sanitize-html is vulnerable to \"Cross-site Scripting\", as the function `sanitizeHtml()` in the file `index.js` fails to sanitize which were turned into inline text. An attacker can abuse applications using 'custom tag transformation' by injecting malicious javascript into the attribute field."},"properties":{"security-severity":"8.5","name":"Cx3fe16d6bd031","id":"Cx3fe16d6b-d031 (sca)","description":"The package sanitize-html is vulnerable to \"Cross-site Scripting\", as the function `sanitizeHtml()` in the file `index.js` fails to sanitize which were turned into inline text. An attacker can abuse applications using 'custom tag transformation' by injecting malicious javascript into the attribute field.","tags":["security","checkmarx","sca"]}},{"id":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","name":"Passwords And Secrets - Generic Password","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source","markdown":"Query to find passwords and secrets in infrastructure code. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Hardcoded secret key appears in source \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Hardcoded secret key should not appear in source"},"fullDescription":{"text":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source"},"properties":{"security-severity":"9.5","name":"Passwords And Secrets - Generic Password","id":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","description":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source","tags":["security","checkmarx","kics"]}},{"id":"CVE-2022-24771 (sca)","name":"Cve202224771","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.","markdown":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds."},"fullDescription":{"text":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds."},"properties":{"security-severity":"9.5","name":"Cve202224771","id":"CVE-2022-24771 (sca)","description":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-3807 (sca)","name":"Cve20213807","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"ansi-regex prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Regular Expression Complexity","markdown":"ansi-regex prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Regular Expression Complexity"},"fullDescription":{"text":"ansi-regex prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Regular Expression Complexity"},"properties":{"security-severity":"9.5","name":"Cve20213807","id":"CVE-2021-3807 (sca)","description":"ansi-regex prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Regular Expression Complexity","tags":["security","checkmarx","sca"]}},{"id":"Cxc7705965-e0f0 (sca)","name":"Cxc7705965e0f0","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The @babel/core package versions prior to 7.18.6 were discovered to contain a memory leak vulnerability. ","markdown":"The @babel/core package versions prior to 7.18.6 were discovered to contain a memory leak vulnerability. "},"fullDescription":{"text":"The @babel/core package versions prior to 7.18.6 were discovered to contain a memory leak vulnerability. "},"properties":{"security-severity":"9.5","name":"Cxc7705965e0f0","id":"Cxc7705965-e0f0 (sca)","description":"The @babel/core package versions prior to 7.18.6 were discovered to contain a memory leak vulnerability. ","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-3517 (sca)","name":"Cve20223517","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A vulnerability was found in the minimatch package versions prior to 3.0.5. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the \"braceExpand\" function with specific arguments, resulting in a Denial of Service.","markdown":"A vulnerability was found in the minimatch package versions prior to 3.0.5. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the \"braceExpand\" function with specific arguments, resulting in a Denial of Service."},"fullDescription":{"text":"A vulnerability was found in the minimatch package versions prior to 3.0.5. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the \"braceExpand\" function with specific arguments, resulting in a Denial of Service."},"properties":{"security-severity":"9.5","name":"Cve20223517","id":"CVE-2022-3517 (sca)","description":"A vulnerability was found in the minimatch package versions prior to 3.0.5. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the \"braceExpand\" function with specific arguments, resulting in a Denial of Service.","tags":["security","checkmarx","sca"]}},{"id":"fd54f200-402c-4333-a5a4-36ef6709af2f [Taken from query_id] (kics)","name":"Missing User Instruction","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A user should be specified in the dockerfile, otherwise the image will run as root Value: The 'Dockerfile' does not contain any 'USER' instruction Excepted value: The 'Dockerfile' should contain the 'USER' instruction","markdown":"A user should be specified in the dockerfile, otherwise the image will run as root \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e The 'Dockerfile' does not contain any 'USER' instruction \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e The 'Dockerfile' should contain the 'USER' instruction"},"fullDescription":{"text":"A user should be specified in the dockerfile, otherwise the image will run as root Value: The 'Dockerfile' does not contain any 'USER' instruction Excepted value: The 'Dockerfile' should contain the 'USER' instruction"},"properties":{"security-severity":"9.5","name":"Missing User Instruction","id":"fd54f200-402c-4333-a5a4-36ef6709af2f [Taken from query_id] (kics)","description":"A user should be specified in the dockerfile, otherwise the image will run as root Value: The 'Dockerfile' does not contain any 'USER' instruction Excepted value: The 'Dockerfile' should contain the 'USER' instruction","tags":["security","checkmarx","kics"]}},{"id":"Cx89601373-08db (sca)","name":"Cx8960137308db","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"NPM `debug` prior to 4.3.0 has a Memory Leak when creating `debug` instances inside a function which can have a significant impact in the Availability. This happens since the function `debug` in the file `src/common.js` does not free up used memory.","markdown":"NPM `debug` prior to 4.3.0 has a Memory Leak when creating `debug` instances inside a function which can have a significant impact in the Availability. This happens since the function `debug` in the file `src/common.js` does not free up used memory."},"fullDescription":{"text":"NPM `debug` prior to 4.3.0 has a Memory Leak when creating `debug` instances inside a function which can have a significant impact in the Availability. This happens since the function `debug` in the file `src/common.js` does not free up used memory."},"properties":{"security-severity":"9.5","name":"Cx8960137308db","id":"Cx89601373-08db (sca)","description":"NPM `debug` prior to 4.3.0 has a Memory Leak when creating `debug` instances inside a function which can have a significant impact in the Availability. This happens since the function `debug` in the file `src/common.js` does not free up used memory.","tags":["security","checkmarx","sca"]}},{"id":"Cx8bc4df28-fcf5 (sca)","name":"Cx8bc4df28fcf5","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"In NPM `debug`, the `enable` function accepts a regular expression from user input without escaping it. Arbitrary regular expressions could be injected to cause a Denial of Service attack on the user's browser, otherwise known as a ReDoS (Regular Expression Denial of Service). This is a different issue than CVE-2017-16137.","markdown":"In NPM `debug`, the `enable` function accepts a regular expression from user input without escaping it. Arbitrary regular expressions could be injected to cause a Denial of Service attack on the user's browser, otherwise known as a ReDoS (Regular Expression Denial of Service). This is a different issue than CVE-2017-16137."},"fullDescription":{"text":"In NPM `debug`, the `enable` function accepts a regular expression from user input without escaping it. Arbitrary regular expressions could be injected to cause a Denial of Service attack on the user's browser, otherwise known as a ReDoS (Regular Expression Denial of Service). This is a different issue than CVE-2017-16137."},"properties":{"security-severity":"9.5","name":"Cx8bc4df28fcf5","id":"Cx8bc4df28-fcf5 (sca)","description":"In NPM `debug`, the `enable` function accepts a regular expression from user input without escaping it. Arbitrary regular expressions could be injected to cause a Denial of Service attack on the user's browser, otherwise known as a ReDoS (Regular Expression Denial of Service). This is a different issue than CVE-2017-16137.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-44906 (sca)","name":"Cve202144906","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Minimist through 1.2.5 is vulnerable to Prototype Pollution via file \"index.js\", function \"setKey()\" (lines 69-95).","markdown":"Minimist through 1.2.5 is vulnerable to Prototype Pollution via file \"index.js\", function \"setKey()\" (lines 69-95)."},"fullDescription":{"text":"Minimist through 1.2.5 is vulnerable to Prototype Pollution via file \"index.js\", function \"setKey()\" (lines 69-95)."},"properties":{"security-severity":"9.5","name":"Cve202144906","id":"CVE-2021-44906 (sca)","description":"Minimist through 1.2.5 is vulnerable to Prototype Pollution via file \"index.js\", function \"setKey()\" (lines 69-95).","tags":["security","checkmarx","sca"]}},{"id":"Cxb3ca64d2-9cd1 (sca)","name":"Cxb3ca64d29cd1","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A Regular Expression Denial of Service (ReDoS) in mocha can make the server unavailable when a specially crafted input is provided. This was marked as \"Disputed\" because the issue was closed without a fix, and we couldn't confirm its exploitability.","markdown":"A Regular Expression Denial of Service (ReDoS) in mocha can make the server unavailable when a specially crafted input is provided. This was marked as \"Disputed\" because the issue was closed without a fix, and we couldn't confirm its exploitability."},"fullDescription":{"text":"A Regular Expression Denial of Service (ReDoS) in mocha can make the server unavailable when a specially crafted input is provided. This was marked as \"Disputed\" because the issue was closed without a fix, and we couldn't confirm its exploitability."},"properties":{"security-severity":"9.5","name":"Cxb3ca64d29cd1","id":"Cxb3ca64d2-9cd1 (sca)","description":"A Regular Expression Denial of Service (ReDoS) in mocha can make the server unavailable when a specially crafted input is provided. This was marked as \"Disputed\" because the issue was closed without a fix, and we couldn't confirm its exploitability.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-38900 (sca)","name":"Cve202238900","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"decode-uri-component is vulnerable to Improper Input Validation resulting in DoS.","markdown":"decode-uri-component is vulnerable to Improper Input Validation resulting in DoS."},"fullDescription":{"text":"decode-uri-component is vulnerable to Improper Input Validation resulting in DoS."},"properties":{"security-severity":"9.5","name":"Cve202238900","id":"CVE-2022-38900 (sca)","description":"decode-uri-component is vulnerable to Improper Input Validation resulting in DoS.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-24434 (sca)","name":"Cve202224434","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A Denial Of Service vulnerability exists in dicer before 0.3.1. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.","markdown":"A Denial Of Service vulnerability exists in dicer before 0.3.1. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes."},"fullDescription":{"text":"A Denial Of Service vulnerability exists in dicer before 0.3.1. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes."},"properties":{"security-severity":"9.5","name":"Cve202224434","id":"CVE-2022-24434 (sca)","description":"A Denial Of Service vulnerability exists in dicer before 0.3.1. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.","tags":["security","checkmarx","sca"]}},{"id":"Cxe299c2b0-ccc8 (sca)","name":"Cxe299c2b0ccc8","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Domutils before version 1.6.0 is vulnerable to stack overflow. The function findAll in the file querying.js uses a recursive method to find elements, leading to stack overflow when ran against a huge page. This affects the availability. ","markdown":"Domutils before version 1.6.0 is vulnerable to stack overflow. The function findAll in the file querying.js uses a recursive method to find elements, leading to stack overflow when ran against a huge page. This affects the availability. "},"fullDescription":{"text":"Domutils before version 1.6.0 is vulnerable to stack overflow. The function findAll in the file querying.js uses a recursive method to find elements, leading to stack overflow when ran against a huge page. This affects the availability. "},"properties":{"security-severity":"9.5","name":"Cxe299c2b0ccc8","id":"Cxe299c2b0-ccc8 (sca)","description":"Domutils before version 1.6.0 is vulnerable to stack overflow. The function findAll in the file querying.js uses a recursive method to find elements, leading to stack overflow when ran against a huge page. This affects the availability. ","tags":["security","checkmarx","sca"]}},{"id":"CVE-2019-10775 (sca)","name":"Cve201910775","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"ecstatic before 4.1.4 have a denial of service vulnerability. Successful exploitation could lead to crash of an application.","markdown":"ecstatic before 4.1.4 have a denial of service vulnerability. Successful exploitation could lead to crash of an application."},"fullDescription":{"text":"ecstatic before 4.1.4 have a denial of service vulnerability. Successful exploitation could lead to crash of an application."},"properties":{"security-severity":"9.5","name":"Cve201910775","id":"CVE-2019-10775 (sca)","description":"ecstatic before 4.1.4 have a denial of service vulnerability. Successful exploitation could lead to crash of an application.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-24772 (sca)","name":"Cve202224772","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.","markdown":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds."},"fullDescription":{"text":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds."},"properties":{"security-severity":"9.5","name":"Cve202224772","id":"CVE-2022-24772 (sca)","description":"Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2017-18214 (sca)","name":"Cve201718214","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.","markdown":"The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055."},"fullDescription":{"text":"The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055."},"properties":{"security-severity":"9.5","name":"Cve201718214","id":"CVE-2017-18214 (sca)","description":"The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2020-15084 (sca)","name":"Cve202015084","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0.","markdown":"In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0."},"fullDescription":{"text":"In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0."},"properties":{"security-severity":"9.5","name":"Cve202015084","id":"CVE-2020-15084 (sca)","description":"In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-36313 (sca)","name":"Cve202236313","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"An issue was discovered in the file-type package versions prior to 16.5.4 and 17.0.x prior to 17.1.3 for \"Node.js\". A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack.","markdown":"An issue was discovered in the file-type package versions prior to 16.5.4 and 17.0.x prior to 17.1.3 for \"Node.js\". A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack."},"fullDescription":{"text":"An issue was discovered in the file-type package versions prior to 16.5.4 and 17.0.x prior to 17.1.3 for \"Node.js\". A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack."},"properties":{"security-severity":"9.5","name":"Cve202236313","id":"CVE-2022-36313 (sca)","description":"An issue was discovered in the file-type package versions prior to 16.5.4 and 17.0.x prior to 17.1.3 for \"Node.js\". A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2020-28469 (sca)","name":"Cve202028469","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"In glob-parent prior to 5.1.2 the way that the `enclosure` regex in `index.js` is defined could allow an attacker to exploit it, and cause a Denial of Service (ReDoS). This has been fixed in version 5.1.2.","markdown":"In glob-parent prior to 5.1.2 the way that the `enclosure` regex in `index.js` is defined could allow an attacker to exploit it, and cause a Denial of Service (ReDoS). This has been fixed in version 5.1.2."},"fullDescription":{"text":"In glob-parent prior to 5.1.2 the way that the `enclosure` regex in `index.js` is defined could allow an attacker to exploit it, and cause a Denial of Service (ReDoS). This has been fixed in version 5.1.2."},"properties":{"security-severity":"9.5","name":"Cve202028469","id":"CVE-2020-28469 (sca)","description":"In glob-parent prior to 5.1.2 the way that the `enclosure` regex in `index.js` is defined could allow an attacker to exploit it, and cause a Denial of Service (ReDoS). This has been fixed in version 5.1.2.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-24785 (sca)","name":"Cve202224785","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.","markdown":"Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js."},"fullDescription":{"text":"Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js."},"properties":{"security-severity":"9.5","name":"Cve202224785","id":"CVE-2022-24785 (sca)","description":"Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.","tags":["security","checkmarx","sca"]}},{"id":"Cx347a3da7-ba99 (sca)","name":"Cx347a3da7ba99","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Prototype Pollution in node-forge debug API before 1.0.0 The forge.debug API had a potential prototype pollution issue if called with untrusted input. The API was only used for internal debug purposes in a safe way and never documented or advertised. It is suspected that uses of this API, if any exist, would likely not have used untrusted inputs in a vulnerable way.","markdown":"Prototype Pollution in node-forge debug API before 1.0.0 The forge.debug API had a potential prototype pollution issue if called with untrusted input. The API was only used for internal debug purposes in a safe way and never documented or advertised. It is suspected that uses of this API, if any exist, would likely not have used untrusted inputs in a vulnerable way."},"fullDescription":{"text":"Prototype Pollution in node-forge debug API before 1.0.0 The forge.debug API had a potential prototype pollution issue if called with untrusted input. The API was only used for internal debug purposes in a safe way and never documented or advertised. It is suspected that uses of this API, if any exist, would likely not have used untrusted inputs in a vulnerable way."},"properties":{"security-severity":"9.5","name":"Cx347a3da7ba99","id":"Cx347a3da7-ba99 (sca)","description":"Prototype Pollution in node-forge debug API before 1.0.0 The forge.debug API had a potential prototype pollution issue if called with untrusted input. The API was only used for internal debug purposes in a safe way and never documented or advertised. It is suspected that uses of this API, if any exist, would likely not have used untrusted inputs in a vulnerable way.","tags":["security","checkmarx","sca"]}},{"id":"Cxdca8e59f-8bfe (sca)","name":"Cxdca8e59f8bfe","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"In npm inflight there is a memory leak because some resources are not freed correctly after being used. It appears to affect all versions.","markdown":"In npm inflight there is a memory leak because some resources are not freed correctly after being used. It appears to affect all versions."},"fullDescription":{"text":"In npm inflight there is a memory leak because some resources are not freed correctly after being used. It appears to affect all versions."},"properties":{"security-severity":"9.5","name":"Cxdca8e59f8bfe","id":"Cxdca8e59f-8bfe (sca)","description":"In npm inflight there is a memory leak because some resources are not freed correctly after being used. It appears to affect all versions.