Get a Demo
Partner login
Product
SAST
Catch vulnerabilities as you develop
DAST
Test live web applications like an attacker
SCA
Secure open-source and supply chain
MAST
Secure mobile apps from code to store
Compliance
Align with standards while shipping secure code
Resources
Vulnerability database
Healthy Package
Blog
News
Documentation
Pricing
Partners
About Us
Log In
Get a Demo
Partner login
SAST
DAST
SCA
MAST
Compliance
Pricing
Partners
Vulnerability database
Healthy Package
Blog
News
About Us
Log In
Vulnerability database
JavaScript : Web3: Hardcoded sensitive data
Search
JavaScript : Web3: Hardcoded sensitive data
Classification
OWASP Top 10 2021
A4-Insecure Design
CWE
CWE-257
CWE-522
CWE-798
CWE/SANS Top 25 2011
CWE-798
CWE/SANS Top 25 2021
CWE-522
CWE-798
Overview
Web3 library is probably used.
Sensitive data is hardcoded in the source code.
References
The best way to store secrets in your app is not to store secrets in your app - poka-techblog
Web3js documentation
CWE-798: Use of Hard-coded Credentials
Do you want to fix JavaScript : Web3: Hardcoded sensitive data in your application?
Try DerScanner
DerScanner Severity Score
Do you want to fix JavaScript : Web3: Hardcoded sensitive data in your application?
Try DerScanner
See also
JavaScript : Weak encryption algorithm
JavaScript : ECB encryption mode
JavaScript : Weak hashing algorithm
