TypeScript example #17
Conversation
![prisma-cloud-devsecops[bot]](https://avatars.githubusercontent.com/in/135857?s=60&v=4){kind=small}
| } | ||
|
|
||
| exports.passwordRepeatChallenge = () => (req: Request, res: Response, next: NextFunction) => { | ||
| challengeUtils.solveIf(challenges.passwordRepeatChallenge, () => { return req.body && req.body.passwordRepeat !== req.body.password }) |
There was a problem hiding this comment.
Observable timing discrepancy
File: verify.ts | Checkov ID: CKV3_SAST_161
Description
CWE: CWE-208: Observable Timing Discrepancy
This SAST policy detects string comparisons using the ===, !==, ==, or != operators against security-sensitive values. These string comparisons are not constant time, meaning that the conditional statement will immediately exit as soon as the first character that does not match is found. This can lead to observable timing discrepancies and potentially allow an adversary to calculate or observe small timing differences to brute force a string that matches the expected value.
Vulnerable code example:
if (password == userInput) {
// Do something
}The above code is vulnerable because it compares the user's input with a security-sensitive value, password, using the == operator. This type of comparison is not constant time and allows an adversary to potentially guess the correct value by monitoring the timing differences.
| const decoded = jws.decode(token) ? jwt.decode(token) : null | ||
| jwt.verify(token, security.publicKey, (err: VerifyErrors | null, verified: JwtPayload) => { | ||
| if (err === null) { | ||
| challengeUtils.solveIf(challenge, () => { return hasAlgorithm(token, algorithm) && hasEmail(decoded, email) }) |
There was a problem hiding this comment.
Observable timing discrepancy
File: verify.ts | Checkov ID: CKV3_SAST_161
Description
CWE: CWE-208: Observable Timing Discrepancy
This SAST policy detects string comparisons using the ===, !==, ==, or != operators against security-sensitive values. These string comparisons are not constant time, meaning that the conditional statement will immediately exit as soon as the first character that does not match is found. This can lead to observable timing discrepancies and potentially allow an adversary to calculate or observe small timing differences to brute force a string that matches the expected value.
Vulnerable code example:
if (password == userInput) {
// Do something
}The above code is vulnerable because it compares the user's input with a security-sensitive value, password, using the == operator. This type of comparison is not constant time and allows an adversary to potentially guess the correct value by monitoring the timing differences.
|
|
||
| function hasAlgorithm (token: string, algorithm: string) { | ||
| const header = JSON.parse(Buffer.from(token.split('.')[0], 'base64').toString()) | ||
| return token && header && header.alg === algorithm |
There was a problem hiding this comment.
Observable timing discrepancy
File: verify.ts | Checkov ID: CKV3_SAST_161
Description
CWE: CWE-208: Observable Timing Discrepancy
This SAST policy detects string comparisons using the ===, !==, ==, or != operators against security-sensitive values. These string comparisons are not constant time, meaning that the conditional statement will immediately exit as soon as the first character that does not match is found. This can lead to observable timing discrepancies and potentially allow an adversary to calculate or observe small timing differences to brute force a string that matches the expected value.
Vulnerable code example:
if (password == userInput) {
// Do something
}The above code is vulnerable because it compares the user's input with a security-sensitive value, password, using the == operator. This type of comparison is not constant time and allows an adversary to potentially guess the correct value by monitoring the timing differences.
| function jwtChallenge (challenge: Challenge, req: Request, algorithm: string, email: string | RegExp) { | ||
| const token = utils.jwtFrom(req) | ||
| if (token) { | ||
| const decoded = jws.decode(token) ? jwt.decode(token) : null |
There was a problem hiding this comment.
JSON Web Tokens (JWT) signature verification bypass
File: verify.ts | Checkov ID: CKV3_SAST_181
Description
CWE: CWE-347: Improper Verification of Cryptographic Signature
OWASP: A02:2021-Cryptographic Failures
This policy identifies instances in JavaScript where JSON Web Tokens (JWT) are decoded or processed without proper verification of the token's signature.
Vulnerable code example:
let jwt = require('jsonwebtoken');
let decoded = jwt.decode(token);The above code is vulnerable to cryptographic failures as it improperly verifies the cryptographic signature of the JSON Web Token. This could potentially result in JWT signature verification bypass.
No description provided.