Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 63

changes.mady.by.user Pennie Walters

Saved on Nov 19, 2009

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on Aug 07, 2025

Key

This line was added.
This line was removed.
Formatting was changed.

Rules

Content by Label

showLabels	false
max	99
spaces	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
showSpace	false
sort	title
cql	label = "rule" and label = "ids" and space = currentSpace()
labels	+ids +rule

Risk Assessment Summary

Rule	Severity	Likelihood	Detectable	Repairable

Guidelines

IDS00-J. Always validate user input

IDS01-J. Sanitize before processing or storing user input

IDS02-J. Validate strings after performing normalization

IDS03-J. Do not delete non-character code points

IDS04-J. Properly encode or escape output

IDS05-J. Library methods should validate their parameters

IDS06-J. Prevent OS Command Injection

IDS07-J. Prevent against SQL Injection

IDS08-J. Prevent XML Injection

IDS09-J. Prevent XPath Injection

IDS10-J. Prevent XML external entity attacks

IDS11-J. Prevent against LDAP injection

IDS12-J. Prevent against code injection

IDS13-J. Account for supplementary and combining characters in globalized code

IDS14-J. Perform loss less conversion of String to given encoding and back

IDS15-J. Prefer using URIs to URLs

IDS16-J. Do not use locale dependent methods on locale insensitive data

IDS17-J. Understand how escape characters are interpreted when String literals are compiled

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
IDS00-J	High	high Likely	probable Yes	medium No	P12 P18	L1
IDS01-J	low High	probable Probable	medium No	P4 No	L3
IDS02- J	low	probable	medium	P4	L3
P6	L2
IDS03-J	high Medium	probable Probable	medium	P12	L1	No	No	IDS04- J	medium	probable	high	P4	L3 IDS05
IDS04-J	Low	medium Probable	probable No	medium No	P8 P2	L2 L3
IDS06-J	Medium	medium Unlikely	probable Yes	medium No	P8 P4	L2 L3
IDS07-J	low High	unlikely Probable	high Yes	P1	L3	IDS08- J	high	probable	medium	No	P12	L1 IDS09
IDS08-J	Medium	low Unlikely	unlikely Yes	medium No	P2 P4	L3 IDS10
IDS11-J	High	high Probable	probable No	medium No	P12 P6	L1 L2 IDS11
IDS14-J	high High	probable Probable	medium No	P12	L1
IDS12- J	medium	probable	medium	P8	L2
No	P6	L2
IDS16 IDS13-J	High	Probable high	probable Yes	medium No	P12	L1 IDS14
IDS17-J	medium Medium	probable Probable	medium	P8	L2
IDS15- J	medium	probable	high	P4	L3
No	No	P4	L3

...

Image Added Image Added Image Added FIO01-J. Do not expose buffers created using the wrap() or duplicate() methods to untrusted code The CERT Sun Microsystems Secure Coding Standard for Java IDS00-J. Always validate user input