ajinabraham.njsscan.crypto.tls_node.node_curl_ssl_verify_disable

profile photo of ajinabrahamajinabraham
Author
unknown
Download Count*
GPLv3
License

SSL Certificate verification for node-curl is disabled.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: node_curl_ssl_verify_disable
    patterns:
      - pattern: |
          $X(..., {SSL_VERIFYPEER : 0}, ...)
    message: SSL Certificate verification for node-curl is disabled.
    languages:
      - javascript
    severity: ERROR
    metadata:
      owasp-web: a6
      cwe: cwe-599
      license: LGPL-3.0-or-later
      vulnerability_class:
        - Other