Back to Codebase

Vulnerability Analysis Report

Drupal Drupal Extension vv6.0.0

Scan ID: SCAN-DRUPAL-DRUPAL-EXTENSION-BSG628 • Hash: 5364de2e

Severity Score
Critical
Total Findings
5
Engine Version
ECOMGUARD-HYBRID-AST-1.5
Scan Duration
0.983s

Vulnerability Details

L140

Dynamic Code Execution in MessageContext.php

CWE-94
File Location: src/Drupal/DrupalExtension/Context/MessageContext.php:140
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $this->assert(
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L227

Dynamic Code Execution in MessageContext.php

CWE-94
File Location: src/Drupal/DrupalExtension/Context/MessageContext.php:227
Security Score:
97 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $this->assert(
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L52

Dynamic Code Execution in MessageContext.php

CWE-94
File Location: src/Drupal/DrupalExtension/Context/MessageContext.php:52
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $this->assert(
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L314

Dynamic Code Execution in MessageContext.php

CWE-94
File Location: src/Drupal/DrupalExtension/Context/MessageContext.php:314
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- $this->assert(
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L437

Dynamic Code Execution in MessageContext.php

CWE-94
File Location: src/Drupal/DrupalExtension/Context/MessageContext.php:437
Security Score:
95 / 100
Confirmed Issue

Rule Engine Warning

Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.

Heuristics Diff
- protected function assert(string $message, string $selectorId, string $exceptionMsgNone, string $exceptionMsgMissing): void {
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.