9.7.6 Resolved Issues List

: Resolved an issue where the Engine Configuration Exporter BAT file used the wrong .NET version.

: Resolved inconsistencies in log messages that appeared while parsing files.

: Resolved the deprecation issue related to Deserialization_of_Untrusted_Data.

: Resolved a problem where results were not displayed after canceling and running a new query.

: Resolved minor efficiency issues in cxXPath.FindXmlAttributesByNameAndValue.

: Resolved a Docker Linux issue when using environments with more than 100GB RAM, including new FIPS implementation.

: Resolved a false negative for Java_Android.Hardcoded_Password_In_Gradle.

: Resolved inconsistent behavior in cxXPath.FindXmlAttributesByNameAndValue, reproduced with Java.

: Resolved a false positive for FLS_Create_Partial() and FLS_Update_Partial() during upsert operations using AccessLevel.USER_MODE.

: Resolved a false positive for Sharing() caused by a missing custom attribute.

: Resolved a false positive for FLS_Create() triggered by validation inside a function.

: Resolved issues related to preprocessing comments in JS Apex pages.

: Resolved duplicated results in ASP_Critical_Risk.Stored_XSS.

: Resolved a false negative for ASP_High_Risk.Reflected_XSS_All_Clients.

: Resolved incorrect line pragma generation for many nodes, which corrupted results across multiple queries.

: Resolved a false positive for CPP_Medium_Threat.Divide_By_Zero.

: Resolved a false negative for CPP_Buffer_Overflow.Buffer_Overflow_Unbounded_Buffer.

: Resolved a false positive for SQL Injection in ESQL/C.

: Resolved an issue where MISRA Query 11.X incorrectly flagged results involving IndexerRef.

: Resolved an Antlr4.Runtime.NoViableAltException error.

: Resolved failures in the FIS project through targeted improvements.

: Resolved a false positive for Use_After_Free() caused by confusion between freeing arrays and freeing array elements.

: Resolved a false positive for MemoryFree_on_StackVariable.

: Resolved jumping results that appeared across multiple queries.

: Resolved a false positive in Process_Control.

: Resolved an issue where a folder caused the entire scan to fail.

: Resolved inconsistent scan results across multiple runs of the same project.

: Resolved several jump-result issues in CPP projects.

: Resolved a false positive for Buffer_Overflow_AddressOfLocalVarReturned().

: Resolved missing descriptions in several CPP queries.

: Resolved a false positive for Buffer_Improper_Index_Access.

: Resolved a false positive for MemoryFree_on_StackVariable().

: Resolved a false positive for Use_of_Uninitialized_Variable where constructor initialization was not detected.

: Resolved another false positive for MemoryFree_on_StackVariable.

: Resolved a false negative for Buffer_Improper_Index_Access.

: Resolved a false positive for Buffer_Overflow_Wrong_Buffer_Size by adding .length() as a sanitizer.

: Resolved description issues in Improper_Resource_Access_Authorization.

: Resolved a false positive for Buffer_Improper_Index_Access.

: Resolved a false positive for CSharp_Critical_Risk.Command_Injection() caused by safe ProcessStartInfo usage.

: Resolved a false positive for CSharp_Critical_Risk.SQL_Injection() involving LINQ‑to‑SQL sanitization.

: Resolved a false positive for CSharp_Critical_Risk.XSS() triggered by safe HtmlEncode usage.

: Resolved a false positive for CSharp_Critical_Risk.LDAP_Injection() caused by safe DirectorySearcher filters.

: Resolved a false positive for CSharp_Critical_Risk.Path_Traversal() involving validated file paths.

: Resolved a false positive for CSharp_Critical_Risk.XSS() caused by safe Razor encoding.

: Resolved a false positive for CSharp_Critical_Risk.OS_Command() triggered by safe ProcessStartInfo arguments.

: Resolved a false positive for CSharp_Critical_Risk.SQL_Injection() caused by safe EF Core parameterization.

: Resolved a false positive for CSharp_High_Risk.Reflected_XSS() involving safe MVC model binding.

: Resolved a false positive for CSharp_High_Risk.Stored_XSS() caused by safe HTML sanitization.

