Top "Checkmarx" questions

Source code analyzer software which provides identifying, tracking and repairing technical and logical flaws.

Heap Inspection Security Vulnerability

I have run my java app against the checkmarx tool for security vulnerability and it is constantly giving an issue …

java security heap static-code-analysis checkmarx
How to validate and sanitize HTTP Get with Spring Boot?

I keep getting this annoying error from Checkmarx code scanner, Method getTotalValue at line 220 of src\java\com\example\PeopleController.…

validation spring-boot http-get checkmarx
How to sanitize and validate user input to pass a Checkmarx scan

I have an endpoint that receives a String from the client as seen below: @GET @Path("/{x}") public Response doSomething(@…

java security code-analysis static-code-analysis checkmarx
Checkmarx Java fix for Log Forging -sanitizing user input

Can anyone suggest the proper sanitization/validation process required for the courseType variable in the following getCourses method. I am …

java spring-boot spring-mvc checkmarx secure-coding
Checkmarx error: Deserialization of untrusted data

I am getting deserialization of untrusted data during checkmarx scan (which find security related vulnarabilities in code) in the onMessage() …

java jms deserialization checkmarx validationmessage
How to solve Stored XSS issue reported by Checkmarx

Codebase I am working on has been analyzed by Checkmarx, and it came back with a report containing a "Stored …

c# xss checkmarx
Missing HSTS header in checkmarx report

I am using Checkmarx to analyse my project, and the only remaining medium severity item is Missing_HSTS_Filter, with …

java security tomcat hsts checkmarx