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-23540 (sca)","name":"Cve202223540","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Versions prior to 9.0.0 of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, which removes the default support for the none algorithm in the `jwt.verify()` method and you don’t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options.","markdown":"Versions prior to 9.0.0 of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, which removes the default support for the none algorithm in the `jwt.verify()` method and you don’t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options."},"fullDescription":{"text":"Versions prior to 9.0.0 of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, which removes the default support for the none algorithm in the `jwt.verify()` method and you don’t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options."},"properties":{"security-severity":"9.5","name":"Cve202223540","id":"CVE-2022-23540 (sca)","description":"Versions prior to 9.0.0 of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, which removes the default support for the none algorithm in the `jwt.verify()` method and you don’t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-23541 (sca)","name":"Cve202223541","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"jsonwebtoken is an implementation of JSON Web Tokens. Versions prior to 9.0.0 of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in \"jwt.verify()\" implementation with the same key retrieval function. ","markdown":"jsonwebtoken is an implementation of JSON Web Tokens. Versions prior to 9.0.0 of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in \"jwt.verify()\" implementation with the same key retrieval function. "},"fullDescription":{"text":"jsonwebtoken is an implementation of JSON Web Tokens. Versions prior to 9.0.0 of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in \"jwt.verify()\" implementation with the same key retrieval function. "},"properties":{"security-severity":"9.5","name":"Cve202223541","id":"CVE-2022-23541 (sca)","description":"jsonwebtoken is an implementation of JSON Web Tokens. Versions prior to 9.0.0 of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in \"jwt.verify()\" implementation with the same key retrieval function. ","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-23539 (sca)","name":"Cve202223539","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Versions prior to 9.0.0 `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the Security Advisory as unaffected. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.","markdown":"Versions prior to 9.0.0 `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the Security Advisory as unaffected. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions."},"fullDescription":{"text":"Versions prior to 9.0.0 `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the Security Advisory as unaffected. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions."},"properties":{"security-severity":"9.5","name":"Cve202223539","id":"CVE-2022-23539 (sca)","description":"Versions prior to 9.0.0 `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a combination listed in the Security Advisory as unaffected. This version validates for asymmetric key type and algorithm combinations. Please refer to the above mentioned algorithm / key type combinations for the valid secure configuration. After updating to version 9.0.0, if you still intend to continue with signing or verifying tokens using invalid key type/algorithm value combinations, you’ll need to set the `allowInvalidAsymmetricKeyTypes` option to `true` in the `sign()` and/or `verify()` functions.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2015-9235 (sca)","name":"Cve20159235","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).","markdown":"In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)."},"fullDescription":{"text":"In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)."},"properties":{"security-severity":"9.5","name":"Cve20159235","id":"CVE-2015-9235 (sca)","description":"In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).","tags":["security","checkmarx","sca"]}},{"id":"Cxdd801a12-8c33 (sca)","name":"Cxdd801a128c33","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"An improper validation of algorithm in JWT before 0.4.1 was found in `jsonwebtoken`. The function verify() allows an attacker to create their own \"signed\" tokens, by setting the algorithm value as `none`.","markdown":"An improper validation of algorithm in JWT before 0.4.1 was found in `jsonwebtoken`. The function verify() allows an attacker to create their own \"signed\" tokens, by setting the algorithm value as `none`."},"fullDescription":{"text":"An improper validation of algorithm in JWT before 0.4.1 was found in `jsonwebtoken`. The function verify() allows an attacker to create their own \"signed\" tokens, by setting the algorithm value as `none`."},"properties":{"security-severity":"9.5","name":"Cxdd801a128c33","id":"Cxdd801a12-8c33 (sca)","description":"An improper validation of algorithm in JWT before 0.4.1 was found in `jsonwebtoken`. The function verify() allows an attacker to create their own \"signed\" tokens, by setting the algorithm value as `none`.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2016-1000223 (sca)","name":"Cve20161000223","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"jws \tbefore 3.0.0 allows users to select what algorithm the server will use to verify a provided JWT. A malicious actor can use this behaviour to arbitrarily modify the contents of a JWT while still passing verification. For the common use case of the JWT as a bearer token, the end result is a complete authentication bypass with minimal effort.","markdown":"jws \tbefore 3.0.0 allows users to select what algorithm the server will use to verify a provided JWT. A malicious actor can use this behaviour to arbitrarily modify the contents of a JWT while still passing verification. For the common use case of the JWT as a bearer token, the end result is a complete authentication bypass with minimal effort."},"fullDescription":{"text":"jws \tbefore 3.0.0 allows users to select what algorithm the server will use to verify a provided JWT. A malicious actor can use this behaviour to arbitrarily modify the contents of a JWT while still passing verification. For the common use case of the JWT as a bearer token, the end result is a complete authentication bypass with minimal effort."},"properties":{"security-severity":"9.5","name":"Cve20161000223","id":"CVE-2016-1000223 (sca)","description":"jws \tbefore 3.0.0 allows users to select what algorithm the server will use to verify a provided JWT. A malicious actor can use this behaviour to arbitrarily modify the contents of a JWT while still passing verification. For the common use case of the JWT as a bearer token, the end result is a complete authentication bypass with minimal effort.","tags":["security","checkmarx","sca"]}},{"id":"Cxffc79d87-98d9 (sca)","name":"Cxffc79d8798d9","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"An authentication bypass vulnerability was discovered in jws up to version 2.0.0. This vulnerability allows an attacker to generate signatures with arbitrary contents that would be accepted by 'jws.verify'.","markdown":"An authentication bypass vulnerability was discovered in jws up to version 2.0.0. This vulnerability allows an attacker to generate signatures with arbitrary contents that would be accepted by 'jws.verify'."},"fullDescription":{"text":"An authentication bypass vulnerability was discovered in jws up to version 2.0.0. This vulnerability allows an attacker to generate signatures with arbitrary contents that would be accepted by 'jws.verify'."},"properties":{"security-severity":"9.5","name":"Cxffc79d8798d9","id":"Cxffc79d87-98d9 (sca)","description":"An authentication bypass vulnerability was discovered in jws up to version 2.0.0. This vulnerability allows an attacker to generate signatures with arbitrary contents that would be accepted by 'jws.verify'.","tags":["security","checkmarx","sca"]}},{"id":"Cxf6e7f2c1-dc59 (sca)","name":"Cxf6e7f2c1dc59","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package yauzl is vulnerable to arbitrary file write implemented through improper validation of symlinks.\n The function validateFileName in the file `index.js` doesn't validate malicious symlink files when checking for path traversal attacks. This affects the integrity \u0026 availability.","markdown":"The package yauzl is vulnerable to arbitrary file write implemented through improper validation of symlinks.\n The function validateFileName in the file `index.js` doesn't validate malicious symlink files when checking for path traversal attacks. This affects the integrity \u0026 availability."},"fullDescription":{"text":"The package yauzl is vulnerable to arbitrary file write implemented through improper validation of symlinks.\n The function validateFileName in the file `index.js` doesn't validate malicious symlink files when checking for path traversal attacks. This affects the integrity \u0026 availability."},"properties":{"security-severity":"9.5","name":"Cxf6e7f2c1dc59","id":"Cxf6e7f2c1-dc59 (sca)","description":"The package yauzl is vulnerable to arbitrary file write implemented through improper validation of symlinks.\n The function validateFileName in the file `index.js` doesn't validate malicious symlink files when checking for path traversal attacks. This affects the integrity \u0026 availability.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-25858 (sca)","name":"Cve202225858","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package terser before 4.8.1, and 5.0.x before 5.14.2 is vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.","markdown":"The package terser before 4.8.1, and 5.0.x before 5.14.2 is vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions."},"fullDescription":{"text":"The package terser before 4.8.1, and 5.0.x before 5.14.2 is vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions."},"properties":{"security-severity":"9.5","name":"Cve202225858","id":"CVE-2022-25858 (sca)","description":"The package terser before 4.8.1, and 5.0.x before 5.14.2 is vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.","tags":["security","checkmarx","sca"]}},{"id":"Cx0b414307-5d4b (sca)","name":"Cx0b4143075d4b","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Prototype Pollution vulnerability in lodash before 4.17.19.","markdown":"Prototype Pollution vulnerability in lodash before 4.17.19."},"fullDescription":{"text":"Prototype Pollution vulnerability in lodash before 4.17.19."},"properties":{"security-severity":"9.5","name":"Cx0b4143075d4b","id":"Cx0b414307-5d4b (sca)","description":"Prototype Pollution vulnerability in lodash before 4.17.19.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2021-23337 (sca)","name":"Cve202123337","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"lodash and lodash-es prior to 4.17.21 are vulnerable to Command Injection via the \"template\" function. ","markdown":"lodash and lodash-es prior to 4.17.21 are vulnerable to Command Injection via the \"template\" function. "},"fullDescription":{"text":"lodash and lodash-es prior to 4.17.21 are vulnerable to Command Injection via the \"template\" function. "},"properties":{"security-severity":"9.5","name":"Cve202123337","id":"CVE-2021-23337 (sca)","description":"lodash and lodash-es prior to 4.17.21 are vulnerable to Command Injection via the \"template\" function. ","tags":["security","checkmarx","sca"]}},{"id":"CVE-2020-8203 (sca)","name":"Cve20208203","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.","markdown":"Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20."},"fullDescription":{"text":"Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20."},"properties":{"security-severity":"9.5","name":"Cve20208203","id":"CVE-2020-8203 (sca)","description":"Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2022-25887 (sca)","name":"Cve202225887","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.","markdown":"The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal."},"fullDescription":{"text":"The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal."},"properties":{"security-severity":"9.5","name":"Cve202225887","id":"CVE-2022-25887 (sca)","description":"The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.","tags":["security","checkmarx","sca"]}},{"id":"CVE-2019-10744 (sca)","name":"Cve201910744","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"A Prototype Pollution vulnerability was discovered in lodash before 4.17.12, in lodash.defaultsdeep before 4.6.1 and in @sailshq/lodash before 3.10.4. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor: {prototype: {...}}} causing the addition or modification of an existing property that will exist on all objects.","markdown":"A Prototype Pollution vulnerability was discovered in lodash before 4.17.12, in lodash.defaultsdeep before 4.6.1 and in @sailshq/lodash before 3.10.4. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor: {prototype: {...}}} causing the addition or modification of an existing property that will exist on all objects."},"fullDescription":{"text":"A Prototype Pollution vulnerability was discovered in lodash before 4.17.12, in lodash.defaultsdeep before 4.6.1 and in @sailshq/lodash before 3.10.4. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor: {prototype: {...}}} causing the addition or modification of an existing property that will exist on all objects."},"properties":{"security-severity":"9.5","name":"Cve201910744","id":"CVE-2019-10744 (sca)","description":"A Prototype Pollution vulnerability was discovered in lodash before 4.17.12, in lodash.defaultsdeep before 4.6.1 and in @sailshq/lodash before 3.10.4. The function defaultsDeep allows a malicious user to modify the prototype of Object via {constructor: {prototype: {...}}} causing the addition or modification of an existing property that will exist on all objects.","tags":["security","checkmarx","sca"]}},{"id":"6561501369275698122 (sast)","name":"Stored XSS","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by saving malicious data in a data-store ahead of time. The attacker's modified data is then read from the database by the @SourceMethod method with @SourceElement, at line @SourceLine of @SourceFile. This untrusted data then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Stored Cross-Site Scripting (XSS) attack.\n\n","markdown":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by saving malicious data in a data-store ahead of time. The attacker's modified data is then read from the database by the @SourceMethod method with @SourceElement, at line @SourceLine of @SourceFile. This untrusted data then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Stored Cross-Site Scripting (XSS) attack.\n\n"},"fullDescription":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by saving malicious data in a data-store ahead of time. The attacker's modified data is then read from the database by the @SourceMethod method with @SourceElement, at line @SourceLine of @SourceFile. This untrusted data then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Stored Cross-Site Scripting (XSS) attack.\n\n"},"properties":{"security-severity":"9.5","name":"Stored XSS","id":"6561501369275698122 (sast)","description":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by saving malicious data in a data-store ahead of time. The attacker's modified data is then read from the database by the @SourceMethod method with @SourceElement, at line @SourceLine of @SourceFile. This untrusted data then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Stored Cross-Site Scripting (XSS) attack.\n\n","tags":["security","checkmarx","sast"]}},{"id":"16772998409937314312 (sast)","name":"Reflected XSS","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by simply providing modified data in the user input @SourceElement, which is read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Reflected Cross-Site Scripting (XSS) attack.\n\n","markdown":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by simply providing modified data in the user input @SourceElement, which is read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Reflected Cross-Site Scripting (XSS) attack.\n\n"},"fullDescription":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by simply providing modified data in the user input @SourceElement, which is read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Reflected Cross-Site Scripting (XSS) attack.\n\n"},"properties":{"security-severity":"9.5","name":"Reflected XSS","id":"16772998409937314312 (sast)","description":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\nThe attacker would be able to alter the returned web page by simply providing modified data in the user input @SourceElement, which is read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code straight to the output web page, without sanitization. \r\n\r\nThis can enable a Reflected Cross-Site Scripting (XSS) attack.\n\n","tags":["security","checkmarx","sast"]}},{"id":"17606990743818532616 (sast)","name":"SQL Injection","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nAn attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input @SourceElement; this input is then read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code, into a query and to the database server - without sanitization.\r\n\r\nThis may enable an SQL Injection attack.\n\n","markdown":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nAn attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input @SourceElement; this input is then read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code, into a query and to the database server - without sanitization.\r\n\r\nThis may enable an SQL Injection attack.\n\n"},"fullDescription":{"text":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nAn attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input @SourceElement; this input is then read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code, into a query and to the database server - without sanitization.\r\n\r\nThis may enable an SQL Injection attack.\n\n"},"properties":{"security-severity":"9.5","name":"SQL Injection","id":"17606990743818532616 (sast)","description":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nAn attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input @SourceElement; this input is then read by the @SourceMethod method at line @SourceLine of @SourceFile. This input then flows through the code, into a query and to the database server - without sanitization.\r\n\r\nThis may enable an SQL Injection attack.\n\n","tags":["security","checkmarx","sast"]}},{"id":"4332408256892458774 (sast)","name":"Second Order SQL Injection","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nThe attacker may be able to write arbitrary data to the database, which is then retrieved by the application with @SourceElement in @SourceMethod method at line @SourceLine of @SourceFile. This data then flows through the code, until it is used directly in the SQL query without sanitization, and then submitted to the database server for execution.\r\n\r\nThis may enable a Second-Order SQL Injection attack.\n\n","markdown":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nThe attacker may be able to write arbitrary data to the database, which is then retrieved by the application with @SourceElement in @SourceMethod method at line @SourceLine of @SourceFile. This data then flows through the code, until it is used directly in the SQL query without sanitization, and then submitted to the database server for execution.\r\n\r\nThis may enable a Second-Order SQL Injection attack.\n\n"},"fullDescription":{"text":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nThe attacker may be able to write arbitrary data to the database, which is then retrieved by the application with @SourceElement in @SourceMethod method at line @SourceLine of @SourceFile. This data then flows through the code, until it is used directly in the SQL query without sanitization, and then submitted to the database server for execution.\r\n\r\nThis may enable a Second-Order SQL Injection attack.\n\n"},"properties":{"security-severity":"9.5","name":"Second Order SQL Injection","id":"4332408256892458774 (sast)","description":"The application's @DestinationMethod method executes an SQL query with @DestinationElement, at line @DestinationLine of @DestinationFile. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.\n\nThe attacker may be able to write arbitrary data to the database, which is then retrieved by the application with @SourceElement in @SourceMethod method at line @SourceLine of @SourceFile. This data then flows through the code, until it is used directly in the SQL query without sanitization, and then submitted to the database server for execution.