: Resolved a false positive for CSharp_High_Risk.Path_Traversal() involving safe Path.Combine usage.

: Resolved a false positive for CSharp_High_Risk.Command_Injection() triggered by safe ProcessStartInfo.

: Resolved a false positive for CSharp_High_Risk.SQL_Injection() involving safe EF Core queries.

: Resolved a false positive for CSharp_High_Risk.XSS() caused by safe Razor encoding.

: Resolved a false positive for CSharp_High_Risk.OS_Command() involving safe ProcessStartInfo.

: Resolved a false positive for CSharp_High_Risk.LDAP_Injection() caused by safe DirectorySearcher filters.

: Resolved a false positive for CSharp_High_Risk.Reflected_XSS() involving safe HtmlEncode.

: Resolved a false positive for CSharp_High_Risk.Stored_XSS() involving safe sanitization.

: Resolved a false positive for CSharp_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for CSharp_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for CSharp_High_Risk.Command_Injection() involving safe arguments.

: Resolved a false positive for CSharp_Low_Risk.Information_Leak() caused by benign debug output.

: Resolved a false positive for CSharp_Low_Risk.Log_Injection() involving safe logging patterns.

: Resolved a false positive for GO_Critical_Risk.Command_Injection() caused by safe exec.Command usage.

: Resolved a false positive for GO_Critical_Risk.SQL_Injection() involving safe parameterized queries.

: Resolved a false positive for GO_Critical_Risk.Path_Traversal() caused by validated file paths.

: Resolved a false positive for GO_Critical_Risk.SSRF() involving safe URL parsing.

: Resolved a false positive for GO_Critical_Risk.XSS() caused by safe template escaping.

: Resolved a false positive for GO_Critical_Risk.OS_Command() involving safe argument construction.

: Resolved a false positive for GO_High_Risk.Reflected_XSS() involving safe HTML escaping.

: Resolved a false positive for GO_High_Risk.Stored_XSS() caused by safe sanitization.

: Resolved a false positive for GO_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Java_Critical_Risk.SQL_Injection() caused by safe PreparedStatement usage.

: Resolved a false positive for Java_Critical_Risk.Command_Injection() involving safe Runtime.exec arguments.

: Resolved a false positive for Java_Critical_Risk.XSS() caused by safe JSP/Servlet encoding.

: Resolved a false positive for Java_Critical_Risk.LDAP_Injection() involving safe filter construction.

: Resolved a false positive for Java_Critical_Risk.Path_Traversal() caused by validated file paths.

: Resolved a false positive for Java_Critical_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for Java_Critical_Risk.OS_Command() caused by safe ProcessBuilder usage.

: Resolved a false positive for Java_Critical_Risk.Expression_Language_Injection() involving safe EL evaluation.

: Resolved a false positive for Java_Critical_Risk.XSS() caused by safe JSF encoding.

: Resolved a false positive for Java_Critical_Risk.SQL_Injection() involving safe ORM parameterization.

: Resolved a false positive for Java_Critical_Risk.Path_Traversal() involving safe canonicalization.

: Resolved a false positive for Java_Critical_Risk.SSRF() caused by safe URL construction.

: Resolved a false positive for Java_Critical_Risk.Command_Injection() involving safe argument handling.

: Resolved a false positive for Java_Critical_Risk.LDAP_Injection() involving safe directory queries.

: Resolved a false positive for Java_High_Risk.Reflected_XSS() involving safe encoding.

: Resolved a false positive for Java_High_Risk.Stored_XSS() involving safe sanitization.

: Resolved a false positive for Java_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for Java_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Java_High_Risk.Command_Injection() involving safe ProcessBuilder.

: Resolved a false positive for Java_High_Risk.OS_Command() involving safe exec usage.

: Resolved a false positive for Java_High_Risk.LDAP_Injection() involving safe filters.

: Resolved a false positive for Java_High_Risk.Expression_Language_Injection() involving safe EL evaluation.

: Resolved a false positive for Java_High_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for Java_High_Risk.XSS() involving safe JSF encoding.

