gitlab.find_sec_bugs.COOKIE_USAGE-1

unknown
Download Count*
MIT
License

The information stored in a custom cookie should not be sensitive or related to the session. In most cases, sensitive data should only be stored in session and referenced by the user's session cookie.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: find_sec_bugs.COOKIE_USAGE-1
    patterns:
      - pattern-inside: |
          $FUNC(..., HttpServletRequest $REQ, ...) {
            ...
          }
      - pattern-either:
          - patterns:
              - pattern-inside: |
                  for (Cookie $C : $REQ.getCookies()) {
                      ...
                  }
              - pattern-either:
                  - pattern: $C.getName();
                  - pattern: $C.getValue();
                  - pattern: $C.getPath();
          - pattern: (Cookie $COOKIE).getName();
          - pattern: (Cookie $COOKIE).getValue();
          - pattern: (Cookie $COOKIE).getPath();
    message: >
      The information stored in a custom cookie should not be sensitive or
      related to the session.

      In most cases, sensitive data should only be stored in session and referenced by the user's

      session cookie.
    languages:
      - java
    severity: WARNING
    metadata:
      category: security
      cwe: "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute"
      technology:
        - java
      primary_identifier: find_sec_bugs.COOKIE_USAGE-1
      secondary_identifiers:
        - name: Find Security Bugs-COOKIE_USAGE
          type: find_sec_bugs_type
          value: COOKIE_USAGE
      license: MIT