This release contains the following improvements and fixed issues:
Latest Versions
- KLA:
- Engine:
- Cloud:
Improvements
- Kiuwan has implemented the rule “Improper Neutralization of Special Elements used in an SQL Command” for ASP.NET.
- Implementation of a new security rule for Kiuwan to identify Remote Code Execution (RCE) vulnerabilities in JavaScript codebases.
- Improved detection of potential security vulnerabilities related to XSS in JSP files.
- Kiuwan Code Analyzer now tags the OWASP Top 10 appropriately.
- Improved performance of PHP analysis.
Bugs
- Rule OPT.SWIFT.MAINTAINABILITY.UnusedLocalVar has been updated to detect local variable usage properly.
- A typo affecting the rule OPT.CPP.SEC.PathTraversal and the use of ‘realpath’ has been resolved.
- Kiuwan now reports a vulnerability for OPT.JAVASCRIPT.TooMuchOriginsAllowed rule when ‘.setHeader’ is called from an express object.
- Custom models using the “Avoid using functions with too many parameters” rule now work correctly after setting new configurations.
- Kiuwan no longer displays a parsing error when encountering “MAP USING MAP” in Natural language source code.