Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configure WhiteSource Bolt for GitHub #90

Merged
merged 1 commit into from
Feb 2, 2021

Conversation

mend-bolt-for-github[bot]
Copy link

Welcome to WhiteSource Bolt for GitHub! This is an onboarding PR to help you understand and configure settings before WhiteSource starts scanning your repository for security vulnerabilities.

🚦 WhiteSource Bolt for GitHub will start scanning your repository only once you merge this Pull Request. To disable WhiteSource Bolt for GitHub, simply close this Pull Request.


What to Expect

This PR contains a '.whitesource' configuration file which can be customized to your needs. If no changes were applied to this file, WhiteSource Bolt for GitHub will use the default configuration.

Before merging this PR, Make sure the Issues tab is enabled. Once you merge this PR, WhiteSource Bolt for GitHub will scan your repository and create a GitHub Issue for every vulnerability detected in your repository.

If you do not want a GitHub Issue to be created for each detected vulnerability, you can edit the '.whitesource' file and set the 'minSeverityLevel' parameter to 'NONE'.


❓ Got questions? Check out WhiteSource Bolt for GitHub docs.
If you need any further assistance then you can also request help here.

@kadirselcuk kadirselcuk merged commit 09c8a63 into archived-io.js-v0.10 Feb 2, 2021
@guardrails
Copy link

guardrails bot commented Feb 2, 2021

⚠️ We detected security issues in this pull request:
Mode: paranoid | Total findings: 3465 | Considered vulnerability: 0

Hard-Coded Secrets (323)

BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");

static const unsigned char str1[]="12345678901234567890";

if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")) ABORT;

if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82")) ABORT;

if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32")) ABORT;

if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT;

if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")) ABORT;

if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT;

if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT;

if (!BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) ABORT;

"84F3B9CAC2FC632551")) ABORT;

if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT;

if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"

"120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")) ABORT;

if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"

"9859F741E082542A385502F25DBF55296C3A545E3872760AB7")) ABORT;

"FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) ABORT;

if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"

"7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT;

if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"

"315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"

"DF883D2C34F1EF451FD46B503F00")) ABORT;

if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"

"B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"

"3C1856A429BF97E7E31C2E5BD66")) ABORT;

"FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"

"C9B8899C47AEBB6FB71E91386409")) ABORT;

if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"

"B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"

"7086A272C24088BE94769FD16650")) ABORT;

"02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",

"0289070FB05D38FF58321F2E800536D538CCDAA3D9",

"020A601907B8C953CA1481EB10512F78744A3205FD",

"03F0EBA16286A2D57EA0991168D4994637E8343E36",

"00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",

"017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",

"01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",

"0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",

"00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",

"01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",

"0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",

"01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",

"027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",

"05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",

"03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",

"0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",

"01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",

"0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",

"015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",

"0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",

"026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",

"0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",

"02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",

"0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",

"037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",

"B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", /* b */

"E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E", /* Qx */

"4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555", /* Qy */

"B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", /* Gx */

"BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", /* Gy */

"3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8", /* d */

"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", /* b */

"b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", /* Qx */

"3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", /* Qy */

"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", /* Gx */

"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", /* Gy */

"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", /* order */

"c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", /* d */

"051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", /* b */

"0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", /* Qx */

"0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", /* Qy */

"c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", /* Gx */

"11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", /* Gy */

"0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", /* d */

"3342403536405981729393488334694600415596881826869351677613",

"3086361431751678114926225473006680188549593787585317781474"

"87194383164871543355722284926904419997237591535066528048",

"308992691965804947361541664549085895292153777025772063598"))

"1970303740007316867383349976549972270528498040721988191026"

(unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",

(unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",

(unsigned char *)"750c783e6ab0b503eaa86e310a5db738",

(unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",

BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");

BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");

BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");

BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");

"12345678901234567890123456789012345678901234567890123456789012345678901234567890",

"8350e5a3e24c153df2275c9f80692773",

"32ec01ec4a6dac72c0ab96fb34c0b5d1",

"da853b0d3f88d99b30283a69e6ded6bb",

"ab4f496bfb2a530b219ff33031fe06b0",

"4e8ddff3650292ab5a4108c3aa47940b",

"da33def2a42df13975352846c30338cd",

"d5976f79d83d3a0dc9806c3c66f3efd8",

"12345678901234567890123456789012345678901234567890123456789012345678901234567890",