\r\n\r\nThis may enable a Second-Order SQL Injection attack.\n\n","tags":["security","checkmarx","sast"]}},{"id":"18264905025034185052 (sast)","name":"Code Injection","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The application's @DestinationMethod method receives and dynamically executes user-controlled code using @DestinationElement, at line @DestinationLine of @DestinationFile. This could enable an attacker to inject and run arbitrary code.\n\nThe attacker can inject the executed code via user input, @SourceElement, which is retrieved by the application in the @SourceMethod method, at line @SourceLine of @SourceFile.\n\n","markdown":"The application's @DestinationMethod method receives and dynamically executes user-controlled code using @DestinationElement, at line @DestinationLine of @DestinationFile. This could enable an attacker to inject and run arbitrary code.\n\nThe attacker can inject the executed code via user input, @SourceElement, which is retrieved by the application in the @SourceMethod method, at line @SourceLine of @SourceFile.\n\n"},"fullDescription":{"text":"The application's @DestinationMethod method receives and dynamically executes user-controlled code using @DestinationElement, at line @DestinationLine of @DestinationFile. This could enable an attacker to inject and run arbitrary code.\n\nThe attacker can inject the executed code via user input, @SourceElement, which is retrieved by the application in the @SourceMethod method, at line @SourceLine of @SourceFile.\n\n"},"properties":{"security-severity":"9.5","name":"Code Injection","id":"18264905025034185052 (sast)","description":"The application's @DestinationMethod method receives and dynamically executes user-controlled code using @DestinationElement, at line @DestinationLine of @DestinationFile. This could enable an attacker to inject and run arbitrary code.\n\nThe attacker can inject the executed code via user input, @SourceElement, which is retrieved by the application in the @SourceMethod method, at line @SourceLine of @SourceFile.\n\n","tags":["security","checkmarx","sast"]}},{"id":"6998389e-66b2-473d-8d05-c8d71ac4d04d [Taken from query_id] (kics)","name":"Array Without Maximum Number of Items (v3)","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Array schema should have the field 'maxItems' set Value: Array schema has 'maxItems' set Excepted value: Array schema has 'maxItems' undefined","markdown":"Array schema should have the field 'maxItems' set \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Array schema has 'maxItems' set \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Array schema has 'maxItems' undefined"},"fullDescription":{"text":"Array schema should have the field 'maxItems' set Value: Array schema has 'maxItems' set Excepted value: Array schema has 'maxItems' undefined"},"properties":{"security-severity":"9.5","name":"Array Without Maximum Number of Items (v3)","id":"6998389e-66b2-473d-8d05-c8d71ac4d04d [Taken from query_id] (kics)","description":"Array schema should have the field 'maxItems' set Value: Array schema has 'maxItems' set Excepted value: Array schema has 'maxItems' undefined","tags":["security","checkmarx","kics"]}},{"id":"15834639595142631548 (sast)","name":"Angular Client Stored DOM XSS","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n","markdown":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n"},"fullDescription":{"text":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n"},"properties":{"security-severity":"9.5","name":"Angular Client Stored DOM XSS","id":"15834639595142631548 (sast)","description":"The method @DestinationMethod embeds untrusted data in generated output with @DestinationElement, at line @DestinationLine of @DestinationFile. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.\n\n","tags":["security","checkmarx","sast"]}},{"id":"d651cca2-2156-4d17-8e76-423e68de5c8b [Taken from query_id] (kics)","name":"Passwords And Secrets - Google OAuth","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source","markdown":"Query to find passwords and secrets in infrastructure code. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Hardcoded secret key appears in source \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Hardcoded secret key should not appear in source"},"fullDescription":{"text":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source"},"properties":{"security-severity":"9.5","name":"Passwords And Secrets - Google OAuth","id":"d651cca2-2156-4d17-8e76-423e68de5c8b [Taken from query_id] (kics)","description":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source","tags":["security","checkmarx","kics"]}},{"id":"3e2d3b2f-c22a-4df1-9cc6-a7a0aebb0c99 [Taken from query_id] (kics)","name":"Passwords And Secrets - Generic Secret","helpUri":"https://checkmarx.com/resource/documents/en/34965-67042-checkmarx-one.html","help":{"text":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source","markdown":"Query to find passwords and secrets in infrastructure code. \u003cbr\u003e\u003cbr\u003e\u003cstrong\u003eValue:\u003c/strong\u003e Hardcoded secret key appears in source \u003cbr\u003e\u003cstrong\u003eExcepted value:\u003c/strong\u003e Hardcoded secret key should not appear in source"},"fullDescription":{"text":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source"},"properties":{"security-severity":"9.5","name":"Passwords And Secrets - Generic Secret","id":"3e2d3b2f-c22a-4df1-9cc6-a7a0aebb0c99 [Taken from query_id] (kics)","description":"Query to find passwords and secrets in infrastructure code. Value: Hardcoded secret key appears in source Excepted value: Hardcoded secret key should not appear in source","tags":["security","checkmarx","kics"]}}]}},"results":[{"ruleId":"a9228976-10cf-4b5f-b902-9e962aad037a [Taken from query_id] (kics)","level":"note","message":{"text":"Type Has Invalid Keyword (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"a9228976-10cf-4b5f-b902-9e962aad037a [Taken from query_id] (kics)","level":"note","message":{"text":"Type Has Invalid Keyword (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"d172a060-8569-4412-8045-3560ebd477e8 [Taken from query_id] (kics)","level":"note","message":{"text":"Object Without Required Property (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":19,"startColumn":1,"endColumn":2}}}]},{"ruleId":"5915c20f-dffa-4cee-b5d4-f457ddc0151a [Taken from query_id] (kics)","level":"note","message":{"text":"Empty Array"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":49,"startColumn":1,"endColumn":2}}}]},{"ruleId":"a0bf7382-5d5a-4224-924c-3db8466026c9 [Taken from query_id] (kics)","level":"note","message":{"text":"Server URL Not Absolute"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":4,"startColumn":1,"endColumn":2}}}]},{"ruleId":"a9228976-10cf-4b5f-b902-9e962aad037a [Taken from query_id] (kics)","level":"note","message":{"text":"Type Has Invalid Keyword (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":32,"startColumn":1,"endColumn":2}}}]},{"ruleId":"ae9c56a6-3ed1-4ac0-9b54-31267f51151d [Taken from query_id] (kics)","level":"note","message":{"text":"Apk Add Using Local Cache Path"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/smoke/Dockerfile"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/memoryApiSpec.ts"},"region":{"startLine":88,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/memoryApiSpec.ts"},"region":{"startLine":88,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":89,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":89,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":92,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":92,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.spec.ts"},"region":{"startLine":92,"startColumn":88,"endColumn":110}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.spec.ts"},"region":{"startLine":92,"startColumn":86,"endColumn":87}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":93,"startColumn":19,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":93,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":94,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":94,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":96,"startColumn":71,"endColumn":90}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":96,"startColumn":69,"endColumn":70}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/basketApiSpec.ts"},"region":{"startLine":100,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/basketApiSpec.ts"},"region":{"startLine":100,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":100,"startColumn":19,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":100,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":100,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":100,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/restApiSpec.ts"},"region":{"startLine":100,"startColumn":99,"endColumn":109}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/restApiSpec.ts"},"region":{"startLine":100,"startColumn":97,"endColumn":98}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":103,"startColumn":19,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":103,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/productReviewApiSpec.ts"},"region":{"startLine":104,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/productReviewApiSpec.ts"},"region":{"startLine":104,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/noSqlSpec.ts"},"region":{"startLine":106,"startColumn":105,"endColumn":118}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/noSqlSpec.ts"},"region":{"startLine":106,"startColumn":103,"endColumn":104}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":108,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":108,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":110,"startColumn":21,"endColumn":83}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":110,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":111,"startColumn":19,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":111,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":113,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":113,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":115,"startColumn":19,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":115,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/feedbackApiSpec.ts"},"region":{"startLine":118,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/feedbackApiSpec.ts"},"region":{"startLine":118,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":119,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":119,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":125,"startColumn":19,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":125,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":128,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":128,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":128,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":128,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":130,"startColumn":19,"endColumn":56}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":130,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":136,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":136,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":144,"startColumn":21,"endColumn":38}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":144,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":146,"startColumn":19,"endColumn":81}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":146,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":148,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":148,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":148,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":148,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":151,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":151,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/feedbackApiSpec.ts"},"region":{"startLine":151,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/feedbackApiSpec.ts"},"region":{"startLine":151,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":153,"startColumn":47,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":153,"startColumn":45,"endColumn":46}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":153,"startColumn":75,"endColumn":85}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":153,"startColumn":73,"endColumn":74}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":154,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":154,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":161,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":161,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/loginSpec.ts"},"region":{"startLine":161,"startColumn":75,"endColumn":85}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/loginSpec.ts"},"region":{"startLine":161,"startColumn":73,"endColumn":74}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":167,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":167,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":172,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":172,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":188,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":188,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":189,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":189,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":191,"startColumn":19,"endColumn":86}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":191,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":193,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":193,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":205,"startColumn":19,"endColumn":53}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":205,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":210,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":210,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":216,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":216,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":231,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":231,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":232,"startColumn":19,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":232,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":235,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":235,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":249,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":249,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":254,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":254,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":265,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":265,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":271,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":271,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":280,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":280,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":280,"startColumn":32,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":280,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":280,"startColumn":21,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":280,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":286,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":286,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":288,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":288,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":330,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":330,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":431,"startColumn":32,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":431,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":431,"startColumn":21,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":431,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":17,"startColumn":41,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":17,"startColumn":37,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":17,"startColumn":25,"endColumn":36}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":21,"startColumn":48,"endColumn":59}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":21,"startColumn":44,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":21,"startColumn":32,"endColumn":43}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":62,"startColumn":156,"endColumn":166}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":62,"startColumn":152,"endColumn":155}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":62,"startColumn":143,"endColumn":151}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":63,"startColumn":158,"endColumn":190}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":63,"startColumn":154,"endColumn":157}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":63,"startColumn":145,"endColumn":153}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":64,"startColumn":163,"endColumn":176}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":64,"startColumn":159,"endColumn":162}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":64,"startColumn":150,"endColumn":158}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":65,"startColumn":150,"endColumn":176}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":65,"startColumn":146,"endColumn":149}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":65,"startColumn":137,"endColumn":145}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":66,"startColumn":164,"endColumn":196}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":66,"startColumn":160,"endColumn":163}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":66,"startColumn":151,"endColumn":159}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":67,"startColumn":146,"endColumn":184}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":67,"startColumn":142,"endColumn":145}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":67,"startColumn":133,"endColumn":141}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":136,"startColumn":36,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":136,"startColumn":11,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":140,"startColumn":46,"endColumn":60}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.spec.ts"},"region":{"startLine":57,"startColumn":21,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":47,"startColumn":10,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":49,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":49,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.spec.ts"},"region":{"startLine":73,"startColumn":23,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":55,"startColumn":12,"endColumn":20}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":56,"startColumn":75,"endColumn":83}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":56,"startColumn":75,"endColumn":83}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":41,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":39,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":84,"endColumn":93}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":53,"endColumn":58}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":51,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":84,"endColumn":93}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":68,"endColumn":73}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":66,"endColumn":67}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":84,"endColumn":93}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":41,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":39,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":5,"endColumn":14}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":53,"endColumn":58}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":51,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":5,"endColumn":14}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":68,"endColumn":73}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":66,"endColumn":67}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":5,"endColumn":14}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":41,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":39,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":34,"endColumn":43}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":53,"endColumn":58}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":51,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":34,"endColumn":43}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":68,"endColumn":73}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.spec.ts"},"region":{"startLine":89,"startColumn":66,"endColumn":67}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":34,"endColumn":43}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":226,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":226,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":236,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":236,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":270,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":270,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":298,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":298,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":308,"startColumn":21,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":308,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":326,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":326,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":336,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":336,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":349,"startColumn":22,"endColumn":59}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":349,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":362,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":362,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":381,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":381,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":397,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":397,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":415,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":415,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":26,"startColumn":56,"endColumn":72}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":26,"startColumn":27,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":26,"startColumn":5,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":27,"startColumn":5,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":27,"startColumn":17,"endColumn":31}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.spec.ts"},"region":{"startLine":34,"startColumn":56,"endColumn":71}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.spec.ts"},"region":{"startLine":34,"startColumn":27,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.spec.ts"},"region":{"startLine":34,"startColumn":5,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.spec.ts"},"region":{"startLine":35,"startColumn":5,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.spec.ts"},"region":{"startLine":35,"startColumn":17,"endColumn":30}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":73,"startColumn":19,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":100,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":128,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":161,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":191,"startColumn":19,"endColumn":86}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":235,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":16,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":20,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":135,"startColumn":30,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":135,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":137,"startColumn":40,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":137,"startColumn":31,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":137,"startColumn":15,"endColumn":30}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":104,"startColumn":17,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":104,"startColumn":15,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":17,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":17,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":127,"startColumn":17,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":127,"startColumn":15,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":13,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":17,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":17,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":117,"startColumn":19,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":117,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":40,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":31,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":15,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":120,"startColumn":12,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":120,"startColumn":22,"endColumn":37}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":117,"startColumn":19,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":117,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":121,"startColumn":16,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":121,"startColumn":25,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":121,"startColumn":5,"endColumn":13}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":122,"startColumn":40,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":122,"startColumn":31,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":122,"startColumn":15,"endColumn":30}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":162,"startColumn":17,"endColumn":54}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":162,"startColumn":15,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":187,"startColumn":17,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":187,"startColumn":15,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":349,"startColumn":22,"endColumn":59}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":349,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":352,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":352,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":23,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":198,"startColumn":22,"endColumn":86}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":198,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":200,"startColumn":48,"endColumn":56}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":200,"startColumn":57,"endColumn":63}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":200,"startColumn":40,"endColumn":44}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":202,"startColumn":12,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":208,"startColumn":17,"endColumn":33}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":208,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":117,"startColumn":19,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":117,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":40,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":31,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":15,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":119,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":122,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":123,"startColumn":12,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":123,"startColumn":22,"endColumn":37}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/about/about.component.ts"},"region":{"startLine":81,"startColumn":47,"endColumn":70}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/administration/administration.component.ts"},"region":{"startLine":51,"startColumn":37,"endColumn":60}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/administration/administration.component.ts"},"region":{"startLine":66,"startColumn":43,"endColumn":66}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/data-export/data-export.component.ts"},"region":{"startLine":45,"startColumn":37,"endColumn":60}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":36,"startColumn":43,"endColumn":66}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/search-result/search-result.component.ts"},"region":{"startLine":126,"startColumn":49,"endColumn":72}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/search-result/search-result.component.ts"},"region":{"startLine":152,"startColumn":41,"endColumn":64}}}]},{"ruleId":"2211341642471709656 (sast)","level":"note","message":{"text":"Angular Usage of Unsafe DOM Sanitizer"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/track-result/track-result.component.ts"},"region":{"startLine":42,"startColumn":45,"endColumn":68}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":33,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":26,"startColumn":19,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":26,"startColumn":10,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":27,"startColumn":6,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":6,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":17,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":9,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":69,"endColumn":72}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":25,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":15,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":6,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":17,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":9,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":31,"endColumn":55}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":25,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":15,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":6,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":17,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":9,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":51,"startColumn":22,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":51,"startColumn":15,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":51,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":52,"startColumn":15,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":52,"startColumn":11,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":52,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":58,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":62,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":67,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":43,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":22,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":9,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":97,"startColumn":5,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":103,"startColumn":22,"endColumn":32}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}}]},{"ruleId":"3455652598283285801 (sast)","level":"note","message":{"text":"Client Hardcoded Domain"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/index.html"},"region":{"startLine":15,"startColumn":44,"endColumn":120}}}]},{"ruleId":"3455652598283285801 (sast)","level":"note","message":{"text":"Client Hardcoded Domain"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/index.html"},"region":{"startLine":16,"startColumn":44,"endColumn":105}}}]},{"ruleId":"3455652598283285801 (sast)","level":"note","message":{"text":"Client Hardcoded Domain"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/index.html"},"region":{"startLine":14,"startColumn":48,"endColumn":123}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":57,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":57,"startColumn":15,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":57,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":58,"startColumn":15,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":58,"startColumn":11,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":58,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":62,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":67,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":43,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":22,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":9,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":97,"startColumn":5,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":103,"startColumn":22,"endColumn":32}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":61,"startColumn":25,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":61,"startColumn":18,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":61,"startColumn":5,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":62,"startColumn":15,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":62,"startColumn":11,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":62,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":67,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":43,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":22,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":9,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":97,"startColumn":5,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":103,"startColumn":22,"endColumn":32}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":66,"startColumn":29,"endColumn":42}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":66,"startColumn":22,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":66,"startColumn":5,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":67,"startColumn":15,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":67,"startColumn":11,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":67,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":43,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":22,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":96,"startColumn":9,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":97,"startColumn":5,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/assets/private/threejs-demo.html"},"region":{"startLine":103,"startColumn":22,"endColumn":32}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":67,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}}]},{"ruleId":"Cxda14f253-4e52 (sca)","level":"note","message":{"text":"Npm-bluebird-3.7.2 (Cxda14f253-4e52)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxda14f253-4e52 (sca)","level":"note","message":{"text":"Npm-bluebird-3.7.2 (Cxda14f253-4e52)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxda14f253-4e52 (sca)","level":"note","message":{"text":"Npm-bluebird-3.4.7 (Cxda14f253-4e52)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"models/index.ts"},"region":{"startLine":11,"startColumn":57,"endColumn":67}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":38,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":24,"startColumn":26,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":52,"endColumn":56}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":26,"startColumn":19,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":26,"startColumn":10,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":27,"startColumn":6,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":6,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":17,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":9,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":59,"endColumn":65}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":25,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":26,"startColumn":19,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":26,"startColumn":10,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":27,"startColumn":6,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":28,"startColumn":6,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":23,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":17,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":91,"startColumn":9,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":5,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":22,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":94,"startColumn":41,"endColumn":49}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":19}}}]},{"ruleId":"aa93e17f-b6db-4162-9334-c70334e7ac28 [Taken from query_id] (kics)","level":"note","message":{"text":"Chown Flag Exists"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"Dockerfile"},"region":{"startLine":27,"startColumn":1,"endColumn":2}}}]},{"ruleId":"ce76b7d0-9e77-464d-b86f-c5c48e03e22d [Taken from query_id] (kics)","level":"note","message":{"text":"Container Capabilities Unrestricted"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":7,"startColumn":1,"endColumn":2}}}]},{"ruleId":"ce76b7d0-9e77-464d-b86f-c5c48e03e22d [Taken from query_id] (kics)","level":"note","message":{"text":"Container Capabilities Unrestricted"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6b610c50-99fb-4ef0-a5f3-e312fd945bc3 [Taken from query_id] (kics)","level":"note","message":{"text":"Cpus Not Limited"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"729519850006803664 (sast)","level":"note","message":{"text":"Missing CSP Header"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"lib/insecurity.js"},"region":{"startLine":141,"startColumn":23,"endColumn":27}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":57,"startColumn":44,"endColumn":52}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":23,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":21,"endColumn":22}}}]},{"ruleId":"6b610c50-99fb-4ef0-a5f3-e312fd945bc3 [Taken from query_id] (kics)","level":"note","message":{"text":"Cpus Not Limited"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":7,"startColumn":1,"endColumn":2}}}]},{"ruleId":"b03a748a-542d-44f4-bb86-9199ab4fd2d5 [Taken from query_id] (kics)","level":"note","message":{"text":"Healthcheck Instruction Missing"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/smoke/Dockerfile"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"b03a748a-542d-44f4-bb86-9199ab4fd2d5 [Taken from query_id] (kics)","level":"note","message":{"text":"Healthcheck Instruction Missing"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"Dockerfile"},"region":{"startLine":9,"startColumn":1,"endColumn":2}}}]},{"ruleId":"11100132039797172543 (sast)","level":"note","message":{"text":"Client DOM Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":32,"startColumn":33,"endColumn":41}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":32,"startColumn":33,"endColumn":41}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":15,"startColumn":12,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":15,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":15,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":15,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.html"},"region":{"startLine":1,"startColumn":44,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.html"},"region":{"startLine":73,"startColumn":74,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":107,"startColumn":10,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address-create/address-create.component.ts"},"region":{"startLine":107,"startColumn":19,"endColumn":23}}}]},{"ruleId":"11100132039797172543 (sast)","level":"note","message":{"text":"Client DOM Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":33,"startColumn":33,"endColumn":41}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":33,"startColumn":33,"endColumn":41}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":20,"startColumn":12,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":20,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":20,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":20,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.html"},"region":{"startLine":1,"startColumn":45,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.html"},"region":{"startLine":33,"startColumn":73,"endColumn":76}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.html"},"region":{"startLine":45,"startColumn":76,"endColumn":79}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":57,"startColumn":10,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/delivery-method/delivery-method.component.ts"},"region":{"startLine":57,"startColumn":19,"endColumn":23}}}]},{"ruleId":"6215771209953606521 (sast)","level":"note","message":{"text":"Client Weak Cryptographic Hash"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"lib/insecurity.js"},"region":{"startLine":21,"startColumn":31,"endColumn":41}}}]},{"ruleId":"6215771209953606521 (sast)","level":"note","message":{"text":"Client Weak Cryptographic