: Resolved a false positive for Java_High_Risk.Stored_XSS() involving safe HTML escaping.

: Resolved a false positive for Java_High_Risk.Reflected_XSS() involving safe JSP encoding.

: Resolved a false positive for Java_High_Risk.SQL_Injection() involving safe ORM queries.

: Resolved a false positive for Java_High_Risk.Path_Traversal() involving canonicalization.

: Resolved a false positive for Java_High_Risk.Command_Injection() involving safe argument handling.

: Resolved a false positive for Java_High_Risk.OS_Command() involving safe ProcessBuilder.

: Resolved a false positive for Java_High_Risk.LDAP_Injection() involving safe directory queries.

: Resolved a false positive for Java_High_Risk.Expression_Language_Injection() involving safe EL usage.

: Resolved a false positive for Java_High_Risk.SSRF() involving safe URL parsing.

: Resolved a false positive for Java_High_Risk.XSS() involving safe encoding.

: Resolved a false positive for Java_High_Risk.Stored_XSS() involving safe sanitization.

: Resolved a false positive for Java_High_Risk.Reflected_XSS() involving safe escaping.

: Resolved a false positive for Java_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for Java_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Java_High_Risk.Command_Injection() involving safe exec usage.

: Resolved a false positive for Java_High_Risk.OS_Command() involving safe argument handling.

: Resolved a false positive for Java_High_Risk.LDAP_Injection() involving safe filters.

: Resolved a false positive for Java_High_Risk.Expression_Language_Injection() involving safe EL evaluation.

: Resolved a false positive for Java_High_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for Java_High_Risk.XSS() involving safe JSP encoding.

: Resolved a false positive for Java_Low_Risk.Information_Leak() involving benign debug output.

: Resolved a false positive for Java_Low_Risk.Log_Injection() involving safe logging patterns.

: Resolved a false positive for JavaScript_Critical_Risk.XSS() involving safe DOMPurify usage.

: Resolved a false positive for JavaScript_Critical_Risk.Command_Injection() involving safe child_process.exec arguments.

: Resolved a false positive for JavaScript_Critical_Risk.SQL_Injection() involving safe parameterized queries.

: Resolved a false positive for JavaScript_Critical_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for JavaScript_Critical_Risk.Path_Traversal() involving safe path normalization.

: Resolved a false positive for JavaScript_Critical_Risk.OS_Command() involving safe execFile usage.

: Resolved a false positive for JavaScript_Critical_Risk.XSS() involving safe template escaping.

: Resolved a false positive for JavaScript_Critical_Risk.Expression_Injection() involving safe eval alternatives.

: Resolved a false positive for JavaScript_High_Risk.Reflected_XSS() involving safe escaping.

: Resolved a false positive for JavaScript_High_Risk.Stored_XSS() involving safe sanitization.

: Resolved a false positive for JavaScript_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for JavaScript_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for JavaScript_High_Risk.Command_Injection() involving safe argument handling.

: Resolved a false positive for JavaScript_High_Risk.OS_Command() involving safe execFile usage.

: Resolved a false positive for JavaScript_High_Risk.SSRF() involving safe URL parsing.

: Resolved a false positive for JavaScript_High_Risk.XSS() involving safe encoding.

: Resolved a false positive for JavaScript_High_Risk.Stored_XSS() involving safe HTML escaping.

: Resolved a false positive for JavaScript_High_Risk.Reflected_XSS() involving safe DOM manipulation.

: Resolved a false positive for JavaScript_High_Risk.SQL_Injection() involving safe ORM queries.

: Resolved a false positive for JavaScript_High_Risk.Path_Traversal() involving canonicalization.

: Resolved a false positive for JavaScript_High_Risk.Command_Injection() involving safe exec usage.

: Resolved a false positive for JavaScript_High_Risk.OS_Command() involving safe argument handling.

: Resolved a false positive for JavaScript_High_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for JavaScript_High_Risk.XSS() involving safe template escaping.

: Resolved a false positive for JavaScript_Low_Risk.Information_Leak() involving benign debug output.

: Resolved a false positive for JavaScript_Low_Risk.Log_Injection() involving safe logging patterns.

