github.com/jfrog/frogbot@v1.1.1-0.20231221090046-821a26f50338/testdata/messages/reviewcomment/sast/sast_review_content_standard.md (about) 1 2 ## 🎯 Static Application Security Testing (SAST) Vulnerability 3 <div align='center'> 4 5 | Severity | Finding | 6 | :---------------------: | :-----------------------------------: | 7 | <br> Low | Stack Trace Exposure | 8 9 </div> 10 11 <details> 12 <summary> <b>Full description</b> </summary> 13 <br> 14 15 16 ### Overview 17 Stack trace exposure is a type of security vulnerability that occurs when a program reveals 18 sensitive information, such as the names and locations of internal files and variables, 19 in error messages or other diagnostic output. This can happen when a program crashes or 20 encounters an error, and the stack trace (a record of the program's call stack at the time 21 of the error) is included in the output. 22 23 </details> 24 25 <details> 26 <summary> <b>Code Flows</b> </summary> 27 <br> 28 29 30 <details> 31 <summary> <b>Vulnerable data flow analysis result</b> </summary> 32 <br> 33 34 35 ↘️ `other-snippet` (at file2 line 1) 36 37 ↘️ `snippet` (at file line 0) 38 39 40 </details> 41 42 <details> 43 <summary> <b>Vulnerable data flow analysis result</b> </summary> 44 <br> 45 46 47 ↘️ `a-snippet` (at file line 10) 48 49 ↘️ `snippet` (at file line 0) 50 51 52 </details> 53 54 55 </details>