Skip to main content

Engine Pack Version 9.6.5

CxSAST Engine

Languages & Frameworks

All supported code Languages & Frameworks versions are listed here: Engine Pack Supported Code Languages and Frameworks (9.6.5) .

JavaScript

This engine pack includes additional improvements on the performance of JavaScript parsing, expanding on the improvements introduced in version 9.6.4.

As a result of these new improvements, the duration of the scanning process was reduced, and the amount of memory consumed was decreased.

Rust

The Rust support has been improved by adding additional queries.

The following queries are available as part of this version:

  • high_risk_icon.png: Rust_High_Risk

    • Plaintext_Password_Storage

  • medium_risk_icon.png: Rust_Medium_Threat

    • Open_Redirect

    • SSL_Verification_Bypass

  • low_risk_icon.png: Rust_Low_Visibility

    • Overly_Permissive_Cross_Origin_Resource_Sharing_Policy

    • Privacy_Violation_in_Files

    • Privacy_Violation_in_Logs

Notice

Technology Preview features provide early access to upcoming product innovations, enabling you to test functionality and provide feedback during development. However, these features are not fully supported, might not be functionally complete, and are not intended for production use.

As Checkmarx considers making future iterations of Technology Preview features generally available, we will attempt to resolve any issues customers experience when using these features.

Presets

Base Preset

Based on thorough tests and comparison to internal benchmarks, we've decided to improve the Base preset and finetune it. As a result, support for the following languages is being removed from the preset: Cobol, Go, Groovy, Perl, PLSQL, RPG, Ruby, and VB.Net.

Moving forward, we will focus on enhancing coverage for Java, JavaScript, C#, CPP, and Python languages. Additionally, we'll gradually include support for other languages with improved coverage and accuracy.

New return codes

Notice

The following use cases which have the return code denoted as “-1“ will be replaced by a new return code:

  • Error on scan inputs (such as missing or invalid scan) parameters - new return code will be 58

  • Error on the setup of the logs - new return code will be 61

  • Project not found - new return code will be 62

  • Error on file extension initialization (includes files having no extension defined) - new return code will be 63

  • Error on queries deserialization (a step that occurs before queries compilation) - new return code will be 64

  • Error on queries compilation - new return code will be 65

  • Error on queries execution - new return code will be 66

  • Error on the license validation - new return code will be 67

  • Error while scanning (such as parsing, Resolver) - new return code will be 68

To ensure a seamless transition and prevent potential errors, we strongly recommend to:

  • Carefully review your existing pipelines and workflows.

  • Identify whether there are any configurations or dependencies currently relying on the current error code.

Making the necessary configuration adjustments before upgrading to version 9.6.3 is essential. By making these changes, you'll be able to avoid any disruptions caused by the change in error code and ensure the continued smooth operation of your processes.

Removal of deprecated queries from Presets

The following deprecated queries were removed from the presets according to the following list:

(Language, Query Id, Query Name)

Engine Pack Supported Code Languages and Frameworks (9.6.5)

Environment and Primary Languages

Secondary Languages

Framework

File extensions

Additional Information

6022007568
  • Java

  • J2SE

  • J2EE

  • JSP

  • JavaScript

  • VBScript

  • PL\SQL

  • HTML5

  • ATG DSP Taglib

  • GWT

  • Hibernate

  • Google Guice

  • Java Server Faces (JSF)

  • JSP

  • JSTL FMT Taglib

  • OWASP ESAPI

  • MyBatis

  • PrimeFaces

  • Spring Boot

  • Spring MVC

  • Spring

  • Struts

  • Velocity

  • .java

  • .jsp

  • .jspf

  • .jsf

  • .tag

  • .tld

  • .mf

  • .xhtml

  • .vm

  • .gradle

  • .properties

  • .jspdsbld

  • .wod

  • .xml

  • .yml

  • .yaml

Java can be configured as a unified language with Scala.

6022007571.png
  • ASP.NET

  • JavaScript

  • VBScript

  • PL\SQL

  • HTML5

  • ASP.NET Core

  • ASP.Net Core Razor

  • ASP.Net MVC framework

  • Enterprise Libraries

  • ComponentArt

  • Entity framework

  • Hibernate.Net

  • Infragistics

  • iBatis

  • Telerik

  • Dapper

  • .cs

  • .cshtml

  • .xaml

  • .vb

  • .config

  • .aspx

  • .ascx

  • .asax

  • .tag

  • .master

  • .xml

6022007574.png
  • ASP

  • JavaScript [**]

  • VBScript

  • PL\SQL

  • HTML5

  • ASP.Net MVC framework

  • .asp

  • .inc

6022007577.png
  • VB6

  • .bas

  • .vbp

  • .frm

  • .cls

  • .dsr

  • .ctl

6022007580.png
  • C

  • C++

  • C MISRA

  • C++ MISRA

  • Informix ESQL/C

  • MySQL

  • .cpp

  • .c

  • .cc

  • .c++

  • .cxx

  • .hpp

  • .hh

  • .h++

  • .hxx

  • .h

  • .ec

  • .cmake

  • .pc

  • .pro

  • .ac

  • .am

  • .txt (related to CmakeLists)

