Vulnerability Coverage Matrix
All finding types detectable by DryRun Security across PR scanning, DeepScan, and SCA, with CWE mappings.
DryRun Security detects vulnerabilities across three scanning modes: PR scanning, DeepScan, and SCA. The categories below represent the full set of finding types surfaced across all scanning sources. CWE mappings are provided as reference anchors for each category.
All Finding Types #
| Category | Description | Example CWEs |
|---|---|---|
| API Query Injection | Improper handling of user-controlled input in API queries that allows attackers to manipulate backend queries or filters. | CWE-943, CWE-74 |
| Authentication Bypass | Flaws that allow users to bypass authentication mechanisms and gain access without valid credentials. | CWE-287, CWE-306 |
| Missing Authorization Checks | Endpoints or functions that fail to enforce authorization, allowing users to access resources they should not. | CWE-862 |
| Business Logic Flaw | Errors in application logic that can be abused to gain unintended outcomes, even when traditional security controls are in place. | CWE-840 |
| Cache Poisoning | Manipulation of cache entries to serve malicious or incorrect content to other users. | CWE-444, CWE-113 |
| Configuration Injection | Injection of untrusted input into configuration files, environment variables, or runtime settings. | CWE-15, CWE-20 |
| Cryptographic Weakness | Use of weak, broken, or outdated cryptographic algorithms, keys, or practices. | CWE-327, CWE-326 |
| Cross-Site Request Forgery (CSRF) | Actions performed on behalf of an authenticated user without their consent due to missing or weak CSRF protections. | CWE-352 |
| CSV Injection | Injection of spreadsheet formulas into CSV exports that execute when opened in spreadsheet software. | CWE-1236 |
| Email Header Injection | Manipulation of email headers through unsanitized input, potentially enabling spam or phishing attacks. | CWE-93 |
| Excessive Privileges | Users, services, or tokens granted more permissions than required for their intended function. | CWE-250, CWE-269 |
| Hardcoded Credentials | Credentials such as passwords, API keys, or tokens embedded directly in source code. | CWE-798, CWE-259 |
| HTTP Header Injection | Injection of malicious content into HTTP headers due to improper input validation. | CWE-113, CWE-93 |
| Insecure Direct Object Reference (IDOR) | Direct access to internal objects using user-controlled identifiers without proper authorization checks. | CWE-639, CWE-284 |
| Information Disclosure | Exposure of sensitive data such as secrets, internal paths, stack traces, or system details. | CWE-200, CWE-209 |
| Insecure Client Storage | Sensitive data stored insecurely on the client side, such as in local storage or cookies. | CWE-922, CWE-312 |
| Insecure Defaults | Unsafe default configurations that weaken security if not explicitly changed. | CWE-276, CWE-1188 |
| Insecure Deserialization | Deserializing untrusted data in a way that allows code execution or data manipulation. | CWE-502 |
| Insecure File Upload | File upload functionality that allows malicious files or unrestricted file types. | CWE-434 |
| Insecure Transport | Use of unencrypted or improperly secured network communication channels. | CWE-319, CWE-295 |
| Intent Redirection | Unvalidated or unsafe redirection logic that can be abused to send users to unintended destinations specifically in mobile applications. | CWE-601 |
| Language Version Risk | Use of outdated or unsupported programming language versions with known security issues. | CWE-1104 |
| LLM Tool Misuse | Unsafe or unintended use of large language model tools, including insecure prompt handling or tool invocation. | CWE-20, CWE-74, CWE-1426 |
| Log Injection | Injection of untrusted input into logs that can mislead monitoring systems or hide malicious activity. | CWE-117 |
| Mass Assignment | Automatic binding of user input to object properties without restricting sensitive fields. | CWE-915 |
| Memory Safety Issue | Unsafe memory operations that can lead to crashes, data corruption, or code execution. | CWE-119, CWE-787, CWE-416 |
| Network Exposure | Unintended exposure of internal services, ports, or network resources. | CWE-668 |
| Open CORS Policy | Overly permissive Cross-Origin Resource Sharing policies that allow unintended access. | CWE-942 |
| Open Redirect | Redirects that accept untrusted input, enabling phishing or malicious redirection attacks. | CWE-601 |
| Path Traversal | Manipulation of file paths to access files or directories outside the intended scope. | CWE-22 |
| Privilege Escalation | Flaws that allow users or processes to gain higher privileges than intended. | CWE-269, CWE-284 |
| Prompt Injection | Manipulation of LLM prompts that alters behavior, bypasses safeguards, or leaks sensitive data. | CWE-77, CWE-74, CWE-913, CWE-1427 |
| Prototype Pollution | Modification of object prototypes that can impact application logic or security. | CWE-1321 |
| Remote Code Execution (RCE) | Flaws that allow attackers to execute arbitrary code on the host system. | CWE-94, CWE-78 |
| Resource Exhaustion | Operations that can be abused to consume excessive CPU, memory, or other resources. | CWE-400 |
| SQL Injection (SQLi) | Injection of malicious SQL queries through unsanitized input. | CWE-89 |
| Server-Side Request Forgery (SSRF) | Ability to make server-side requests to internal or unintended external resources. | CWE-918 |
| Subdomain Takeover | Dangling or misconfigured subdomains that can be claimed by attackers, as defined by Infrastructure as Code (IaC). | CWE-668, CWE-284 |
| Supply Chain Risk | Risks introduced through third-party libraries, dependencies, or external services. | CWE-1104, CWE-829 |
| Terminal Escape Injection | Injection of terminal control characters that can manipulate terminal output or behavior. | CWE-150, CWE-74 |
| Time-of-Check Time-of-Use (TOCTOU) | Race conditions where system state changes between validation and use. | CWE-367 |
| Timing Side Channel | Information leakage through measurable differences in execution time. | CWE-208 |
| UI Spoofing | User interface elements designed to deceive users into taking unintended actions. | CWE-451 |
| User Enumeration | Ability to determine valid users based on application responses. | CWE-203, CWE-204 |
| Vulnerable Dependency | Use of third-party dependencies with known security vulnerabilities. | CWE-937, CWE-1104 |
| XML Injection | Injection of malicious XML content that alters processing or behavior. | CWE-91 |
| Cross-Site Scripting (XSS) | Injection of malicious scripts that execute in a user’s browser. | CWE-79 |
| XML External Entity (XXE) | XML parsing vulnerabilities that allow access to internal files or services. | CWE-611 |