| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
62 |
examples/unfinished/chat-benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
71 |
examples/unfinished/chat-benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
163 |
examples/unfinished/chat-benchmark/benchmark.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
171 |
examples/unfinished/chat-benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
191 |
examples/unfinished/chat-benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
100 |
examples/unfinished/blaze-test/client/blaze-test.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
88 |
examples/unfinished/benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
106 |
examples/unfinished/benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
197 |
examples/unfinished/benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
203 |
examples/unfinished/benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
213 |
examples/unfinished/benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
230 |
examples/unfinished/benchmark/benchmark.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
22 |
examples/unfinished/movers/movers.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
50 |
examples/unfinished/movers/client/jquery-ui-sortable.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
733 |
examples/unfinished/movers/client/jquery-ui-sortable.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
890 |
examples/unfinished/movers/client/jquery-ui-sortable.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
50 |
examples/unfinished/reorderable-list/client/jquery-ui-sortable.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
733 |
examples/unfinished/reorderable-list/client/jquery-ui-sortable.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
890 |
examples/unfinished/reorderable-list/client/jquery-ui-sortable.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2145 |
examples/other/template-demo/client/d3.v2.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2175 |
examples/other/template-demo/client/d3.v2.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
127 |
examples/other/template-demo/client/template-demo.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
248 |
examples/other/wordplay/client/wordplay.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
22 |
examples/other/wordplay/server/game.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
59 |
examples/other/wordplay/server/game.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
15 |
examples/other/quiescence/quiescence.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
37 |
examples/other/quiescence/quiescence.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
47 |
tools/shell-client.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
212 |
tools/inspector.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
113 |
tools/meteor-services/auth.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
659 |
tools/meteor-services/auth.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
771 |
tools/meteor-services/auth.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
220 |
tools/meteor-services/deploy.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
256 |
tools/fs/watch.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
267 |
tools/tool-testing/selftest.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
984 |
tools/tool-testing/selftest.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
1097 |
tools/tool-testing/selftest.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1402 |
tools/tool-testing/selftest.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1530 |
tools/tool-testing/selftest.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
1605 |
tools/tool-testing/selftest.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
121 |
tools/packaging/updater.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
141 |
tools/packaging/updater.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
28 |
tools/runners/run-updater.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
93 |
tools/runners/run-mongo.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
115 |
tools/runners/run-mongo.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
189 |
tools/runners/run-mongo.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
862 |
tools/runners/run-mongo.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
869 |
tools/runners/run-mongo.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
879 |
tools/runners/run-app.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
231 |
tools/isobuild/js-analyze.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
716 |
tools/isobuild/meteor-npm.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
11 |
tools/tests/package-tests.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
9 |
tools/tests/colon-converter-tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
10 |
tools/tests/colon-converter-tests.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
44 |
tools/tests/js-analyze.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
131 |
tools/tests/old/test-bundler-assets.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
50 |
tools/tests/old/test-watch.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
89 |
tools/tests/old/test-watch.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
113 |
tools/tests/old/test-watch.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
12 |
tools/tests/apps/hot-code-push-test/hot-code-push-test.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
17 |
tools/tests/apps/hot-code-push-test/hot-code-push-test.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
43 |
tools/tests/apps/modules/tests.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
35 |
tools/tests/apps/minification-css-splitting/code.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
9 |
tools/tests/apps/ddp-heartbeat/server/heartbeat_test.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
22 |
tools/tests/apps/css-injection-test/css-injection-test.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
31 |
tools/tests/apps/css-injection-test/css-injection-test.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
12 |
tools/tests/apps/once/once.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
15 |
tools/tests/apps/failover-test/server/failover-test.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
26 |
tools/utils/func-utils.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
86 |
tools/utils/processes.js |
| SSRF - Server Side Request Forgery |
User controlled data in 'request()'' can result in Server Side Request Forgery (SSRF). |
301 |
tools/utils/http-helpers.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
464 |
tools/utils/http-helpers.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
215 |
tools/utils/utils.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
554 |
tools/utils/utils.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2351 |
tools/cli/commands.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2355 |
tools/cli/commands.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
115 |
