.svg){kind=logo}
This article covers PLSQL support and vulnerability detection for Mend SAST.
Mend SAST-supported PLSQL file types
|
File Type |
|---|
|
.fnc |
|
.pbk |
|
.pck |
|
.pkb |
|
.pks |
|
.pls * |
|
.plsql |
|
.prc |
|
.psk |
|
.psql * |
|
.sf |
|
.sp |
|
.spb |
|
.spp |
|
.sps |
|
.sql * |
|
.st |
|
.tpb * |
|
.tps * |
|
.trg |
* Note: These extensions are marked as ‘Secondary’ file extensions.
They will only be scanned if at least one file with any of the other ‘Primary’ file extensions is present to identify the language as the relevant language.
Mend SAST-supported PLSQL frameworks
|
Framework |
|---|
|
N/A |
Mend SAST-supported PLSQL vulnerability types
The PLSQL vulnerability types detected by SAST are provided below and are organized by CWE ID within each of their identified severities.
PLSQL high-severity vulnerability types
|
CWE |
Vulnerability Type |
|
CWE-22 |
Path/Directory Traversal |
|
CWE-73 |
File Manipulation |
|
CWE-79 |
Cross-Site Scripting |
|
CWE-89 |
SQL Injection |