An unsafe function is used causing the entire container to exit.

Tainted data spliced into a SQL query leads to a SQL injection issue. (fixed version)

Tainted data spliced into a SQL query leads to a SQL injection issue.

Tainted input allows command execution. (fixed version)

Tainted input allows command execution.

Memory resources are referenced indefinitely but never used, resulting in a memory leak. (fixed version 2)

Memory resources are referenced indefinitely but never used, resulting in a memory leak. (fixed version)

Memory resources are referenced indefinitely but never used, resulting in a memory leak.

Tainted output allows log entries to be forged. (fixed version)

Tainted output allows log entries to be forged.

Tainted output allows log entries to be forged. (fixed version)

Tainted output allows log entries to be forged.

An exception leaks internal path information to the user. (fixed version)

An exception leaks internal path information to the user.

The credentials for connecting to the database are hard-wired into the sourcecode. (fixed version 2)

The credentials for connecting to the database are hard-wired into the sourcecode. (fixed version)

The credentials for connecting to the database are hard-wired into the sourcecode.

Two file operations are performed on a filename, allowing a filename race condition to occur.

Tainted input allows arbitrary files to be read and written. (fixed version)

Tainted input allows arbitrary files to be read and written.

Omitting a break statement so that one may fall through is often indistinguishable from an error, and therefore should not be used. (from TCCLASP-5_6_15_10)

Not using a a random initialization vector with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dictionary attacks. (from TCCLASP-5_5_22_10-J)