"31d6cfe0d16ae931b73c59d7e0c089c0",

"bde52cb31de33e46245e05fbdbd6fb24",

"a448017aaf21d8525fc10ae87aa6729d",

"d9130a8164549fe818874806e1c7014b",

"d79e1c308aa5bbcdeea8ed63df412da9",

"043f8582f241db351ce627e153e7f0e4",

"e33b4ddc9c38f2199c3e7b164fcc0536",

"12345678901234567890123456789012345678901234567890123456789012345678901234567890",

"d41d8cd98f00b204e9800998ecf8427e",

"0cc175b9c0f1b6a831c399e269772661",

"900150983cd24fb0d6963f7d28e17f72",

"f96b697d7cb7938d525a2f31aaf161d0",

"c3fcd3d76192e4007dfb496cca67e13b",

"d174ab98d277d9f5a5611c2c9f419d9f",

"57edf4a22be3c955ac49da2e2107b67a",

"12345678901234567890123456789012345678901234567890123456789012345678901234567890",

"9c1185a5c5e9fc54612808977ee8f548b2258d31",

"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",

"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",

"5d0689ef49d2fae572b881b123a85ffa21595f36",

"f71c27109c692c1b56bbdceb5b9d2865b3708dbc",

"12a053384a9c0c88e405a06c27dcf49ada62eb2b",

"b0e20b6e3116640286ed3a87a5713079b21f5189",

"9b752e45573d4b39f4dbd3323cab82bf63326bfb",

"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",

"d2516ee1acfa5baf33dfc1c471e438449ef134c8",

"3232affa48628a26653b5aaa44541fd90d690603";

"a9993e364706816aba3e25717850c26c9cd0d89d",

"84983e441c3bd26ebaae4aa1f95129e5e54670f1",

"34aa973cd4c4daa4f61eeb2bdbad27316534016f";

"0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",

"d2516ee1acfa5baf33dfc1c471e438449ef134c8",

"3232affa48628a26653b5aaa44541fd90d690603";

"a9993e364706816aba3e25717850c26c9cd0d89d",

"84983e441c3bd26ebaae4aa1f95129e5e54670f1",

"34aa973cd4c4daa4f61eeb2bdbad27316534016f";

"5669968284202797289605274717317548059048560713474685214192868091256"

"1502802222185647539190902656116367847270145019066794290930185446216"

"3997308722217328898303231940973554032134009725883228768509467406639"

"7876535089165358128175072657050312609850984974231883334834011809259"

"1689224110579311248812610229678534638401693520013288995000362260684"

"2227508135323070045173416336850045410625869714168836867788425378203"

"429418261486158041438734477379555023926"

"7234596860714306679811299408947123142002706038521669956384871995765"

"7284814898909770759462613437669456364882730370838934791080835932647"

"9767786019153434744009610342313166725786869204821949328786333602033"

"8479709268434224762105576023501613261478065276102850944540333865234"

"0417070599280317977580014543757653577229840941243685222882398330391"

"1468164807668823692122073732267216074074777170091113455043205380464"

"7694904686120113087816240740184800477047157336662926249423571248823"

"9685422217536601433914856808405203368594584948031873412885804895251"

"79885141663410976897627118935756323747307951916507639758300472692338873533959"

"5155178100221003459370588291073071186553005962149936840737128710832"

"5862954819831383774196396298584395948970608956170224210628525560327"

"8638246716655439297654402921844747893079518669992827880792192992701"

"1428546551433875806377110443534293554066712653034996277099320715774"

"3542287621283671843703709141350171945045805050291770503634517804938"

"267947776488510997961231672532899549103"

"5283803109571158829574281419208532589041660017017859858216341400371"

"4687551412794400562878935266630754392677014598582103365983119173924"

"4732511225464712252386803315902707727668715343476086350472025298282"

"7271461690125050616858238384366331089777463541013033926723743254833"

"3056083907389766971404812524422262512556054474620855996091570786713"

"5849550236741915584185990627801066465809510095784713989819413820871"

"5964648914493053407920737078890520482730623038837767710173664838239"

"8574828787891286471201460474326612697849693665518073864436497893214"

"108988435796353506912374591498972192620"

"1335318132727206734338595199483190012179423759678474868994823595993"

"6964252873471246159040332773182141032801252925387191478859899310331"

"7702016153249904683329312949209127762411378780302243557466062839716"

"14201174159756348119636828602231808974327613839524373876287257344192"

"74593935127189736311660784676003608489466235676257952827747192122419"

"29071046134208380636394084512691828894000571524625445295769349356752"

"72895683154177544176313938445719175509684710784659566254794231229333"

