Skip to main content

Java

In this section, you will find a list of the rules associated with the Java language and the security requirements.

MethodSecurity Requirement
JAVA_ACCEPTS_ANY_MIMETYPE_CHAIN062. Define standard configurations
266. Disable insecure functionalities
349. Include HTTP security headers
JAVA_BASIC_AUTHENTICATION030. Avoid object reutilization
228. Authenticate using standard protocols
319. Make authentication options equally secure
JAVA_CREATE_TEMP_FILE095. Define users with privileges
096. Set user's required privileges
186. Use the principle of least privilege
JAVA_CSRF_PROTECTIONS_DISABLED029. Cookies with security attributes
174. Transactions without a distinguishable pattern
JAVA_HOSTNAME_VERIFICATION_OFF088. Request client certificates
089. Limit validity of certificates
090. Use valid certificates
091. Use internally signed certificates
092. Use externally signed certificates
093. Use consistent certificates
JAVA_HOST_KEY_CHECKING255. Allow access only to the necessary ports
JAVA_HTTP_ONLY_COOKIE029. Cookies with security attributes
JAVA_HTTP_REQ_ACCEPTS_ANY_MIMETYPE062. Define standard configurations
266. Disable insecure functionalities
349. Include HTTP security headers
JAVA_INSECURE_AUTHENTICATION030. Avoid object reutilization
228. Authenticate using standard protocols
319. Make authentication options equally secure
JAVA_INSECURE_CIPHER148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_CIPHER_JMQI148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_CIPHER_MODE148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_CIPHER_SSL148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_CONNECTION148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_CORS_ORIGIN062. Define standard configurations
266. Disable insecure functionalities
349. Include HTTP security headers
JAVA_INSECURE_HASH148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_KEY148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_KEY_EC148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_KEY_RSA148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_KEY_SECRET148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_LOGGING080. Prevent log modification
173. Discard unsafe inputs
JAVA_INSECURE_PASS148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_INSECURE_TRUST_MANAGER088. Request client certificates
089. Limit validity of certificates
090. Use valid certificates
091. Use internally signed certificates
092. Use externally signed certificates
093. Use consistent certificates
JAVA_INSEC_SIGN_ALGORITHM148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_JPA_LIKE169. Use parameterized queries
173. Discard unsafe inputs
JAVA_JWT_UNSAFE_DECODE148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_JWT_WITHOUT_PROPER_SIGN148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_LDAP_INJECTION173. Discard unsafe inputs
JAVA_PROP_MISSING_SSL148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_PROP_SENSITIVE145. Protect system cryptographic keys
156. Source code without sensitive information
266. Disable insecure functionalities
JAVA_PROP_UNENCRYPTED_TRANSPORT181. Transmit data using secure protocols
JAVA_PROP_WEAK_CIPHER148. Set minimum size of asymmetric encryption
149. Set minimum size of symmetric encryption
150. Set minimum size for hash functions
181. Transmit data using secure protocols
336. Disable insecure TLS versions
JAVA_REMOTE_COMMAND_EXECUTION173. Discard unsafe inputs
265. Restrict access to critical processes
266. Disable insecure functionalities
JAVA_SALT_IS_HARDCODED266. Disable insecure functionalities
AVA_SECURE_COOKIE029. Cookies with security attributes
JAVA_SQL_INJECTION169. Use parameterized queries
173. Discard unsafe inputs
JAVA_TRUST_BOUNDARY_VIOLATION173. Discard unsafe inputs
320. Avoid client-side control enforcement
342. Validate request parameters
JAVA_UNSAFE_PATH_TRAVERSAL173. Discard unsafe inputs
320. Avoid client-side control enforcement
342. Validate request parameters
JAVA_UNSAFE_XSS_CONTENT029. Cookies with security attributes
173. Discard unsafe inputs
JAVA_UPLOAD_SIZE_LIMIT040. Compare file format and extension
041. Scan files for malicious code
JAVA_USES_SYSTEM_EXIT164. Use optimized structures
167. Close unused resources
072. Set maximum response time
327. Set a rate limit
JAVA_VULN_REGEX072. Set maximum response time
327. Set a rate limit
JAVA_WEAK_RANDOM_COOKIE223. Uniform distribution in random numbers
224. Use secure cryptographic mechanisms
JAVA_XML_PARSER173. Discard unsafe inputs
JAVA_XPATH_INJECTION_EVALUATE173. Discard unsafe inputs
JAVA_ZIP_SLIP_PATH_INJECTION173. Discard unsafe inputs
320. Avoid client-side control enforcement
342. Validate request parameters
Last updated on