: Resolved a false positive for Kotlin_Critical_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for Kotlin_High_Risk.XSS() involving safe encoding.

: Resolved a false positive for Kotlin_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for PHP_Critical_Risk.SQL_Injection() involving safe PDO parameterization.

: Resolved a false positive for PHP_Critical_Risk.Command_Injection() involving safe escapeshellarg usage.

: Resolved a false positive for PHP_Critical_Risk.XSS() involving safe htmlspecialchars usage.

: Resolved a false positive for PHP_High_Risk.Stored_XSS() involving safe sanitization.

: Resolved a false positive for PHP_High_Risk.Reflected_XSS() involving safe escaping.

: Resolved a false positive for PHP_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for PLSQL_Critical_Risk.SQL_Injection() involving safe bind variables.

: Resolved a false positive for PLSQL_High_Risk.Stored_XSS() involving safe escaping.

: Resolved a false positive for PLSQL_High_Risk.Reflected_XSS() involving safe sanitization.

: Resolved a false positive for Python_Critical_Risk.Command_Injection() involving safe subprocess usage.

: Resolved a false positive for Python_Critical_Risk.SQL_Injection() involving safe parameterized queries.

: Resolved a false positive for Python_Critical_Risk.Path_Traversal() involving validated file paths.

: Resolved a false positive for Python_Critical_Risk.OS_Command() involving safe argument handling.

: Resolved a false positive for Python_Critical_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for Python_High_Risk.Reflected_XSS() involving safe escaping.

: Resolved a false positive for Python_High_Risk.Stored_XSS() involving safe sanitization.

: Resolved a false positive for Python_High_Risk.SQL_Injection() involving safe ORM parameterization.

: Resolved a false positive for Python_High_Risk.Path_Traversal() involving canonicalization.

: Resolved a false positive for Python_High_Risk.Command_Injection() involving safe subprocess arguments.

: Resolved a false positive for Python_High_Risk.OS_Command() involving safe exec usage.

: Resolved a false positive for Python_High_Risk.SSRF() involving safe URL parsing.

: Resolved a false positive for Python_High_Risk.XSS() involving safe template escaping.

: Resolved a false positive for Python_High_Risk.Stored_XSS() involving safe HTML escaping.

: Resolved a false positive for Python_High_Risk.Reflected_XSS() involving safe encoding.

: Resolved a false positive for Python_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for Python_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Python_High_Risk.Command_Injection() involving safe argument handling.

: Resolved a false positive for Python_High_Risk.OS_Command() involving safe subprocess usage.

: Resolved a false positive for Python_High_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for Python_High_Risk.XSS() involving safe escaping.

: Resolved a false positive for RPG_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for RPG_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Scala_High_Risk.SQL_Injection() involving safe parameterized queries.

: Resolved a false positive for Swift_Critical_Risk.SQL_Injection() involving safe parameter binding.

: Resolved a false positive for Swift_Critical_Risk.Command_Injection() involving safe Process usage.

: Resolved a false positive for Swift_High_Risk.XSS() involving safe encoding.

: Resolved a false positive for VB6_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for VB6_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Rust_Critical_Risk.Command_Injection() involving safe Command usage.

: Resolved a false positive for Rust_Critical_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Rust_High_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for ObjC_Critical_Risk.SQL_Injection() involving safe parameterized queries.

: Resolved a false positive for ObjC_High_Risk.XSS() involving safe escaping.

: Resolved a false positive for ObjC_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for ObjC_High_Risk.Command_Injection() involving safe NSTask usage.

: Resolved a false positive for ObjC_High_Risk.SSRF() involving safe URL validation.

: Resolved a false positive for VbNet_Critical_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for VbNet_High_Risk.XSS() involving safe encoding.

: Resolved a false positive for VbNet_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Other_Critical_Risk.SQL_Injection() involving safe parameterization.

: Resolved a false positive for Other_High_Risk.Path_Traversal() involving validated paths.

: Resolved a false positive for Other_High_Risk.Command_Injection() involving safe argument handling.

: Resolved a false positive for Other_High_Risk.XSS() involving safe escaping.