Vulnerability

Code Rules in Vulnerability category

Category Severity Name Description
Vulnerability Critical DES or 3DES Used DES or 3DES Used is a rule for encrypting data using the Data Encryption Standard (DES) or Triple DES (3DES) algorithms. DES is an older encryption algorithm that uses a 56-bit key to encrypt data, while 3DES is a more secure algorithm that uses three 56-bit keys for encryption. Both algorithms are widely used for encrypting data, especially for financial and government applications.
Vulnerability Critical Exceptions should not be ignored

The rule "Exceptions should not be ignored" in PL/SQL code means that any errors or exceptions that occur during the execution of the code should be handled properly. This means that the code should include appropriate exception handling blocks to catch any errors that may occur. The code should also include appropriate logging and error messages to ensure that any errors are properly recorded and reported. This rule is important to ensure that any errors that occur during the execution of the code are handled properly and do not cause any unexpected or undesired behavior.

Vulnerability Critical Sensitive SYS owned functions should not be used

The rule "Sensitive SYS owned functions should not be used" in PL/SQL code means that functions owned by the SYS user should not be used in PL/SQL code. These functions are considered sensitive because they can have a significant impact on the system, and can be used to access sensitive information. Therefore, it is important to ensure that these functions are used only when absolutely necessary, and with the proper security measures in place.

Vulnerability Critical SHA-1 and Message-Digest hash algorithms should not be used in secure contexts

The rule "SHA-1 and Message-Digest hash algorithms should not be used in secure contexts" means that these algorithms should not be used when data security is a priority. SHA-1 and Message-Digest are both hashing algorithms, which are used to generate a unique value (or "hash") from a given set of data. These hashes can be used to verify the integrity of data, but they are not considered secure enough for use in secure contexts. As such, they should not be used when security is a priority.