tools/static-assets/server/boot.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
6 |
packages/http/test_responder.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
26 |
packages/http/test_responder.js |
| SSRF - Server Side Request Forgery |
User controlled data in 'request()'' can result in Server Side Request Forgery (SSRF). |
2 |
packages/http/httpcall_server.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
336 |
packages/http/httpcall_tests.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
116 |
packages/http/httpcall_client.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
178 |
packages/meteor/fiber_helpers.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
64 |
packages/meteor/fiber_stubs_client.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
109 |
packages/meteor/dynamics_test.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
29 |
packages/meteor/timers.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
40 |
packages/meteor/timers.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
70 |
packages/meteor/timers.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2 |
packages/meteor/wrapasync_test.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
24 |
packages/meteor/wrapasync_test.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
50 |
packages/meteor/startup_client.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
83 |
packages/meteor/startup_client.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
131 |
packages/meteor/setimmediate.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
16 |
packages/webapp-hashing/webapp-hashing.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
42 |
packages/webapp-hashing/webapp-hashing.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
26 |
packages/code-prettify/prettify.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
30 |
packages/launch-screen/default-behavior.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
542 |
packages/tinytest/tinytest.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
56 |
packages/tinytest/tinytest_server.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
40 |
packages/oauth1/oauth1_pending_request_tokens.js |
| Server Side Injection(SSI) - new Function() |
User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1711 |
packages/deprecated/d3/d3.v3.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1826 |
packages/deprecated/d3/d3.v3.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1857 |
packages/deprecated/d3/d3.v3.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
191 |
packages/deprecated/amplify/amplify.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
272 |
packages/deprecated/amplify/amplify.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
404 |
packages/deprecated/amplify/amplify.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
428 |
packages/deprecated/amplify/amplify.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
437 |
packages/deprecated/amplify/amplify.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
744 |
packages/deprecated/amplify/amplify.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
203 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
306 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
397 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
928 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1134 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1146 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1271 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2184 |
packages/deprecated/bootstrap/js/bootstrap.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1029 |
packages/deprecated/backbone/backbone.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
108 |
packages/test-in-console/driver.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
109 |
packages/test-in-console/driver.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
188 |
packages/test-in-console/driver.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
9 |
packages/test-in-console/runner.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
121 |
packages/caching-compiler/caching-compiler.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
36 |
packages/ddp-common/heartbeat.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
44 |
packages/ddp-common/heartbeat.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
8 |
packages/localstorage/localstorage.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
102 |
packages/autoupdate/autoupdate_client.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
121 |
packages/autoupdate/autoupdate_client.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
77 |
packages/rate-limit/rate-limit-tests.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
2068 |
packages/spacebars-tests/template_tests.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
20 |
packages/logging/logging_test.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
46 |
packages/webapp/webapp_server.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
220 |
packages/webapp/webapp_server.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
221 |
packages/webapp/webapp_server.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
231 |
packages/webapp/webapp_server.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
757 |
packages/webapp/webapp_server.js |
| Weak Hash used - SHA1 |
SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. |
7 |
packages/webapp/webapp_tests.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
41 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
43 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
116 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
178 |
packages/accounts-password/password_tests.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
234 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
235 |
packages/accounts-password/password_tests.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
281 |
packages/accounts-password/password_tests.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
316 |
packages/accounts-password/password_tests.js |
| Username Hardcoded |
A hardcoded username in plain text was identified. Store it properly in a config file. |
377 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
440 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
502 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
554 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
598 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
654 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
712 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
905 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
956 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
981 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
1007 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
1029 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
1050 |
packages/accounts-password/password_tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
1107 |
packages/accounts-password/password_tests.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
125 |
packages/tracker/tracker.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