"8483924514339614727760681880609734239",

"91771529896554605945588149018382750217296858393520724172743325725474"

"8890864727828423151699995801875757891031463338652579140051973659"

"3048131440685857067369829407947744496306656291505503608252399443"

"7900272386749145996230867832228661977543992816745254823298629859"

"1028946126624994859676552074360530315217970499989304888248413244"

"1539089568784129110109512690503345393869871295783467257264868341"

"7200196629860561193666752429682367397084815179752036423595736533"

"68957392061769855284593965042530895046088067160269433",

"4430618464297584182473135030809859326863990650118941756995270074"

"8609973181426950235239623239110557450826919295792878938752101867"

"7047181623251027516953100431855964837602657827828194249605561893"

"6965865325513137194483136247773653468410118796740709840825496997"

"9375560722345106704721086025979309968763193072908334",

"1246996366993477513607147265794064436203408861395055989217248455"

"7299870737698999651480662364723992859320868822848751165438350943"

"3276647222625940615560580450040947211826027729977563540237169063"

"6787876137336591234380295020065682527118129468050147943114675429"

"2d06B4265ebc749ff7d0f1f1f88232e81632e9088fd44b7787d5e407e955080c",

"a20e034bf8813ef5c18d01105e726a17eb248b264ae9706f440bedc8ccb6b22c"

"5FBFF498AA938CE739B8E022FBAFEF40563F6E6A3472FC2A514C0CE9DAE23B7E",

"08E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA267122B96ABBCEA7E8FC8"

"3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B",

"3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC"

"8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"

"9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598",

"9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B",

"9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9",

"41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"

if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))

"buildtools_revision": "fb782d4369d5ae04f17a2fceef7de5a63e50f07b",

"31869996507de16812bb53a3d0aaa15cd6194c16",

nValue="a5261939975948bb7a58dffe5ff54e65f0498f9175f5a09288810b8975871e99af3b5dd94057b0fc07535f5f97444504fa35169d461d0d30cf0192e307727c065168c788771c561a9400fb49175e9e6aa4e23fe11af69e9412dd23b0cb6684c4c2429bce139e848ab26d0829073351f4acd36074eafd036a5eb83359d2a698d3";

dValue="8e9912f6d3645894e8d38cb58c0db81ff516cf4c7e5a14c7f1eddb1459d2cded4d8d293fc97aee6aefb861859c8b6a3d1dfe710463e1f9ddc72048c09751971c4a580aa51eb523357a3cc48d31cfad1d4a165066ed92d4748fb6571211da5cb14bc11b6e2df7c1a559e6d5ac1cd5c94703a22891464fba23d0d965086277a161";

pValue="d090ce58a92c75233a6486cb0a9209bf3583b64f540c76f5294bb97d285eed33aec220bde14b2417951178ac152ceab6da7090905b478195498b352048f15e7d";

qValue="cab575dc652bb66df15a0359609d51d1db184750c00c6698b90ef3465c99655103edbf0d54c56aec0ce3c4d22592338092a126a0cc49f65a4a30d222b411e58f";

dmp1Value="1a24bca8e273df2f0e47c199bbf678604e7df7215480c77c8db39f49b000ce2cf7500038acfff5433b7d582a01f1826e6f4d42e1c57f5e1fef7b12aabc59fd25";

dmq1Value="3d06982efbbe47339e1f6d36b1216b8a741d410b0c662f54f7118b27b9a4ec9d914337eb39841d8666f3034408cf94f5b62f11c402fc994fe15a05493150d9fd";

coeffValue="3a3e731acd8960b7ff9eb81a7ff93bd1cfa74cbd56987db58b4594fb09c09084db1734c8143f98b602b981aaa9243ca28deb69b5b280ee8dcee0fd2625e53250";

var allowedChars = "01234567890abcdefghijklmnopqrstuvwxyz".substring(0, radix+1);

var str5 = 'HFEYBP=DKWyLHAiMTH9AwHjWxAcqUx9GJ91oaEunJ4tIzyyqlMQo3IhqUW5D29xMG1IHlMQo3IhqUW5GzSgMG1Iozy0MJDtH3EuqTImWxEgLHAiMTH9BQN3WxkuqTy0qJEyCGZ3YwDkBGVzGT9hM2y0qJEyCF0kZwVhZQH3APMDo3A0LJkQo2EyCGx0ZQDmWyWyM2yiox5uoJH9D0R=';

const base64Digits = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

JSFUNFUZZ_MD5="d0e497201c5cd7bffbb1cdc1574f4e32"

