Each Ruleset Content Pack includes improvements to queries, and optionally also to presets. Technically, these changes are delivered through DB upgrade scripts which affect relevant tables.
...
Content Pack Version | Compatible Version | Release Date | Content |
---|
CP.8.9.0.12 | 8.9.0 | 21 August 2019 | Download link: https://www.checkmarx.com/downloads/ This Ruleset Content Pack (CP) includes improvements for reducing the amount of false positive results. The following Java queries were updated: - LDAP_Injection
- Stored_Absolute_Path_Traversal
- Stored_Command_Injection
- Stored_Relative_Path_Traversal
- Improper_Restriction_of_stored_XXE_Ref
- Plaintext_Storage_of_a_Password
- Stored_LDAP_Injection
- Stored_Code_Injection
- Stored_HTTP_Response_Splitting
- Stored_Open_Redirect
- Stored_XPath_Injection
- Connection_String_Injection
Details on the queries changed: - LDAP_Injection - Directory Context search method support was improved. Updated support for LDAP ESAPI support.
- Stored_XPath_Injection - Stored inputs were updated by improving support on Database Outputs and File streams.
- Connection_String_Injection - Connection string outputs Improved
- Other queries were improved on database inputs/outputs and file accesses
It is also includes a new Preset: Checkmarx Express containing following Java queries which have the accuracy improved: - LDAP_Injection
- Plaintext_Storage_of_a_Password
- Stored_LDAP_Injection
- Connection_String_Injection
In this CP the following improvements were done: - At High Risk queries the accuracy is improved by 20%
- At Medium Threat queries the accuracy is improved by 22%
|
...