Hash"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"Gruntfile.js"},"region":{"startLine":73,"startColumn":26,"endColumn":36}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":12,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":12,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":13,"startColumn":18,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":15,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":16,"startColumn":14,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":23,"startColumn":20,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":25,"startColumn":44,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":25,"startColumn":23,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":25,"startColumn":7,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":30,"startColumn":41,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":30,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":30,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":15,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":16,"startColumn":14,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":23,"startColumn":20,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":25,"startColumn":44,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":25,"startColumn":23,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":25,"startColumn":7,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":30,"startColumn":41,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":30,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/fileServer.ts"},"region":{"startLine":30,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":9,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":9,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":10,"startColumn":18,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":10,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":10,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":12,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":13,"startColumn":42,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":10,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":10,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":12,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":13,"startColumn":42,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/logfileServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":9,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":9,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":10,"startColumn":18,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":10,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":10,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":12,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":13,"startColumn":52,"endColumn":56}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":10,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":10,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":12,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":13,"startColumn":52,"endColumn":56}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/keyServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":9,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":9,"startColumn":13,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":10,"startColumn":18,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":10,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":10,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":12,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":13,"startColumn":52,"endColumn":56}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":10,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":10,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":12,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":13,"startColumn":52,"endColumn":56}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":13,"startColumn":25,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/quarantineServer.ts"},"region":{"startLine":13,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":11,"startColumn":13,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":11,"startColumn":13,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":12,"startColumn":19,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":12,"startColumn":25,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":12,"startColumn":11,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":16,"startColumn":20,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":16,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":12,"startColumn":25,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":12,"startColumn":11,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":16,"startColumn":20,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/redirect.ts"},"region":{"startLine":16,"startColumn":11,"endColumn":19}}}]},{"ruleId":"1110909642375850288 (sast)","level":"note","message":{"text":"Open Redirect"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":59,"startColumn":51,"endColumn":54}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":59,"startColumn":46,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":59,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":63,"startColumn":28,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":63,"startColumn":13,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":63,"startColumn":19,"endColumn":23}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":71,"startColumn":16,"endColumn":20}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":71,"startColumn":21,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":71,"startColumn":14,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/2fa.ts"},"region":{"startLine":68,"startColumn":11,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":23,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":23,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":23,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":23,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":23,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":49,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":411,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":414,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":377,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":380,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":321,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":325,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}}]},{"ruleId":"17155209939029667221 (sast)","level":"note","message":{"text":"Unsafe Use Of Target blank"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/photo-wall/photo-wall.component.html"},"region":{"startLine":14,"startColumn":25,"endColumn":221}}}]},{"ruleId":"17155209939029667221 (sast)","level":"note","message":{"text":"Unsafe Use Of Target blank"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/score-board/score-board.component.html"},"region":{"startLine":168,"startColumn":11,"endColumn":147}}}]},{"ruleId":"9800224272094099502 (sast)","level":"note","message":{"text":"Unprotected Cookie"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"lib/insecurity.js"},"region":{"startLine":174,"startColumn":15,"endColumn":21}}}]},{"ruleId":"9800224272094099502 (sast)","level":"note","message":{"text":"Unprotected Cookie"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/updateUserProfile.ts"},"region":{"startLine":27,"startColumn":15,"endColumn":21}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":293,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":297,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":265,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":269,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":22,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":221,"startColumn":11,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":225,"startColumn":29,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":26,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":44,"startColumn":35,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/2faSpec.ts"},"region":{"startLine":48,"startColumn":7,"endColumn":15}}}]},{"ruleId":"16841165964473079218 (sast)","level":"note","message":{"text":"Use of Broken or Risky Cryptographic Algorithm"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"lib/insecurity.js"},"region":{"startLine":21,"startColumn":42,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"lib/insecurity.js"},"region":{"startLine":21,"startColumn":31,"endColumn":41}}}]},{"ruleId":"16841165964473079218 (sast)","level":"note","message":{"text":"Use of Broken or Risky Cryptographic Algorithm"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"Gruntfile.js"},"region":{"startLine":73,"startColumn":37,"endColumn":42}}},{"physicalLocation":{"artifactLocation":{"uri":"Gruntfile.js"},"region":{"startLine":73,"startColumn":26,"endColumn":36}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/b2bOrderSpec.ts"},"region":{"startLine":10,"startColumn":95,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/b2bOrderSpec.ts"},"region":{"startLine":10,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/administrationSpec.ts"},"region":{"startLine":10,"startColumn":97,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/administrationSpec.ts"},"region":{"startLine":10,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/chatbotSpec.ts"},"region":{"startLine":11,"startColumn":95,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/chatbotSpec.ts"},"region":{"startLine":11,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/deluxeSpec.ts"},"region":{"startLine":11,"startColumn":95,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/deluxeSpec.ts"},"region":{"startLine":11,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/profileSpec.ts"},"region":{"startLine":12,"startColumn":95,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/profileSpec.ts"},"region":{"startLine":12,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/changePasswordSpec.ts"},"region":{"startLine":12,"startColumn":97,"endColumn":133}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/changePasswordSpec.ts"},"region":{"startLine":12,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/basketSpec.ts"},"region":{"startLine":12,"startColumn":97,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/basketSpec.ts"},"region":{"startLine":12,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/complainSpec.ts"},"region":{"startLine":13,"startColumn":95,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/complainSpec.ts"},"region":{"startLine":13,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/restApiSpec.ts"},"region":{"startLine":13,"startColumn":99,"endColumn":109}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/restApiSpec.ts"},"region":{"startLine":13,"startColumn":97,"endColumn":98}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/noSqlSpec.ts"},"region":{"startLine":16,"startColumn":99,"endColumn":109}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/noSqlSpec.ts"},"region":{"startLine":16,"startColumn":97,"endColumn":98}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":17,"startColumn":99,"endColumn":109}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":17,"startColumn":97,"endColumn":98}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/walletApiSpec.ts"},"region":{"startLine":18,"startColumn":17,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/walletApiSpec.ts"},"region":{"startLine":18,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":18,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":18,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userProfileSpec.ts"},"region":{"startLine":19,"startColumn":17,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userProfileSpec.ts"},"region":{"startLine":19,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/paymentApiSpec.ts"},"region":{"startLine":20,"startColumn":17,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/paymentApiSpec.ts"},"region":{"startLine":20,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/addressApiSpec.ts"},"region":{"startLine":20,"startColumn":17,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/addressApiSpec.ts"},"region":{"startLine":20,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/basketItemApiSpec.ts"},"region":{"startLine":20,"startColumn":17,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/basketItemApiSpec.ts"},"region":{"startLine":20,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":20,"startColumn":19,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":20,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":20,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":20,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":20,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":20,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/erasureRequestApiSpec.ts"},"region":{"startLine":21,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/erasureRequestApiSpec.ts"},"region":{"startLine":21,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/deluxeSpec.ts"},"region":{"startLine":21,"startColumn":95,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/deluxeSpec.ts"},"region":{"startLine":21,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/administrationSpec.ts"},"region":{"startLine":21,"startColumn":97,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/administrationSpec.ts"},"region":{"startLine":21,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/dataExportSpec.ts"},"region":{"startLine":21,"startColumn":97,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/dataExportSpec.ts"},"region":{"startLine":21,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":22,"startColumn":21,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":22,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/basketApiSpec.ts"},"region":{"startLine":24,"startColumn":17,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/basketApiSpec.ts"},"region":{"startLine":24,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/contactSpec.ts"},"region":{"startLine":24,"startColumn":97,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/contactSpec.ts"},"region":{"startLine":24,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":25,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":25,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/memoryApiSpec.ts"},"region":{"startLine":25,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/memoryApiSpec.ts"},"region":{"startLine":25,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":27,"startColumn":19,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":27,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":29,"startColumn":23,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":29,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":32,"startColumn":23,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":32,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/totpSetupSpec.ts"},"region":{"startLine":33,"startColumn":17,"endColumn":54}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/totpSetupSpec.ts"},"region":{"startLine":33,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":33,"startColumn":29,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":33,"startColumn":27,"endColumn":28}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/changePasswordSpec.ts"},"region":{"startLine":33,"startColumn":98,"endColumn":124}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/changePasswordSpec.ts"},"region":{"startLine":33,"startColumn":96,"endColumn":97}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":34,"startColumn":19,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":34,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":36,"startColumn":23,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":36,"startColumn":21,"endColumn":22}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":37,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":37,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/erasureRequestApiSpec.ts"},"region":{"startLine":37,"startColumn":27,"endColumn":65}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/erasureRequestApiSpec.ts"},"region":{"startLine":37,"startColumn":25,"endColumn":26}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":41,"startColumn":19,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":41,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/securityAnswerApiSpec.ts"},"region":{"startLine":44,"startColumn":17,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/securityAnswerApiSpec.ts"},"region":{"startLine":44,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/totpSetupSpec.ts"},"region":{"startLine":45,"startColumn":95,"endColumn":121}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/totpSetupSpec.ts"},"region":{"startLine":45,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":47,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":47,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":47,"startColumn":19,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/passwordApiSpec.ts"},"region":{"startLine":47,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/contactSpec.ts"},"region":{"startLine":49,"startColumn":99,"endColumn":109}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/contactSpec.ts"},"region":{"startLine":49,"startColumn":97,"endColumn":98}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":51,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/profileImageUploadSpec.ts"},"region":{"startLine":51,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":51,"startColumn":21,"endColumn":83}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":51,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":52,"startColumn":17,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":52,"startColumn":15,"endColumn":16}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":52,"startColumn":19,"endColumn":81}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":52,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":53,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":54,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":54,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":55,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":55,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":59,"startColumn":19,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":59,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/memoryApiSpec.ts"},"region":{"startLine":62,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/memoryApiSpec.ts"},"region":{"startLine":62,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.spec.ts"},"region":{"startLine":64,"startColumn":52,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.spec.ts"},"region":{"startLine":64,"startColumn":50,"endColumn":51}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/searchSpec.ts"},"region":{"startLine":67,"startColumn":97,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/searchSpec.ts"},"region":{"startLine":67,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/noSqlSpec.ts"},"region":{"startLine":69,"startColumn":105,"endColumn":118}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/noSqlSpec.ts"},"region":{"startLine":69,"startColumn":103,"endColumn":104}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":70,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":70,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":70,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":70,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":71,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/quantityApiSpec.ts"},"region":{"startLine":71,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/basketSpec.ts"},"region":{"startLine":71,"startColumn":95,"endColumn":105}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/basketSpec.ts"},"region":{"startLine":71,"startColumn":93,"endColumn":94}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":72,"startColumn":19,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/orderHistoryApiSpec.ts"},"region":{"startLine":72,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":73,"startColumn":19,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/chatBotSpec.ts"},"region":{"startLine":73,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":76,"startColumn":19,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/dataExportApiSpec.ts"},"region":{"startLine":76,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":74,"endColumn":81}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":72,"endColumn":73}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/searchSpec.ts"},"region":{"startLine":77,"startColumn":97,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/searchSpec.ts"},"region":{"startLine":77,"startColumn":95,"endColumn":96}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.spec.ts"},"region":{"startLine":80,"startColumn":52,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.spec.ts"},"region":{"startLine":80,"startColumn":50,"endColumn":51}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":99,"endColumn":106}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":97,"endColumn":98}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":81,"startColumn":19,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/userApiSpec.ts"},"region":{"startLine":81,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":82,"startColumn":21,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deliveryApiSpec.ts"},"region":{"startLine":82,"startColumn":19,"endColumn":20}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":85,"startColumn":19,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/loginApiSpec.ts"},"region":{"startLine":85,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.spec.ts"},"region":{"startLine":85,"startColumn":87,"endColumn":109}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.spec.ts"},"region":{"startLine":85,"startColumn":85,"endColumn":86}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.spec.ts"},"region":{"startLine":85,"startColumn":127,"endColumn":149}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.spec.ts"},"region":{"startLine":85,"startColumn":125,"endColumn":126}}}]},{"ruleId":"2783517675732844652 (sast)","level":"note","message":{"text":"Use Of Hardcoded Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":88,"startColumn":19,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"test/api/deluxeApiSpec.ts"},"region":{"startLine":88,"startColumn":17,"endColumn":18}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":72,"endColumn":73}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":25,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":15,"endColumn":19}}}]},{"ruleId":"9f88c88d-824d-4d9a-b985-e22977046042 [Taken from query_id] (kics)","level":"warning","message":{"text":"Additional Properties Too Permissive"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":30,"startColumn":1,"endColumn":2}}}]},{"ruleId":"9f88c88d-824d-4d9a-b985-e22977046042 [Taken from query_id] (kics)","level":"warning","message":{"text":"Additional Properties Too Permissive"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":36,"startColumn":1,"endColumn":2}}}]},{"ruleId":"9f88c88d-824d-4d9a-b985-e22977046042 [Taken from query_id] (kics)","level":"warning","message":{"text":"Additional Properties Too Permissive"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":40,"startColumn":1,"endColumn":2}}}]},{"ruleId":"9f88c88d-824d-4d9a-b985-e22977046042 [Taken from query_id] (kics)","level":"warning","message":{"text":"Additional Properties Too Permissive"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":43,"startColumn":1,"endColumn":2}}}]},{"ruleId":"9f88c88d-824d-4d9a-b985-e22977046042 [Taken from query_id] (kics)","level":"warning","message":{"text":"Additional Properties Too Permissive"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":33,"startColumn":1,"endColumn":2}}}]},{"ruleId":"86e3702f-c868-44b2-b61d-ea5316c18110 [Taken from query_id] (kics)","level":"warning","message":{"text":"Default Response Undefined On Operations (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"2d8c175a-6d90-412b-8b0e-e034ea49a1fe [Taken from query_id] (kics)","level":"warning","message":{"text":"Global Server Object Uses HTTP"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":4,"startColumn":1,"endColumn":2}}}]},{"ruleId":"698ed579-b239-4f8f-a388-baa4bcb13ef8 [Taken from query_id] (kics)","level":"warning","message":{"text":"Healthcheck Not Set"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"698ed579-b239-4f8f-a388-baa4bcb13ef8 [Taken from query_id] (kics)","level":"warning","message":{"text":"Healthcheck Not Set"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":7,"startColumn":1,"endColumn":2}}}]},{"ruleId":"4f31dd9f-2cc3-4751-9b53-67e4af83dac0 [Taken from query_id] (kics)","level":"warning","message":{"text":"Host Namespace is Shared"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":7,"startColumn":1,"endColumn":2}}}]},{"ruleId":"4f31dd9f-2cc3-4751-9b53-67e4af83dac0 [Taken from query_id] (kics)","level":"warning","message":{"text":"Host Namespace is Shared"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"9efb0b2d-89c9-41a3-91ca-dcc0aec911fd [Taken from query_id] (kics)","level":"warning","message":{"text":"Image Version Not Explicit"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/smoke/Dockerfile"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"e2ffa504-d22a-4c94-b6c5-f661849d2db7 [Taken from query_id] (kics)","level":"warning","message":{"text":"JSON Object Schema Without Type (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"e2ffa504-d22a-4c94-b6c5-f661849d2db7 [Taken from query_id] (kics)","level":"warning","message":{"text":"JSON Object Schema Without Type (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":22,"startColumn":1,"endColumn":2}}}]},{"ruleId":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","level":"warning","message":{"text":"Maximum Length Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","level":"warning","message":{"text":"Maximum Length Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":39,"startColumn":1,"endColumn":2}}}]},{"ruleId":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","level":"warning","message":{"text":"Maximum Length Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":45,"startColumn":1,"endColumn":2}}}]},{"ruleId":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","level":"warning","message":{"text":"Maximum Length Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","level":"warning","message":{"text":"Maximum Length Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85 [Taken from query_id] (kics)","level":"warning","message":{"text":"Maximum Length Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":32,"startColumn":1,"endColumn":2}}}]},{"ruleId":"bb9ac4f7-e13b-423d-a010-c74a1bfbe492 [Taken from query_id] (kics)","level":"warning","message":{"text":"Memory Not Limited"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":7,"startColumn":1,"endColumn":2}}}]},{"ruleId":"bb9ac4f7-e13b-423d-a010-c74a1bfbe492 [Taken from query_id] (kics)","level":"warning","message":{"text":"Memory Not Limited"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"e36d8880-3f78-4546-b9a1-12f0745ca0d5 [Taken from query_id] (kics)","level":"warning","message":{"text":"NPM Install Command Without Pinned Version"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"Dockerfile"},"region":{"startLine":4,"startColumn":1,"endColumn":2}}}]},{"ruleId":"ce14a68b-1668-41a0-ab7d-facd9f784742 [Taken from query_id] (kics)","level":"warning","message":{"text":"Networks Not Set"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"ce14a68b-1668-41a0-ab7d-facd9f784742 [Taken from query_id] (kics)","level":"warning","message":{"text":"Networks Not Set"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":7,"startColumn":1,"endColumn":2}}}]},{"ruleId":"fbf699b5-ef74-4542-9cf1-f6eeac379373 [Taken from query_id] (kics)","level":"warning","message":{"text":"Numeric Schema Without Format (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":39,"startColumn":1,"endColumn":2}}}]},{"ruleId":"fbf699b5-ef74-4542-9cf1-f6eeac379373 [Taken from query_id] (kics)","level":"warning","message":{"text":"Numeric Schema Without Format (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":39,"startColumn":1,"endColumn":2}}}]},{"ruleId":"2ea04bef-c769-409e-9179-ee3a50b5c0ac [Taken from query_id] (kics)","level":"warning","message":{"text":"Numeric Schema Without Maximum (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":39,"startColumn":1,"endColumn":2}}}]},{"ruleId":"2ea04bef-c769-409e-9179-ee3a50b5c0ac [Taken from query_id] (kics)","level":"warning","message":{"text":"Numeric Schema Without Maximum (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":39,"startColumn":1,"endColumn":2}}}]},{"ruleId":"181bd815-767e-4e95-a24d-bb3c87328e19 [Taken from query_id] (kics)","level":"warning","message":{"text":"Numeric Schema Without Minimum (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":39,"startColumn":1,"endColumn":2}}}]},{"ruleId":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","level":"warning","message":{"text":"Pattern Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","level":"warning","message":{"text":"Pattern Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","level":"warning","message":{"text":"Pattern Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":35,"startColumn":1,"endColumn":2}}}]},{"ruleId":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","level":"warning","message":{"text":"Pattern Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":32,"startColumn":1,"endColumn":2}}}]},{"ruleId":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","level":"warning","message":{"text":"Pattern Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":39,"startColumn":1,"endColumn":2}}}]},{"ruleId":"00b78adf-b83f-419c-8ed8-c6018441dd3a [Taken from query_id] (kics)","level":"warning","message":{"text":"Pattern Undefined (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":45,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","level":"warning","message":{"text":"Response Code Missing (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","level":"warning","message":{"text":"Response Code Missing (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","level":"warning","message":{"text":"Response Code Missing (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","level":"warning","message":{"text":"Response Code Missing (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","level":"warning","message":{"text":"Response Code Missing (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6c35d2c6-09f2-4e5c-a094-e0e91327071d [Taken from query_id] (kics)","level":"warning","message":{"text":"Response Code Missing (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":21,"startColumn":1,"endColumn":2}}}]},{"ruleId":"610e266e-6c12-4bca-9925-1ed0cd29742b [Taken from query_id] (kics)","level":"warning","message":{"text":"Security Opt Not Set"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":7,"startColumn":1,"endColumn":2}}}]},{"ruleId":"610e266e-6c12-4bca-9925-1ed0cd29742b [Taken from query_id] (kics)","level":"warning","message":{"text":"Security Opt Not Set"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"docker-compose.test.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"d3499f6d-1651-41bb-a9a7-de925fea487b [Taken from query_id] (kics)","level":"warning","message":{"text":"Unpinned Package Version in Apk Add"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/smoke/Dockerfile"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"14792830140728517792 (sast)","level":"warning","message":{"text":"Angular Improper Type Pipe Usage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/product-details/product-details.component.html"},"region":{"startLine":38,"startColumn":118,"endColumn":126}}}]},{"ruleId":"14792830140728517792 (sast)","level":"warning","message":{"text":"Angular Improper Type Pipe Usage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/product-details/product-details.component.html"},"region":{"startLine":44,"startColumn":31,"endColumn":39}}}]},{"ruleId":"14792830140728517792 (sast)","level":"warning","message":{"text":"Angular Improper Type Pipe Usage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/product-details/product-details.component.html"},"region":{"startLine":45,"startColumn":43,"endColumn":51}}}]},{"ruleId":"14792830140728517792 (sast)","level":"warning","message":{"text":"Angular Improper Type Pipe Usage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/search-result/search-result.component.html"},"region":{"startLine":20,"startColumn":41,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":74,"startColumn":50,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":75,"startColumn":37,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":75,"startColumn":52,"endColumn":57}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":32,"startColumn":138,"endColumn":152}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":36,"startColumn":37,"endColumn":51}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":32,"startColumn":138,"endColumn":152}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":36,"startColumn":37,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":36,"startColumn":52,"endColumn":57}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":19,"startColumn":12,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.html"},"region":{"startLine":1,"startColumn":37,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.html"},"region":{"startLine":60,"startColumn":111,"endColumn":114}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":72,"startColumn":46,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.spec.ts"},"region":{"startLine":124,"startColumn":15,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":72,"startColumn":46,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":64,"startColumn":12,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":72,"startColumn":46,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":67,"startColumn":12,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":72,"startColumn":46,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":29,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":72,"startColumn":46,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":31,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":47,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":15,"endColumn":23}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":99,"startColumn":42,"endColumn":46}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":15,"endColumn":23}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":99,"startColumn":42,"endColumn":46}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":31,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":31,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":47,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":15,"endColumn":23}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":99,"startColumn":42,"endColumn":46}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":32,"startColumn":138,"endColumn":152}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":37,"startColumn":37,"endColumn":51}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":32,"startColumn":138,"endColumn":152}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":37,"startColumn":37,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":37,"startColumn":52,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":45,"startColumn":63,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":50,"startColumn":37,"endColumn":51}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":45,"startColumn":63,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":50,"startColumn":37,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":50,"startColumn":52,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":74,"startColumn":50,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":79,"startColumn":37,"endColumn":51}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":74,"startColumn":50,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":79,"startColumn":37,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":79,"startColumn":52,"endColumn":55}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":45,"startColumn":63,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":46,"startColumn":37,"endColumn":51}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":45,"startColumn":63,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":50,"startColumn":37,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":50,"startColumn":52,"endColumn":55}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":50,"startColumn":57,"endColumn":65}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":45,"startColumn":63,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":46,"startColumn":37,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth-enter/two-factor-auth-enter.component.ts"},"region":{"startLine":46,"startColumn":52,"endColumn":57}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":74,"startColumn":50,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":75,"startColumn":37,"endColumn":51}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":72,"startColumn":28,"endColumn":39}}}]},{"ruleId":"12781463151729500738 (sast)","level":"warning","message":{"text":"Client HTML5 Store Sensitive data In Web Storage"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/address/address.component.ts"},"region":{"startLine":72,"startColumn":41,"endColumn":45}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":32,"startColumn":21,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":30,"startColumn":27,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":30,"startColumn":17,"endColumn":21}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":33,"startColumn":27,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":30,"startColumn":27,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":30,"startColumn":17,"endColumn":21}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":55,"startColumn":15,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":22,"endColumn":25}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":97,"endColumn":98}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":25,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":77,"startColumn":15,"endColumn":19}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":96,"startColumn":69,"endColumn":70}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":96,"startColumn":25,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/registerSpec.ts"},"region":{"startLine":96,"startColumn":15,"endColumn":19}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/loginSpec.ts"},"region":{"startLine":161,"startColumn":73,"endColumn":74}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/loginSpec.ts"},"region":{"startLine":161,"startColumn":25,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/loginSpec.ts"},"region":{"startLine":161,"startColumn":15,"endColumn":19}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":31,"startColumn":50,"endColumn":58}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":31,"startColumn":59,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":31,"startColumn":54,"endColumn":60}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":31,"startColumn":72,"endColumn":73}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":32,"startColumn":60,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":44,"startColumn":10,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":46,"startColumn":65,"endColumn":71}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":46,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":39,"startColumn":50,"endColumn":58}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":39,"startColumn":59,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":39,"startColumn":54,"endColumn":60}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":39,"startColumn":72,"endColumn":73}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":44,"startColumn":50,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":44,"startColumn":65,"endColumn":70}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":44,"startColumn":60,"endColumn":66}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.html"},"region":{"startLine":44,"startColumn":78,"endColumn":79}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":47,"startColumn":10,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":49,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":49,"startColumn":7,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":48,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":53,"startColumn":50,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":53,"startColumn":65,"endColumn":70}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":53,"startColumn":60,"endColumn":66}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.html"},"region":{"startLine":53,"startColumn":78,"endColumn":79}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":59,"startColumn":50,"endColumn":58}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":59,"startColumn":59,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":59,"startColumn":54,"endColumn":60}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":59,"startColumn":72,"endColumn":73}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":69,"startColumn":50,"endColumn":64}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":69,"startColumn":65,"endColumn":70}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":69,"startColumn":60,"endColumn":66}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.html"},"region":{"startLine":69,"startColumn":78,"endColumn":79}