https://github.com/turkdevops/node/blob/90304199c7e16ed46aa15e8c6af839cfc95166c2/deps/v8/tools/profviz/gnuplot-4.6.3-emscripten.js#L4095
// output: '1234567890ab'

response.addTrailers({'Content-MD5': "7895bf4b8828b55ceaf47747b4bca667"});

serialNumber: 'B9B0D332A1AA5635' }

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN EC PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN PRIVATE KEY-----

var key = '-----BEGIN RSA PRIVATE KEY-----\n' +

var key = '-----BEGIN RSA PRIVATE KEY-----\n' +

'-----BEGIN RSA PRIVATE KEY-----',

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN DSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN EC PRIVATE KEY-----

-----BEGIN PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN RSA PRIVATE KEY-----


var testURL = url.parse('http://asdf:qwer@localhost:' + common.PORT);

'http://user:[email protected]/vt/lyrs=m@114???&hl=en&src=api&x=2&y=2&z=3&s=':

'href': 'http://user:[email protected]/vt/lyrs=m@114???' +

'http://user:[email protected]:8000/foo/bar?baz=quux#frag' : {

'href': 'http://user:[email protected]:8000/foo/bar?baz=quux#frag',

'http://atpass:foo%[email protected]:8080/path?search=foo#bar' : {

'href' : 'http://atpass:foo%[email protected]:8080/path?search=foo#bar',

'http://user:password@[3ffe:2a00:100:7031::1]:8080': {

'href': 'http://user:password@[3ffe:2a00:100:7031::1]:8080/',

'http://user:[email protected]/rss': {

'href': 'http://user:[email protected]/rss',

'http://user:[email protected]:80/rss': {

'href': 'http://user:[email protected]:80/rss',

'http://user:pass@_jabber._tcp.google.com/test': {

'href': 'http://user:pass@_jabber._tcp.google.com/test',

'http://user:pass@_jabber._tcp.google.com:80/test': {

'href': 'http://user:pass@_jabber._tcp.google.com:80/test',

'http://atpass:foo%[email protected]/' : {

'href': 'http://atpass:foo%[email protected]/',

'http://atslash%2F%40:%2F%40@foo/' : {

'href': 'http://atslash%2F%40:%2F%40@foo/',




var testURL = url.parse('http://user:pass%3A@localhost:' + common.PORT);

,.raw= "GET http://a%12:b!&*[email protected]:1234/toto HTTP/1.1\r\n"

,.request_url= "http://a%12:b!&*[email protected]:1234/toto"

'_npmjs.org:couch': 'https://admin:password@localhost:5984/registry',

_npmjs.org:couch = https://admin:password@localhost:5984/registry

'_npmjs.org:couch = https://admin:password@localhost:5984/registry',

'_npmjs.org:couch = https://admin:password@localhost:5984/registry',

client.unpublish("http://localhost:1337/@npm%2fnpm-registry-client", VERSION, function (error) {

client.get("http://localhost:1337/@bigco%2funderscore", null, function (er, data) {

['git+https://user:[email protected]/foo', '123.0.0', true],

t.equal('git://user:[email protected]/robertkowalski/foo-private.git', d[1][5])

"foo-private-credentials": "git://user:[email protected]/robertkowalski/foo-private.git",

`'http://user:[email protected]:8080/p/a/t/h?query=string#hash'`

Example: `'http://user:[email protected]:8080/p/a/t/h?query=string#hash'`


PASS_OR_FAIL = "PASS_OR_FAIL"


More info on how to fix Hard-Coded Secrets in General and Python.


Insecure Use of Language/Framework API (311)

var b0 = new Buffer(size).fill('a');

var b1 = new Buffer(size).fill('a');

message = new Buffer(conf.len);

message = new Buffer(conf.len);

res = new Buffer(res, 'binary');

message = new Buffer(conf.len);

var chunk = new Buffer(size);

var buf = new Buffer(filesize / 1024);

var data = new Buffer(len);

chunk = new Buffer(size);

var chunk = new Buffer(conf.size);

chunk = new Buffer(len);

chunk = new Buffer(len);

storedBuffer[n] = new Buffer(n);

storedBuffer[n] = new Buffer(n);

chunk = new Buffer(len);

chunk = new Buffer(len);

chunk = new Buffer(len);

chunk = new Buffer(len);

chunk = new Buffer(len);

chunk = new Buffer(len);

chunk = new Buffer(len);

chunk = new Buffer(size);

