Features
- [RT-1249] Migrate vulnerability tracker settings to React
- [OPT-1075] Mark Terraform endpoint for future deprecation in Swaggerhub
- [ARCH-996] Email configuration page with new UI design.
Bug fix
- [RT-1332] The "Add threat" modal is not being opened
- [RT-1333] Add threat is not working after switching between "Component use case" to "General threats"
Security fix
- [ARCH-1218] Mitigated vulnerability (CWE-79) in dependency org.owasp.antisamy:antisamy.
- [ARCH-1219] Mitigated vulnerability (CVE-2023-4586) in dependency io.netty:netty-handler.
API Changes
New Knowledge-base Content
New components:
-
CON-1754: New blockchain components
-
Blockchain Network
-
Blockchain Oracle
-
Consensus Mechanisms
-
Smart Contract
-
-
CON-1785: New Azure placeholder components:
-
Azure Container Storage
-
Azure Guest Patching Service
-
Azure Chaos Studio
-
Azure Boost
-
Microsoft Copilot
-
Azure IoT Operations
-
Content Updates:
-
CON-1784: Refactored question in Web Form component to clarify whether queries to a database include non-direct queries
Detailed changelog ([N]ew/[E]dited/[D]eleted):
-
Component Definitions
-
[N] CD-MICROSOFT-AZURE-BOOST
-
[N] CD-MICROSOFT-AZURE-CONTAINER-STORAGE
-
[N] CD-MICROSOFT-AZURE-GUEST-PATCHING-SERVICE
-
[N] CD-MICROSOFT-AZURE-IOT-OPERATIONS
-
[N] CD-MICROSOFT-COPILOT
-
[D] CD-MICROSOFT-AZURE-BACKUP-SERVICE
-
-
RiskPattern
-
[D] RP-AZURE-BACKUP-SERVICE
-
[N] RP-AZURE-BOOST
-
[N] RP-AZURE-CONTAINER-STORAGE
-
[N] RP-AZURE-COPILOT
-
[N] RP-AZURE-GUEST-PATCHING-SERVICE
-
[N] RP-AZURE-IOT-OPERATIONS
-
-
Rules
-
[D] Q: Change Password - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.change.password.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Change Password - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.change.password.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Data Chart Functional Component - Use Prepared Statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.data.chart.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7040_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Data Chart Functional Component - Use Prepared Statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.data.chart.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7040_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: E-commerce Coupon - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.e.commerce.coupon.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7000_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: E-commerce Coupon - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.e.commerce.coupon.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7000_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Exception Handler - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.exception.handler.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Exception Handler - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.exception.handler.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: File Handler - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.file.handler.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7040_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: File Handler - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.file.handler.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7040_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Formatter - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.formatter.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7000_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Formatter - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.formatter.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7000_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Invitation Event - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.invitation.event.prepared.statements.used_::_Additional context_::_Are you querying a database(s)?_::_7020_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Invitation Event - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.invitation.event.prepared.statements.used_::_Additional context_::_Are you querying a database(s)?_::_7020_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Login - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.login.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7040_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Login - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.login.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7040_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Reset Password - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.reset.password.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Reset Password - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.reset.password.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Search - Use Prepared Statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.search.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7000_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Search - Use Prepared Statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.search.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7000_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Social Media Integrator - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.social.media.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7060_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Social Media Integrator - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.social.media.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7060_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: User Profile - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.user.profile.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: User Profile - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.user.profile.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: User Registration - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.user.registration.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: User Registration - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.user.registration.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Validator - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.validator.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7060_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Validator - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.validator.database.queries_::_Additional context_::_Are you querying a database(s)?_::_7060_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[D] Q: Web Form - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.web.form.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
[N] Q: Web Form - Use prepared statements for all database queries[Action][, INSERT_COMPONENT_QUESTION_GROUP, fc.qg.web.form.prepared.statements_::_Additional context_::_Are you querying a database(s)?_::_7030_::_true_::_false_::_Database queries (direct SQL, ORM, NoSQL queries, etc.) are essential for the proper functioning of many information systems, as they allow users to access, retrieve, and manipulate data stored in databases.]
-
Comments
0 comments
Article is closed for comments.