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":22,"startColumn":89,"endColumn":97}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":22,"startColumn":87,"endColumn":88}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":37,"startColumn":9,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":44,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":21,"startColumn":13,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":22,"startColumn":63,"endColumn":71}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/oauth/oauth.component.ts"},"region":{"startLine":22,"startColumn":61,"endColumn":62}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":37,"startColumn":9,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":44,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":62,"startColumn":21,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":59,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":67,"startColumn":27,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":37,"startColumn":9,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":44,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.ts"},"region":{"startLine":27,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.ts"},"region":{"startLine":68,"startColumn":17,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.ts"},"region":{"startLine":68,"startColumn":33,"endColumn":38}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/forgot-password/forgot-password.component.ts"},"region":{"startLine":68,"startColumn":10,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":58,"startColumn":18,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":59,"startColumn":74,"endColumn":80}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":59,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":24,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":21,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":37,"endColumn":42}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":14,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":84,"endColumn":93}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":94,"endColumn":101}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":22,"endColumn":25}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":31,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":31,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":47,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":15,"endColumn":23}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":73,"startColumn":10,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/login/login.component.ts"},"region":{"startLine":74,"startColumn":33,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":44,"startColumn":10,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":46,"startColumn":65,"endColumn":71}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":46,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":32,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":61,"startColumn":22,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":61,"startColumn":38,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":61,"startColumn":15,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":59,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":67,"startColumn":27,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":37,"startColumn":9,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":44,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":32,"startColumn":20,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":31,"startColumn":42,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":31,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":77,"startColumn":12,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":77,"startColumn":31,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":77,"startColumn":58,"endColumn":63}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":47,"startColumn":28,"endColumn":40}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":51,"startColumn":7,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":51,"startColumn":7,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":48,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":37,"startColumn":20,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":36,"startColumn":44,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":36,"startColumn":10,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":91,"startColumn":12,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":91,"startColumn":33,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/two-factor-auth/two-factor-auth.component.ts"},"region":{"startLine":91,"startColumn":57,"endColumn":62}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":55,"startColumn":12,"endColumn":20}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":56,"startColumn":75,"endColumn":83}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":56,"startColumn":75,"endColumn":83}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/two-factor-auth-service.ts"},"region":{"startLine":56,"startColumn":22,"endColumn":26}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":99,"startColumn":15,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":99,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":100,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":101,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":102,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":21,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":37,"endColumn":42}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":14,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":84,"endColumn":93}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":94,"endColumn":101}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":22,"endColumn":25}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":112,"startColumn":15,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":112,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":113,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":114,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.spec.ts"},"region":{"startLine":115,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":21,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":37,"endColumn":42}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/change-password/change-password.component.ts"},"region":{"startLine":38,"startColumn":14,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":53,"startColumn":19,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":84,"endColumn":93}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":94,"endColumn":101}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":54,"startColumn":22,"endColumn":25}}}]},{"ruleId":"2526234764757185080 (sast)","level":"warning","message":{"text":"Client Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":149,"startColumn":15,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":149,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":150,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":151,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":152,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.spec.ts"},"region":{"startLine":155,"startColumn":5,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":61,"startColumn":22,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":61,"startColumn":38,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":61,"startColumn":15,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":59,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/register/register.component.ts"},"region":{"startLine":67,"startColumn":27,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":37,"startColumn":9,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":44,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/Services/user.service.ts"},"region":{"startLine":38,"startColumn":22,"endColumn":26}}}]},{"ruleId":"7567754570932744334 (sast)","level":"warning","message":{"text":"Client Potential XSS"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/hacking-instructor/index.ts"},"region":{"startLine":100,"startColumn":38,"endColumn":42}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/hacking-instructor/index.ts"},"region":{"startLine":100,"startColumn":23,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/hacking-instructor/index.ts"},"region":{"startLine":100,"startColumn":11,"endColumn":20}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"models/address.ts"},"region":{"startLine":10,"startColumn":14,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"models/address.ts"},"region":{"startLine":8,"startColumn":29,"endColumn":35}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"models/address.ts"},"region":{"startLine":24,"startColumn":18,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"models/address.ts"},"region":{"startLine":8,"startColumn":29,"endColumn":35}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":135,"startColumn":22,"endColumn":23}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":132,"startColumn":21,"endColumn":27}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":481,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":488,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":495,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":502,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":509,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":516,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":523,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":530,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":537,"startColumn":16,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":477,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":543,"startColumn":5,"endColumn":13}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":17,"startColumn":37,"endColumn":55}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":17,"startColumn":56,"endColumn":59}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":17,"startColumn":13,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":29,"startColumn":141,"endColumn":153}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":29,"startColumn":154,"endColumn":158}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":29,"startColumn":159,"endColumn":161}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":29,"startColumn":106,"endColumn":107}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/profileImageUrlUpload.ts"},"region":{"startLine":29,"startColumn":85,"endColumn":91}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":104,"startColumn":11,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":104,"startColumn":11,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":97,"startColumn":40,"endColumn":46}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":97,"startColumn":22,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":97,"startColumn":15,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":111,"startColumn":37,"endColumn":41}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":111,"startColumn":42,"endColumn":44}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":170,"startColumn":29,"endColumn":35}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":173,"startColumn":15,"endColumn":21}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":23,"startColumn":37,"endColumn":55}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":23,"startColumn":56,"endColumn":60}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":23,"startColumn":17,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":24,"startColumn":52,"endColumn":60}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":24,"startColumn":61,"endColumn":65}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":24,"startColumn":66,"endColumn":71}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":24,"startColumn":17,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":138,"startColumn":29,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":138,"startColumn":35,"endColumn":42}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":138,"startColumn":18,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/order.ts"},"region":{"startLine":132,"startColumn":21,"endColumn":27}}}]},{"ruleId":"7664451733520405070 (sast)","level":"warning","message":{"text":"Missing Encryption of Sensitive Data"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":14,"startColumn":27,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":14,"startColumn":46,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":14,"startColumn":11,"endColumn":15}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":27,"startColumn":30,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":27,"startColumn":35,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":27,"startColumn":40,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":27,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":27,"startColumn":17,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":37,"startColumn":38,"endColumn":45}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":37,"startColumn":36,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":37,"startColumn":25,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/likeProductReviews.ts"},"region":{"startLine":35,"startColumn":28,"endColumn":34}}}]},{"ruleId":"16735444075637946876 (sast)","level":"warning","message":{"text":"Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":10,"startColumn":11,"endColumn":20}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":11,"startColumn":53,"endColumn":62}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":11,"startColumn":51,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":11,"startColumn":21,"endColumn":25}}}]},{"ruleId":"16735444075637946876 (sast)","level":"warning","message":{"text":"Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":17,"startColumn":11,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":19,"startColumn":55,"endColumn":62}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":19,"startColumn":53,"endColumn":54}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/address.ts"},"region":{"startLine":19,"startColumn":23,"endColumn":27}}}]},{"ruleId":"16735444075637946876 (sast)","level":"warning","message":{"text":"Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":19,"startColumn":32,"endColumn":41}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":19,"startColumn":15,"endColumn":20}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":38,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":38,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":34,"endColumn":35}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":13,"endColumn":17}}}]},{"ruleId":"16735444075637946876 (sast)","level":"warning","message":{"text":"Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":130,"endColumn":138}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":116,"endColumn":120}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":22,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":31,"startColumn":14,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":44,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":26,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":13,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":51,"startColumn":22,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":15,"startColumn":24,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":18,"startColumn":24,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":20,"startColumn":9,"endColumn":13}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":68,"endColumn":72}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":73,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":78,"endColumn":83}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":66,"endColumn":67}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":34,"endColumn":35}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":13,"endColumn":17}}}]},{"ruleId":"16735444075637946876 (sast)","level":"warning","message":{"text":"Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":15,"startColumn":11,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":17,"startColumn":10,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":28,"startColumn":64,"endColumn":66}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":29,"startColumn":37,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":29,"startColumn":35,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":29,"startColumn":18,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":29,"startColumn":57,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":31,"startColumn":26,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":31,"startColumn":26,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/changePassword.ts"},"region":{"startLine":31,"startColumn":19,"endColumn":23}}}]},{"ruleId":"16735444075637946876 (sast)","level":"warning","message":{"text":"Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":17,"startColumn":11,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":21,"startColumn":17,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":31,"startColumn":20,"endColumn":22}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":33,"startColumn":55,"endColumn":57}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":34,"startColumn":37,"endColumn":48}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":34,"startColumn":35,"endColumn":36}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":34,"startColumn":18,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":34,"startColumn":57,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":36,"startColumn":26,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":36,"startColumn":26,"endColumn":30}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/resetPassword.ts"},"region":{"startLine":36,"startColumn":19,"endColumn":23}}}]},{"ruleId":"16735444075637946876 (sast)","level":"warning","message":{"text":"Privacy Violation"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":130,"endColumn":138}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":116,"endColumn":120}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":22,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":31,"startColumn":14,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":44,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":26,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":13,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":30,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":35,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":23,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":44,"startColumn":34,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":44,"startColumn":23,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":43,"startColumn":17,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":41,"startColumn":27,"endColumn":31}}}]},{"ruleId":"7630264517191277634 (sast)","level":"warning","message":{"text":"Missing HSTS Header"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"lib/insecurity.js"},"region":{"startLine":141,"startColumn":23,"endColumn":27}}}]},{"ruleId":"CVE-2021-4231 (sca)","level":"warning","message":{"text":"Npm-@angular/core-9.0.0 (CVE-2021-4231)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx7c42edbf-d5f1 (sca)","level":"warning","message":{"text":"Npm-base64url-0.0.6 (Cx7c42edbf-d5f1)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx65603961-769c (sca)","level":"warning","message":{"text":"Npm-debug-2.6.9 (Cx65603961-769c)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx65603961-769c (sca)","level":"warning","message":{"text":"Npm-debug-2.6.9 (Cx65603961-769c)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx65603961-769c (sca)","level":"warning","message":{"text":"Npm-debug-3.1.0 (Cx65603961-769c)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2020-7639 (sca)","level":"warning","message":{"text":"Npm-eivindfjeldstad-dot-0.0.1 (CVE-2020-7639)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-41940 (sca)","level":"warning","message":{"text":"Npm-engine.io-4.1.2 (CVE-2022-41940)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-33987 (sca)","level":"warning","message":{"text":"Npm-got-8.3.2 (CVE-2022-33987)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-32822 (sca)","level":"warning","message":{"text":"Npm-hbs-4.2.0 (CVE-2021-32822)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2018-3721 (sca)","level":"warning","message":{"text":"Npm-lodash-2.4.2 (CVE-2018-3721)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2019-1010266 (sca)","level":"warning","message":{"text":"Npm-lodash-2.4.2 (CVE-2019-1010266)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2020-28500 (sca)","level":"warning","message":{"text":"Npm-lodash-2.4.2 (CVE-2020-28500)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2018-16487 (sca)","level":"warning","message":{"text":"Npm-lodash-2.4.2 (CVE-2018-16487)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2016-4055 (sca)","level":"warning","message":{"text":"Npm-moment-2.0.0 (CVE-2016-4055)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx5c009a1a-2054 (sca)","level":"warning","message":{"text":"Npm-moment-2.0.0 (Cx5c009a1a-2054)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-23566 (sca)","level":"warning","message":{"text":"Npm-nanoid-3.1.20 (CVE-2021-23566)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-24773 (sca)","level":"warning","message":{"text":"Npm-node-forge-0.10.0 (CVE-2022-24773)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-0122 (sca)","level":"warning","message":{"text":"Npm-node-forge-0.10.0 (CVE-2022-0122)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-23771 (sca)","level":"warning","message":{"text":"Npm-notevil-1.3.3 (CVE-2021-23771)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2016-1000237 (sca)","level":"warning","message":{"text":"Npm-sanitize-html-1.4.2 (CVE-2016-1000237)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2017-16016 (sca)","level":"warning","message":{"text":"Npm-sanitize-html-1.4.2 (CVE-2017-16016)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-26539 (sca)","level":"warning","message":{"text":"Npm-sanitize-html-1.4.2 (CVE-2021-26539)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-26540 (sca)","level":"warning","message":{"text":"Npm-sanitize-html-1.4.2 (CVE-2021-26540)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx24228ad1-81fd (sca)","level":"warning","message":{"text":"Npm-sanitize-html-1.4.2 (Cx24228ad1-81fd)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx7d063416-6f02 (sca)","level":"warning","message":{"text":"Npm-sanitize-html-1.4.2 (Cx7d063416-6f02)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx3fe16d6b-d031 (sca)","level":"warning","message":{"text":"Npm-sanitize-html-1.4.2 (Cx3fe16d6b-d031)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":212,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":149,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":3,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":140,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":63,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":248,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":107,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":158,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":176,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-24771 (sca)","level":"error","message":{"text":"Npm-node-forge-0.10.0 (CVE-2022-24771)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-3807 (sca)","level":"error","message":{"text":"Npm-ansi-regex-2.1.1 (CVE-2021-3807)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-3807 (sca)","level":"error","message":{"text":"Npm-ansi-regex-2.1.1 (CVE-2021-3807)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxc7705965-e0f0 (sca)","level":"error","message":{"text":"Npm-@babel/core-7.12.10 (Cxc7705965-e0f0)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-3517 (sca)","level":"error","message":{"text":"Npm-minimatch-3.0.4 (CVE-2022-3517)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-3517 (sca)","level":"error","message":{"text":"Npm-minimatch-3.0.4 (CVE-2022-3517)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":203,"startColumn":1,"endColumn":2}}}]},{"ruleId":"fd54f200-402c-4333-a5a4-36ef6709af2f [Taken from query_id] (kics)","level":"error","message":{"text":"Missing User Instruction"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/smoke/Dockerfile"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx89601373-08db (sca)","level":"error","message":{"text":"Npm-debug-2.6.9 (Cx89601373-08db)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx89601373-08db (sca)","level":"error","message":{"text":"Npm-debug-2.6.9 (Cx89601373-08db)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-2.6.9 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-2.6.9 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-44906 (sca)","level":"error","message":{"text":"Npm-minimist-0.2.2 (CVE-2021-44906)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxb3ca64d2-9cd1 (sca)","level":"error","message":{"text":"Npm-mocha-8.4.0 (Cxb3ca64d2-9cd1)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-3.1.0 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx89601373-08db (sca)","level":"error","message":{"text":"Npm-debug-3.1.0 (Cx89601373-08db)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-3.2.7 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-3.2.7 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx89601373-08db (sca)","level":"error","message":{"text":"Npm-debug-3.2.7 (Cx89601373-08db)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx89601373-08db (sca)","level":"error","message":{"text":"Npm-debug-3.2.7 (Cx89601373-08db)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-4.3.1 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-4.3.1 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-4.3.4 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx8bc4df28-fcf5 (sca)","level":"error","message":{"text":"Npm-debug-4.3.4 (Cx8bc4df28-fcf5)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-38900 (sca)","level":"error","message":{"text":"Npm-decode-uri-component-0.2.2 (CVE-2022-38900)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-38900 (sca)","level":"error","message":{"text":"Npm-decode-uri-component-0.2.2 (CVE-2022-38900)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-24434 (sca)","level":"error","message":{"text":"Npm-dicer-0.2.5 (CVE-2022-24434)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxe299c2b0-ccc8 (sca)","level":"error","message":{"text":"Npm-domutils-1.1.6 (Cxe299c2b0-ccc8)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2019-10775 (sca)","level":"error","message":{"text":"Npm-ecstatic-3.3.2 (CVE-2019-10775)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-24772 (sca)","level":"error","message":{"text":"Npm-node-forge-0.10.0 (CVE-2022-24772)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2017-18214 (sca)","level":"error","message":{"text":"Npm-moment-2.0.0 (CVE-2017-18214)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2020-15084 (sca)","level":"error","message":{"text":"Npm-express-jwt-0.1.3 (CVE-2020-15084)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-36313 (sca)","level":"error","message":{"text":"Npm-file-type-11.1.0 (CVE-2022-36313)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-36313 (sca)","level":"error","message":{"text":"Npm-file-type-3.9.0 (CVE-2022-36313)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-36313 (sca)","level":"error","message":{"text":"Npm-file-type-4.4.0 (CVE-2022-36313)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-36313 (sca)","level":"error","message":{"text":"Npm-file-type-5.2.0 (CVE-2022-36313)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-36313 (sca)","level":"error","message":{"text":"Npm-file-type-6.2.0 (CVE-2022-36313)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2020-28469 (sca)","level":"error","message":{"text":"Npm-glob-parent-3.1.0 (CVE-2020-28469)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-24785 (sca)","level":"error","message":{"text":"Npm-moment-2.0.0 (CVE-2022-24785)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx347a3da7-ba99 (sca)","level":"error","message":{"text":"Npm-node-forge-0.10.0 (Cx347a3da7-ba99)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxdca8e59f-8bfe (sca)","level":"error","message":{"text":"Npm-inflight-1.0.6 (Cxdca8e59f-8bfe)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxdca8e59f-8bfe (sca)","level":"error","message":{"text":"Npm-inflight-1.0.6 (Cxdca8e59f-8bfe)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-23540 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.1.0 (CVE-2022-23540)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-23541 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.1.0 (CVE-2022-23541)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-23539 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.1.0 (CVE-2022-23539)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2015-9235 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.1.0 (CVE-2015-9235)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxdd801a12-8c33 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.1.0 (Cxdd801a12-8c33)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-23541 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.4.0 (CVE-2022-23541)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-23540 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.4.0 (CVE-2022-23540)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2015-9235 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.4.0 (CVE-2015-9235)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-23539 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.4.0 (CVE-2022-23539)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxdd801a12-8c33 (sca)","level":"error","message":{"text":"Npm-jsonwebtoken-0.4.0 (Cxdd801a12-8c33)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2016-1000223 (sca)","level":"error","message":{"text":"Npm-jws-0.2.6 (CVE-2016-1000223)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxffc79d87-98d9 (sca)","level":"error","message":{"text":"Npm-jws-0.2.6 (Cxffc79d87-98d9)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cxf6e7f2c1-dc59 (sca)","level":"error","message":{"text":"Npm-yauzl-2.10.0 (Cxf6e7f2c1-dc59)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-25858 (sca)","level":"error","message":{"text":"Npm-terser-5.5.1 (CVE-2022-25858)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"Cx0b414307-5d4b (sca)","level":"error","message":{"text":"Npm-lodash-2.4.2 (Cx0b414307-5d4b)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2021-23337 (sca)","level":"error","message":{"text":"Npm-lodash-2.4.2 (CVE-2021-23337)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2020-8203 (sca)","level":"error","message":{"text":"Npm-lodash-2.4.2 (CVE-2020-8203)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2022-25887 (sca)","level":"error","message":{"text":"Npm-sanitize-html-1.4.2 (CVE-2022-25887)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"CVE-2019-10744 (sca)","level":"error","message":{"text":"Npm-lodash-2.4.2 (CVE-2019-10744)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"package.json"},"region":{"startLine":1,"startColumn":1,"endColumn":2}}}]},{"ruleId":"6561501369275698122 (sast)","level":"error","message":{"text":"Stored XSS"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":31,"startColumn":14,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":44,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":26,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":13,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":51,"startColumn":22,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":15,"startColumn":24,"endColumn":28}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":18,"startColumn":24,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":20,"startColumn":9,"endColumn":13}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":68,"endColumn":72}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":73,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":78,"endColumn":83}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":66,"endColumn":67}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":34,"endColumn":35}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":22,"startColumn":13,"endColumn":17}}}]},{"ruleId":"6561501369275698122 (sast)","level":"error","message":{"text":"Stored XSS"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":31,"startColumn":14,"endColumn":31}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":44,"endColumn":61}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":26,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":32,"startColumn":13,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":25,"endColumn":29}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":30,"endColumn":34}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":35,"endColumn":37}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":45,"startColumn":23,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":44,"startColumn":34,"endColumn":43}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":44,"startColumn":23,"endColumn":24}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":43,"startColumn":17,"endColumn":18}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":41,"startColumn":27,"endColumn":31}}}]},{"ruleId":"6561501369275698122 (sast)","level":"error","message":{"text":"Stored XSS"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":16,"startColumn":14,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":16,"startColumn":14,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":16,"startColumn":15,"endColumn":23}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":56,"startColumn":42,"endColumn":50}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":56,"startColumn":24,"endColumn":41}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":56,"startColumn":13,"endColumn":17}}}]},{"ruleId":"16772998409937314312 (sast)","level":"error","message":{"text":"Reflected XSS"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":12,"startColumn":33,"endColumn":35}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":12,"startColumn":16,"endColumn":21}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":12,"startColumn":9,"endColumn":10}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":11,"startColumn":10,"endColumn":11}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":10,"startColumn":18,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":14,"startColumn":12,"endColumn":19}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":15,"startColumn":45,"endColumn":52}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":15,"startColumn":27,"endColumn":44}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/recycles.ts"},"region":{"startLine":15,"startColumn":16,"endColumn":20}}}]},{"ruleId":"17606990743818532616 (sast)","level":"error","message":{"text":"SQL Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/dataExport.ts"},"region":{"startLine":30,"startColumn":48,"endColumn":51}}}]},{"ruleId":"17606990743818532616 (sast)","level":"error","message":{"text":"SQL Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":13,"startColumn":65,"endColumn":66}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":13,"startColumn":9,"endColumn":17}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":14,"startColumn":43,"endColumn":51}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":14,"startColumn":5,"endColumn":13}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":15,"startColumn":110,"endColumn":118}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/search.ts"},"region":{"startLine":15,"startColumn":22,"endColumn":27}}}]},{"ruleId":"17606990743818532616 (sast)","level":"error","message":{"text":"SQL Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":130,"endColumn":138}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":116,"endColumn":120}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":22,"endColumn":27}}}]},{"ruleId":"17606990743818532616 (sast)","level":"error","message":{"text":"SQL Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":75,"endColumn":80}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/login.ts"},"region":{"startLine":30,"startColumn":22,"endColumn":27}}}]},{"ruleId":"17606990743818532616 (sast)","level":"error","message":{"text":"SQL Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/dataExport.ts"},"region":{"startLine":14,"startColumn":84,"endColumn":91}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/dataExport.ts"},"region":{"startLine":14,"startColumn":54,"endColumn":57}}}]},{"ruleId":"4332408256892458774 (sast)","level":"error","message":{"text":"Second Order SQL Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":215,"startColumn":42,"endColumn":47}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":217,"startColumn":20,"endColumn":25}}}]},{"ruleId":"4332408256892458774 (sast)","level":"error","message":{"text":"Second Order SQL Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":122,"startColumn":22,"endColumn":27}}},{"physicalLocation":{"artifactLocation":{"uri":"data/datacreator.ts"},"region":{"startLine":124,"startColumn":17,"endColumn":22}}}]},{"ruleId":"18264905025034185052 (sast)","level":"error","message":{"text":"Code Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/showProductReviews.ts"},"region":{"startLine":25,"startColumn":83,"endColumn":85}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/showProductReviews.ts"},"region":{"startLine":25,"startColumn":11,"endColumn":13}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/showProductReviews.ts"},"region":{"startLine":29,"startColumn":52,"endColumn":54}}}]},{"ruleId":"18264905025034185052 (sast)","level":"error","message":{"text":"Code Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":12,"startColumn":66,"endColumn":68}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":12,"startColumn":48,"endColumn":54}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":12,"startColumn":70,"endColumn":77}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":12,"startColumn":11,"endColumn":13}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":15,"startColumn":51,"endColumn":53}}}]},{"ruleId":"18264905025034185052 (sast)","level":"error","message":{"text":"Code Injection"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":12,"startColumn":107,"endColumn":109}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":12,"startColumn":11,"endColumn":13}}},{"physicalLocation":{"artifactLocation":{"uri":"routes/trackOrder.ts"},"region":{"startLine":15,"startColumn":51,"endColumn":53}}}]},{"ruleId":"6998389e-66b2-473d-8d05-c8d71ac4d04d [Taken from query_id] (kics)","level":"error","message":{"text":"Array Without Maximum Number of Items (v3)"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"swagger.yml"},"region":{"startLine":41,"startColumn":1,"endColumn":2}}}]},{"ruleId":"15834639595142631548 (sast)","level":"error","message":{"text":"Angular Client Stored DOM XSS"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":31,"startColumn":32,"endColumn":39}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":31,"startColumn":11,"endColumn":16}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":33,"startColumn":27,"endColumn":32}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":33,"startColumn":17,"endColumn":26}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":33,"startColumn":7,"endColumn":14}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":36,"startColumn":77,"endColumn":84}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":36,"startColumn":85,"endColumn":89}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":36,"startColumn":90,"endColumn":101}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":36,"startColumn":43,"endColumn":66}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.ts"},"region":{"startLine":36,"startColumn":14,"endColumn":25}}},{"physicalLocation":{"artifactLocation":{"uri":"frontend/src/app/last-login-ip/last-login-ip.component.html"},"region":{"startLine":8,"startColumn":91,"endColumn":102}}}]},{"ruleId":"d651cca2-2156-4d17-8e76-423e68de5c8b [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Google OAuth"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"config/default.yml"},"region":{"startLine":57,"startColumn":1,"endColumn":2}}}]},{"ruleId":"3e2d3b2f-c22a-4df1-9cc6-a7a0aebb0c99 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Secret"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":150,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":88,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":166,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":123,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":115,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":236,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":31,"startColumn":1,"endColumn":2}}}]},{"ruleId":"487f4be7-3fd9-4506-a07a-eae252180c08 [Taken from query_id] (kics)","level":"error","message":{"text":"Passwords And Secrets - Generic Password"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"data/static/users.yml"},"region":{"startLine":242,"startColumn":1,"endColumn":2}}}]}]}]}