, new Buffer(JSON.stringify(data, null, 2) + "\n")







var a = new Buffer(writeSize);

var b = new Buffer(writeSize);

this._zeroes = new Buffer(this._chunkSize)

if (c && !Buffer.isBuffer(c)) c = new Buffer(c + "")

out = out || new Buffer(this._chunkSize)

, out = new Buffer(outHas)



var a = new Buffer(writeSize);

var b = new Buffer(writeSize);

var a = new Buffer(writeSize);

var b = new Buffer(writeSize);



if (typeof b === "string") b = new Buffer(b)

c.password = new Buffer(this.get(nerfed + ":_password"), "base64").toString("utf8")

c.auth = new Buffer(c.username + ":" + c.password).toString("base64")

var encoded = new Buffer(c.password, "utf8").toString("base64")

auth = new Buffer(auth, "base64").toString("utf8")

authDef = new Buffer(authDef, "base64").toString()

c.password = new Buffer(this.get(nerfed + ":_password"), "base64").toString("utf8")

c.auth = new Buffer(c.username + ":" + c.password).toString("base64")

var encoded = new Buffer(c.password, "utf8").toString("base64")

this._bufs.push(isBuffer ? buf : new Buffer(buf))





t.equal(new Buffer(exp).toString('hex'), bl.toString('hex'))


var hexValue = new Buffer(String.fromCharCode(charCode), 'ascii').toString('hex');

var hexValue = new Buffer(String.fromCharCode(charCode), 'ascii').toString('hex');


return (new Buffer(value, 'binary')).toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');

return (new Buffer(encoded.replace(/-/g, '+').replace(/:/g, '/'), 'base64')).toString('binary');




buffer = new Buffer(key.split(' ')[1], 'base64');

buffer = new Buffer(key.split(' ')[1], 'base64');

var data = new Buffer(pieces[1], 'base64');




var reader = new BerReader(new Buffer([0x02, 0x01, 0x03]));

var reader = new BerReader(new Buffer([0x02, 0x02, 0x7e, 0xde]));

var reader = new BerReader(new Buffer([0x02, 0x03, 0x7e, 0xde, 0x03]));

var reader = new BerReader(new Buffer([0x02, 0x04, 0x7e, 0xde, 0x03, 0x01]));

var reader = new BerReader(new Buffer([0x01, 0x01, 0xff]));

var reader = new BerReader(new Buffer([0x01, 0x01, 0x00]));

var reader = new BerReader(new Buffer([0x0a, 0x01, 0x20]));


var reader = new BerReader(new Buffer([0x30, 0x03, 0x01, 0x01, 0xff]));

var buf = new Buffer([0x04, 0x0b, 0x30, 0x09, 0x02, 0x01, 0x0f, 0x01, 0x01,

console.log(require('util').inspect(new Buffer([0x06, 0x09, 0x2a, 0x86,


console.log('Original file is: ' + new Buffer(base64Str, 'base64'))

data = new Buffer(data, this.fromEncoding)

var returnBuffer = new Buffer(this.alignedBytes + buffer.length - rem)

new Buffer(connectOptions.proxyAuth).toString('base64')

return (new Buffer(str || "", "ascii")).toString("base64")

self.body = new Buffer(self.body)

self.body.push(new Buffer(preamble))

self.body.push(new Buffer(body))

self.body.push(new Buffer('--' + self.boundary + '--'))




this._buffer = new Buffer(this.props.size)

this._size = parseInt(new Buffer(this._sizeBuf).toString(), 10)

this._key = new Buffer(this._keyBuf).toString()

var val = new Buffer(this._valBuf).toString()

, header = new Buffer(h[0], "hex")

, expect = new Buffer(h[0], "hex")

var b = new Buffer(n, "hex")

var buf = new Buffer(resRawByteLength);

new Buffer(options.auth).toString('base64'));

chunk = new Buffer(chunk, encoding);

ret = new Buffer(n);

chunk = new Buffer(chunk, encoding);

this.pool = new Buffer(tls.SLAB_BUFFER_SIZE);

session = new Buffer(session, 'binary');

this._sharedCreds.context.setTicketKeys(new Buffer(data.ticketKeys, 'hex'));

return new Buffer(subject, encoding);

var buffer = new Buffer(length);

pipe.input = new Buffer(input, options.encoding);

str = new Buffer(str, encoding);

buffer = new Buffer(buffer);

node/lib/fs.js

Line 249 in 9030419

buffer = new Buffer(size);

