Improved JavaScript parsing to prevent scanning from getting unintentionally stuck.
Improved VBNet support to:
Prevent false negatives for SQL Injection.
Better handling of Integer type.
Improvements to prevent false positives for the Go_Medium_Threat\Privacy_Violation query: Ignored results that pass through the error handling of a method invocation, as the likelihood of a vulnerability is low.
Improved the gin/gonic web outputs support regarding io.writer web outputs. Previously, io.writer methods were being added as web outputs regardless of they were part of their intended context, gin-gonic.
Improvements to prevent false positives for the:
Go_Medium_Threat\Reflected_Absolute_Path_Traversal() and Go_Medium_Threat.Reflected_Relative_Path_Traversal() queries: Removed io.Copy calls that only copy data from one request to another (no file accesses).
Go_Insecure_Credential_Storage\Insufficient_Output_Length query: Fixed query that validates the if the value is within a valid range. Query was unable to find the definition of a value in a specific context. Context was added.
Go_Insecure_Credential_Storage\PBKDF2_Insufficient_Iteration_Count query: Improved the query to return a flow, meaning, added context to reflect with the entirety of the result, from the insufficient value definition to its use.
Go_Low_Visbility\Race_Condition_Concurrent_Instances query: Removed references of casts that cannot be influenced or altered.