|
| 1 | +# Issue code registry |
| 2 | + |
| 3 | +All Cortex findings follow the format `CX-{CATEGORY}-{NUMBER}`. |
| 4 | + |
| 5 | +## Security — CX-SEC |
| 6 | + |
| 7 | +| Code | Name | Severity | Languages | |
| 8 | +|------|------|----------|-----------| |
| 9 | +| CX-SEC-001 | Hardcoded secrets | Critical | All | |
| 10 | +| CX-SEC-002 | SQL injection | High | JS, TS, Python, Go, Java | |
| 11 | +| CX-SEC-003 | Command injection | High | All | |
| 12 | +| CX-SEC-004 | Path traversal | High | All | |
| 13 | +| CX-SEC-005 | Insecure random | Medium | All | |
| 14 | +| CX-SEC-006 | JWT misconfiguration | High | JS, TS, Python, Go | |
| 15 | +| CX-SEC-007 | CORS misconfiguration | Medium | JS, TS, Python, Go | |
| 16 | +| CX-SEC-008 | Sensitive data in logs | Medium | All | |
| 17 | + |
| 18 | +## Dependencies — CX-DEP |
| 19 | + |
| 20 | +| Code | Name | Severity | Languages | |
| 21 | +|------|------|----------|-----------| |
| 22 | +| CX-DEP-001 | Known vulnerable dependency | Critical/High | All | |
| 23 | +| CX-DEP-002 | Lockfile drift | Medium | JS, TS | |
| 24 | + |
| 25 | +## Architecture — CX-ARCH |
| 26 | + |
| 27 | +| Code | Name | Severity | Languages | |
| 28 | +|------|------|----------|-----------| |
| 29 | +| CX-ARCH-001 | God file | Medium | All | |
| 30 | +| CX-ARCH-002 | Circular dependency | High | All | |
| 31 | +| CX-ARCH-003 | Deep nesting | Medium | All | |
| 32 | +| CX-ARCH-004 | Missing error handling | High | Go, JS, TS | |
| 33 | +| CX-ARCH-005 | Magic numbers | Low | All | |
| 34 | +| CX-ARCH-006 | Dead code | Low | All | |
| 35 | +| CX-ARCH-007 | Missing tests | Medium | All | |
| 36 | +| CX-ARCH-008 | Inconsistent naming | Low | All | |
0 commit comments