Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 40

changes.mady.by.user Dhruv Mohindra

Saved on Nov 12, 2009

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on Aug 07, 2025

Key

This line was added.
This line was removed.
Formatting was changed.

Rules

Content by Label

showLabels	false
max	99
spaces	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
showSpace	false
sort	title
cql	label = "rule" and label = "ids" and space = currentSpace()
labels	+ids +rule

Risk Assessment Summary

Rule	Severity	Likelihood	Detectable	Repairable

Recommendations

IDS00-J. Always validate user input

IDS01-J. Prefer using URIs to URLs

IDS02-J. Perform loss less conversion of String to given encoding and back

IDS03-J. Prevent OS Command Injection

IDS04-J. Prevent against SQL Injection

IDS05-J. Prevent XML Injection

IDS06-J. Prevent XPath Injection

IDS07-J. Understand how escape characters are interpreted when String literals are compiled

IDS08-J. Sanitize before processing or storing user input

IDS09-J. Account for supplementary and combining characters in globalized code

IDS10-J. Validate strings after performing normalization

IDS11-J. Do not delete non-character code points

IDS12-J. Prevent XML external entity attacks

IDS13-J. Properly encode or escape output

IDS14-J. Do not use locale dependent methods on locale insensitive data

IDS15-J. Library methods should validate their parameters

IDS16-J. Prevent against LDAP injection

IDS17-J. Prevent against code injection

IDS18-J. Prevent against directory traversal attacks

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
IDS00-J	High	high Likely	probable Yes	medium No	P12 P18	L1
IDS01-J	low High	probable Probable	medium No	P4 No	L3
IDS02- J	low	probable	medium	P4	L3
P6	L2
IDS03-J	high Medium	probable Probable	medium	P12	L1	No	No	IDS04- J	medium	probable	high	P4	L3 IDS05
IDS04-J	Low	Probable medium	probable No	medium No	P8 P2	L2 L3
IDS06-J	Medium	medium Unlikely	probable Yes	medium No	P8 P4	L2 L3
IDS07-J	low High	unlikely Probable	high Yes	P1	L3	IDS08- J	high	probable	medium	No	P12	L1 IDS09
IDS08-J	Medium	low Unlikely	unlikely Yes	medium No	P2 P4	L3 IDS10
IDS11-J	High	high Probable	probable No	medium No	P12 P6	L1 L2 IDS11
IDS14-J	high High	probable Probable	medium No	P12 No	L1	IDS12- J	medium	probable	medium	P8	P6	L2 IDS13
IDS16-J	High	Probable high	probable Yes	medium No	P12	L1 IDS14
IDS17-J	medium Medium	probable Probable	medium	P8	L2	No	No	IDS15- J	medium	probable	high	P4	L3

...

FIO37-J. Do not expose buffers created using the wrap() or duplicate() methods to untrusted code The CERT Sun Microsystems Secure Coding Standard for Java IDS00-J. Always validate user input Image Added Image Added Image Added