537 |
packages/tracker/tracker.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
455 |
packages/tracker/tracker_tests.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
77 |
packages/ddp-client/livedata_test_service.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
28 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
399 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
673 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
706 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
709 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
761 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1508 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1568 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2450 |
packages/ddp-client/sockjs-0.3.4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
802 |
packages/ddp-client/livedata_tests.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
125 |
packages/ddp-client/stream_client_sockjs.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
189 |
packages/ddp-client/stream_client_sockjs.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
158 |
packages/ddp-client/stream_client_nodejs.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1295 |
packages/ddp-client/livedata_connection.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
65 |
packages/ddp-server/livedata_server_tests.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
3338 |
packages/mongo/mongo_livedata_tests.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1156 |
packages/mongo/mongo_driver.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
68 |
packages/mongo/polling_observe_driver.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
345 |
packages/mongo/observe_changes_tests.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
479 |
packages/check/match.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
285 |
packages/logic-solver/logic.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
3 |
packages/logic-solver/minisat.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
33 |
packages/logic-solver/minisat.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
96 |
packages/boilerplate-generator/boilerplate-generator.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
585 |
packages/accounts-base/accounts_server.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1172 |
packages/accounts-base/accounts_server.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
1380 |
packages/accounts-base/accounts_server.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
53 |
packages/accounts-base/accounts_reconnect_tests.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
96 |
packages/accounts-base/localstorage_token.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
97 |
packages/accounts-base/localstorage_token.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
98 |
packages/accounts-base/localstorage_token.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
157 |
packages/accounts-base/localstorage_token.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
10 |
packages/srp/srp_tests.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
94 |
packages/shell-server/shell-server.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
275 |
packages/shell-server/shell-server.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
50 |
packages/oauth/oauth_cordova.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
19 |
packages/oauth/oauth_browser.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
32 |
packages/oauth/pending_credentials.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
60 |
packages/retry/retry.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
673 |
packages/underscore/underscore.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
709 |
packages/underscore/underscore.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
728 |
packages/underscore/underscore.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
736 |
packages/underscore/underscore.js |
| Server Side Injection(SSI) - new Function() |
User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1232 |
packages/underscore/underscore.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
133 |
packages/test-helpers/async_multi.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
174 |
packages/test-helpers/async_multi.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
39 |
packages/test-helpers/callback_logger.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
79 |
packages/test-helpers/callback_logger.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
122 |
packages/test-helpers/callback_logger.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
53 |
packages/non-core/jquery-layout/jquery.layout.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1066 |
packages/non-core/jquery-layout/jquery.layout.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1118 |
packages/non-core/jquery-layout/jquery.layout.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1121 |
packages/non-core/jquery-layout/jquery.layout.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1568 |
packages/non-core/jquery-layout/jquery.layout.js |
| Key Hardcoded |
A hardcoded key in plain text was identified. |
1688 |
packages/non-core/jquery-layout/jquery.layout.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
5892 |
packages/non-core/jquery-layout/jquery.layout.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1278 |
packages/non-core/jquery-history/history.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1281 |
packages/non-core/jquery-history/history.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1417 |
packages/non-core/jquery-history/history.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1892 |
packages/non-core/jquery-history/history.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1911 |
packages/non-core/jquery-history/history.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
372 |
packages/non-core/jquery-history/history.html4.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
3455 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
3512 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
3547 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
7095 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
7658 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
7682 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - eval() |
User controlled data in eval() can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
8243 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
9203 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
9723 |
packages/jquery/jquery.js |
| Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
186 |
packages/ddp-rate-limiter/ddp-rate-limiter-tests.js |
| Password Hardcoded |
A hardcoded password in plain text was identified. Store it properly in a config file. |
288 |
packages/ddp-rate-limiter/ddp-rate-limiter-tests.js |
| Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
111 |
packages/spiderable/spiderable_server.js |
| Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
32 |
packages/spiderable/phantom_script.js |