docs/data/reusables/code-scanning/codeql-query-tables/swift.md

{% rowheaders %}

Query name	Related CWEs	Default	Extended
Bad HTML filtering regexp	116, 020, 185, 186	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Cleartext logging of sensitive information	312, 359, 532	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Cleartext storage of sensitive information in a local database	312	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Cleartext storage of sensitive information in an application preference store	312	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Cleartext transmission of sensitive information	319	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Constant password	259	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Database query built from user-controlled sources	089	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Encryption using ECB	327	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Hard-coded encryption key	321	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Incomplete regular expression for hostnames	020	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Inefficient regular expression	1333, 730, 400	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Insecure TLS configuration	757	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Insufficient hash iterations	916	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Missing regular expression anchor	020	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Predicate built from user-controlled sources	943	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Regular expression injection	730, 400	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Resolving XML external entity in user-controlled data	611, 776, 827	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Static initialization vector for encryption	329, 1204	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
String length conflation	135	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
System command built from user-controlled sources	078, 088	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Uncontrolled data used in path expression	022, 023, 036, 073, 099	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Uncontrolled format string	134	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Unsafe WebView fetch	079, 095, 749	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Use of a broken or weak cryptographic hashing algorithm on sensitive data	327, 328	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Use of an inappropriate cryptographic hashing algorithm on passwords	327, 328, 916	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
Use of constant salts	760	{% octicon "check" aria-label="Included" %}	{% octicon "check" aria-label="Included" %}
JavaScript Injection	094, 095, 749	{% octicon "x" aria-label="Not included" %}	{% octicon "check" aria-label="Included" %}

{% endrowheaders %}