  • .ph

64d4d824681bd.svg
  • PHP

JavaScript

  • bWapp

  • CakePHP

  • OWASP ESAPI

  • Kohana

  • Symfony

  • Smarty

  • Zend

  • .php

  • .php3

  • .php4

  • .php5

  • .phtm

  • .phtml

  • .tpl

  • .ctp

  • .twig

  • .inc

  • .cgi

  • .env

  • .ini

6022007586.png
  • Apex

  • VisualForce

  • Lightning (Aura)

  • Lightning Web Components

  • .apex

  • .apexp

  • .apxc

  • .page

  • .component

  • .cls

  • .trigger

  • .tgr

  • .object

  • .report

  • .workflow

  • -meta.xml

  • .xml

This is for Salesforce APEX only.

6022007589.png
  • Ruby

  • Ruby on Rails

  • .rb

  • .rhtml

  • .rxml

  • .rjs

  • .erb

  • .cgi

  • .lock

6022007592.png
  • JavaScript

  • Typescript

  • Ajax

  • Angular

  • AngularJS

  • Backbone

  • Cordova / PhoneGap

  • Handlebars

  • Hapi.JS

  • JQuery

  • Knockout

  • Kony Visualizer

  • Node.js

    • Buffer

    • CryptoJS

    • ExpressJS

    • File System

    • Hapi

    • Mongodb

    • OracleDB

    • Sequelize

  • Pug (Jade)

  • React Native

  • ReactJS

  • SAPUI5

  • VueJS

  • XS (SAP)

  • RequireJS

  • .js

  • .jsx

  • .htm

  • .html

  • .json

  • .ts

  • .tsx

  • .aspx

  • .ascx

  • .xsjs

  • .xsjslib

  • .xsaccess

  • .xsapp

  • .app

  • .evt

  • .cmp

  • .hbs

  • .handlebars

  • .jade

  • .pug

  • .vue

  • .xml

  • .apexp

  • .page

  • .component

  • .cshtml

  • .jsf

  • .xhtml

  • .jsp

  • .jspf

  • .asp

  • .master

  • .php

6022007598.png
  • VBScript

  • .vbs

  • .aspx

  • .ascx

  • .asp

  • .cshtml

  • .html

  • .htm

  • .master

6022007601.png
  • Perl

  • .pl

  • .pm

  • .plx

  • .psgi

  • .cgi

6022007604.png
  • Android (Java)

  • Volley

  • .java

  • .kt

6022007607.png
  • Objective-C

  • Swift

  • .m

  • .h

  • .swift

  • .xib

  • .plist

6022007610.png
  • HTML 5

  • .html

  • .htm

6022007613.png
  • PL/SQL

  • .pls

  • .sql

  • .pkh

  • .pks

  • .pkb

  • .pck

6022007616.png
  • Python

  • JavaScript

  • VB script

  • PL\SQL

  • Django

  • Flask

  • Jinja and DTL

  • Pandas library

  • Marshmallow

  • .py

  • .gtl

  • .csv

  • .latex

  • .tex

  • .html

  • .xml

  • .txt

6022007619.png
  • Groovy

  • JavaScript

  • VB script

  • PL\SQL

  • .groovy

  • .gsh

  • .gvy

  • .gy

  • .gsp

  • .gradle

6022007622.png
  • Scala

  • Akka

  • Finagle

  • Finatra

  • .scala

  • .conf

Scala can be configured as a unified language with Java.

6022007625.png
  • GO Language

  • Protobuf

  • gin-gonic/gin

  • gorilla-mux

  • .go

  • .mod

kotlinlogo.png
  • Kotlin

  • Ktor (Server Side)

  • Vert.x (Server Side)

  • Spring

  • .kt

  • .kts

  • .mustache

  • .ftl

  • .xml

6022007508.jpg
  • Cobol

  • .cbl

  • .cob

  • .eco

  • .pco

  • .sqb

  • .cpy

6994002109.png
  • RPG

  • .rpg

  • .rpg38

  • .sqlrpg

  • .rpgle

  • .sqlrpgle

  • .dspf

6994002106.png
  • Dart

  • Flutter

  • .dart

  • .yaml

6993019381.png
  • Lua

  • OpenResty

  • .lua

  • .conf

Rust.png
  • Rust

  • .rs

Vulnerability Queries 9.6.5

All queries that are executed in version 9.6.5 are available for download  - PDFCSV

New and updated queries in version 9.6.5 are available for download - PDFCSV

Queries associated with predefined query presets are available for download - PDFCSV

New and Changed Queries Details