Content Pack Version - CP.9.3.0.18043 (JavaScript, CSharp)
The content of this Content Pack (CP.9.3.0.18043), will be available for CxSAST version 9.4 in CxSAST Engine Pack version 9.4.2.
Each Ruleset Content Pack includes improvements to queries, and optionally also to presets. Technically, these changes are delivered through database upgrade scripts which affect the relevant tables.
As with any CxSAST product release, the Content Pack resets the Checkmarx built-in presets to the default query set.
This Content Pack uses a unified installer and it includes all the Content Packs published for version 9.3.0. It includes updates to CSharp and JavaScript.
Installation order
This is a cumulative Content Pack, it can be installed over any of the version 9.3.0 Content Packs and does not require other Content Packs.
This Content Pack requires 9.3.0 Hotfix 15 or higher previously installed on the CxSAST Environment (Manager and Engines).
It includes all the changes provided by Content Pack 16 and the following improvements:
CSharp
JavaScript
Non-ASCII characters removal
Besides the changes mentioned above, several queries in several languages (Apex, CPP, Groovy, Java, JavaScript and Scala) were improved to remove/replace all Non-ASCII characters that cause scans to fail in some installations (depending on collations and OS languages).
Presets Alignment
OWASP TOP 10 (2010, 2013 and 2017) presets aligned for all languages
Other presets (Error Handling, FISMA, HIPPA, JSSEC, PCI, SASN top 25, STIG and XSS and SQLi only) were aligned for all languages.
Version Upgrade
In general, it is mandatory to install at least the same Content Pack number for newer versions while upgrading. However, since v9.3.0 has no CP17, when upgrading from v9.2.0 CP17 it is necessary to upgrade to v9.3.0 CP18. This step ensures the accuracy of the results is maintained while upgrading.