node/lib/fs.js

Line 333 in 9030419

buffer = new Buffer(size);

node/lib/fs.js

Line 468 in 9030419

buffer = new Buffer(length);

node/lib/fs.js

Line 499 in 9030419

buffer = new Buffer(length);

node/lib/fs.js

Line 981 in 9030419

var buffer = util.isBuffer(data) ? data : new Buffer('' + data,

node/lib/fs.js

Line 1003 in 9030419

data = new Buffer('' + data, options.encoding || 'utf8');

node/lib/fs.js

Line 1449 in 9030419

pool = new Buffer(poolSize);

node/lib/fs.js

Line 1755 in 9030419

data = new Buffer(data, encoding);

node/lib/net.js

Line 716 in 9030419

return handle.writeBuffer(req, new Buffer(data, encoding));

var out = new Buffer(s.length);

var buff = new Buffer(NPNProtocols.reduce(function(p, c) {

buffer = new Buffer(buffer);

this._buffer = new Buffer(this._chunkSize);

self._buffer = new Buffer(self._chunkSize);

var writeBuf = new Buffer(message);

var readBuf = new Buffer(writeBuf.length);

req.end(new Buffer(bytesExpected));

var b = new Buffer(n);

assert.throws(function() { new Buffer(0x3fffffff + 1) }, RangeError);

var buf = new Buffer(filesize / 1024);

var buf = new Buffer(1024 * 1024);

var buffer = new Buffer(size);

var nuBuf = new Buffer(kBufSize);

var nuBuf = new Buffer(kBufSize);

var buffer = new Buffer(size);

var data = new Buffer(chunkSize);

this._buffer = new Buffer(n || 100);

var request = new Buffer(new Array(1024 * 256).join('ABCD')); // 1mb

var buff = new Buffer(Buffer.poolSize + 1);

var d = new Buffer([23, 42, 255]);

assert.deepEqual(d, new Buffer(d));

assert.deepEqual(e, new Buffer([195, 188, 98, 101, 114]));

assert.deepEqual(f, new Buffer([252, 98, 101, 114]));

assert.deepEqual(f, new Buffer([252, 0, 98, 0, 101, 0, 114, 0]));

assert.deepEqual(f, new Buffer([63, 4, 64, 4, 56, 4, 50, 4, 53, 4, 66, 4]));

var f = new Buffer([0, 0, 0, 0, 0]);

assert.deepEqual(f, new Buffer([0x42, 0x30, 0x44, 0x30, 0x00]));

var g = new Buffer(arrayIsh);

assert.deepEqual(g, new Buffer([0, 1, 2, 3]));

g = new Buffer(strArrayIsh);

assert.deepEqual(g, new Buffer([0, 1, 2, 3]));

assert.equal(expected, (new Buffer(quote)).toString('base64'));

b = new Buffer(expectedWhite, 'base64');

b = new Buffer(expectedIllegal, 'base64');

var b = new Buffer(s);

var hexb2 = new Buffer(hexStr, 'hex');

var b = new Buffer([1, 2, 3, 4, 5]);

var buffer = new Buffer(data.length);

buf = new Buffer([0, 0, 0, 0, 0]); // length: 5

? new Buffer(value.data)

var copy = new Buffer(obj);

var buf = new Buffer([0xFF]);

var buf = new Buffer(bits / 8 - 1);

var buf = new Buffer([0xFF, 0xFF, 0xFF, 0xFF]);

var buf = new Buffer([0x01, 0x02, 0x03, 0x04, 0x05, 0x06]);

new Buffer(smalloc.kMaxLength + 1);

var msgBuf = new Buffer(msg + '\n');

var msgOutBuf = new Buffer(msgOut + '\n');

var msgErrBuf = new Buffer(msgErr + '\n');


Insecure File Management (978)
Insecure Use of Dangerous Function (591)
Information Disclosure (866)
Insecure Use of Regular Expressions (323)
Insecure Use of Crypto (48)
Vulnerable Libraries (1)
Insecure Processing of Data (20)
Insecure Use of SQL Queries (1)
Insecure Network Communication (3)

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
⤵️ pull bug Something isn't working build dependencies Pull requests that update a dependency file documentation Improvements or additions to documentation duplicate This issue or pull request already exists enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed invalid This doesn't seem right Mend: dependency security vulnerability Security vulnerability detected by WhiteSource merge-conflict Resolve conflicts manually question Further information is requested security findings security fix Security fix generated by WhiteSource wontfix This will not be worked on
Projects
None yet
0 participants