PLSQL
This article covers PLSQL support and vulnerability detection for Mend SAST.
Mend SAST-supported PLSQL file types
**Note: These extensions are marked as ‘Secondary’ file extensions.
They will only be scanned if at least one file with any of the other ‘Primary’ file extensions is present to identify the language as the relevant language.
File Type |
|---|
.fnc |
.pbk |
.pck |
.pkb |
.pks |
.pls** |
.plsql** |
.prc |
.psk |
.psql |
.sf |
.sp |
.spb |
.spp |
.sps |
.SQL** |
.st |
.tpb** |
.tps** |
.trg |
Mend SAST-supported PLSQL frameworks
Framework |
|---|
N/A |
Mend SAST-supported PLSQL vulnerability types
The PLSQL vulnerability types detected by SAST are provided below and are organized by CWE ID within each of their identified severities.
PLSQL high-severity vulnerability types
CWE | Vulnerability Type |
CWE-22 | Path/Directory Traversal |
CWE-73 | File Manipulation |
CWE-79 | Cross-Site Scripting |
CWE-89 | SQL Injection |