Skip to content

Code Security Report: 7 total findings [master] #1

Open
Open
Code Security Report: 7 total findings [master]#1
Labels
Mend: code security findingsCode security findings detected by Mend
@mend-for-github-com

Description

@mend-for-github-com
mend-for-github-com
bot
opened on Apr 8, 2026

Code Security Report

Scan Metadata

Latest Scan: 2026-04-16 01:52pm
Total Findings: 7 | New Findings: 0 | Resolved Findings: 0
Tested Project Files: 48
Detected Programming Languages: 2 (Kotlin Mobile, Secrets)

  • Check this box to manually trigger a scan

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

Finding Details

SeverityVulnerability TypeCWEFileData FlowsDetected
LowExternal URL Access

CWE-676

ReposListHeader.kt:202

12026-04-08 08:25am
Vulnerable Code

analytics-api-32226/app/src/main/java/com/abhishek/pathak/kotlin/android/githubcompose/ui/feature/repos/composables/ReposListHeader.kt

Line 202 in fd17c0b

it.loadUrl(url)

Secure Code Warrior Training Material
Suppress Finding
  • ... as False Alarm
  • ... as Acceptable Risk

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

 
LowExternal URL Access

CWE-676

ReposListHeader.kt:182

12026-04-08 08:25am
Vulnerable Code

analytics-api-32226/app/src/main/java/com/abhishek/pathak/kotlin/android/githubcompose/ui/feature/repos/composables/ReposListHeader.kt

Line 182 in fd17c0b

loadUrl(url)

Secure Code Warrior Training Material
Suppress Finding
  • ... as False Alarm
  • ... as Acceptable Risk

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

 
LowApplication Configuration

CWE-16

AndroidManifest.xml:6

12026-04-08 08:25am
Vulnerable Code

analytics-api-32226/app/src/main/AndroidManifest.xml

Lines 1 to 6 in fd17c0b

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.INTERNET" />

1 Data Flow/s detected

analytics-api-32226/app/src/main/AndroidManifest.xml

Line 6 in fd17c0b

<uses-permission android:name="android.permission.INTERNET" />

Secure Code Warrior Training Material
Suppress Finding
  • ... as False Alarm
  • ... as Acceptable Risk

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

 
LowApplication Configuration

CWE-16

AndroidManifest.xml:19

12026-04-08 08:25am
Vulnerable Code

analytics-api-32226/app/src/main/AndroidManifest.xml

Lines 14 to 19 in fd17c0b

android:supportsRtl="true"
android:theme="@style/Theme.GithubCompose">
<activity
android:name=".ui.feature.main.MainActivity"
android:exported="true"

1 Data Flow/s detected

analytics-api-32226/app/src/main/AndroidManifest.xml

Line 19 in fd17c0b

android:exported="true"

Secure Code Warrior Training Material
Suppress Finding
  • ... as False Alarm
  • ... as Acceptable Risk

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

 
LowApplication Configuration

CWE-16

AndroidManifest.xml:5

12026-04-08 08:25am
Vulnerable Code

analytics-api-32226/app/src/main/AndroidManifest.xml

Lines 1 to 5 in fd17c0b

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

1 Data Flow/s detected

analytics-api-32226/app/src/main/AndroidManifest.xml

Line 5 in fd17c0b

<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

Secure Code Warrior Training Material
Suppress Finding
  • ... as False Alarm
  • ... as Acceptable Risk

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

 
LowExternal URL Access

CWE-676

ReposListHeader.kt:199

12026-04-08 08:25am
Vulnerable Code

analytics-api-32226/app/src/main/java/com/abhishek/pathak/kotlin/android/githubcompose/ui/feature/repos/composables/ReposListHeader.kt

Line 199 in fd17c0b

loadUrl(url)

Secure Code Warrior Training Material
Suppress Finding
  • ... as False Alarm
  • ... as Acceptable Risk

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

 
LowExternal URL Access

CWE-676

ReposListHeader.kt:175

12026-04-08 08:25am
Vulnerable Code

analytics-api-32226/app/src/main/java/com/abhishek/pathak/kotlin/android/githubcompose/ui/feature/repos/composables/ReposListHeader.kt

Line 175 in fd17c0b

AndroidView(factory = {

Secure Code Warrior Training Material
Suppress Finding
  • ... as False Alarm
  • ... as Acceptable Risk

Note: GitHub may take a few seconds to process actions triggered via checkboxes.
Please wait until the change is visible before continuing.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Mend: code security findingsCode security findings detected by Mend

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions