Back to Codebase

Vulnerability Analysis Report

Drupal Core v7.0-alpha2

Scan ID: SCAN-DRUPAL-CORE-wa7cd3 • Hash: 2612aa89

Severity Score
High
Total Findings
5
Engine Version
ECOMGUARD-HYBRID-AST-1.5
Scan Duration
0.873s

Vulnerability Details

L284

Dynamic Code Execution in drupal_web_test_case.php

CWE-94
File Location: modules/simpletest/drupal_web_test_case.php:284
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return $this->assert(isset($value), $message ? $message : t('Value @value is not NULL.', array('@value' => var_export($value, TRUE))), $group);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L302

Dynamic Code Execution in drupal_web_test_case.php

CWE-94
File Location: modules/simpletest/drupal_web_test_case.php:302
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return $this->assert($first == $second, $message ? $message : t('Value @first is equal to value @second.', array('@first' => var_export($first, TRUE), '@second' => var_export($second, TRUE))), $group);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L320

Dynamic Code Execution in drupal_web_test_case.php

CWE-94
File Location: modules/simpletest/drupal_web_test_case.php:320
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return $this->assert($first != $second, $message ? $message : t('Value @first is not equal to value @second.', array('@first' => var_export($first, TRUE), '@second' => var_export($second, TRUE))), $group);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L384

Dynamic Code Execution in drupal_web_test_case.php

CWE-94
File Location: modules/simpletest/drupal_web_test_case.php:384
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return $this->assert(FALSE, $message, $group);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L403

Dynamic Code Execution in drupal_web_test_case.php

CWE-94
File Location: modules/simpletest/drupal_web_test_case.php:403
Security Score:
98 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- return $this->assert('debug', $message, 'Debug', $caller);
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.