gitlab.find_sec_bugs.COOKIE_PERSISTENT-1

unknown

Download Count*

License

Storing sensitive data in a persistent cookie for an extended period can lead to a breach of confidentiality or account compromise.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: find_sec_bugs.COOKIE_PERSISTENT-1
    patterns:
      - pattern-inside: |
          (javax.servlet.http.Cookie $C).setMaxAge($AGE);
      - metavariable-comparison:
          metavariable: $AGE
          comparison: $AGE >= 31536000
    message: >
      Storing sensitive data in a persistent cookie for an extended period can
      lead to a breach of

      confidentiality or account compromise.
    languages:
      - java
    severity: WARNING
    metadata:
      category: security
      cwe: "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute"
      technology:
        - java
      primary_identifier: find_sec_bugs.COOKIE_PERSISTENT-1
      secondary_identifiers:
        - name: Find Security Bugs-COOKIE_PERSISTENT
          type: find_sec_bugs_type
          value: COOKIE_PERSISTENT
      license: MIT

Short Link: https://sg.run/2k6Y