Apex
Note: The legacy Mend SAST Application was deprecated on April 1st, 2025. For assistance with migrating to the Mend AppSec Platform, please contact your customer success manager or the success team at success@mend.io.
This article covers Apex support and vulnerability detection for Mend SAST.
Mend SAST-supported Apex file types
File Types |
|---|
.apex |
.apexp |
.cls |
.page |
Mend SAST-supported Apex frameworks
Frameworks |
|---|
N/A |
Mend SAST-supported Apex vulnerability types
The Apex vulnerability types detected by SAST are provided below, organized by CWE ID within each of their identified severities.
Apex high-severity vulnerability types
CWE | Vulnerability Type |
CWE-89 | SQL Injection |
CWE-918 | Server-Side Request Forgery |
Apex medium-severity vulnerability types
CWE | Vulnerability Type |
CWE-209 | Error Messages Information Exposure |
CWE-244 | Heap Inspection |
CWE-501 | Trust Boundary Violation |
CWE-798 | Hardcoded Password/Credentials |