warningRisk: Hardening

Scanned:

Microsoft.ReportingServices.ReportViewerControl.WebForms

latest

Microsoft Report Viewer Control for ASP.Net Web Forms applications. Contains the assemblies required to use the ASP.Net Web Forms Report Viewer Control.

License: unknown

Published:

See on NuGet

SAFE Assessment

Compliance

Licenses

No license compliance issues

Secrets

No sensitive information found

Security

Vulnerabilities

No known vulnerabilities detected

Hardening

1 modern mitigations missing

Threats

Tampering

No evidence of software tampering

Malware

No evidence of malware inclusion

Popularity

9.92M

Total Downloads

Contributors

Declared Dependencies

Dependents

Top issues

See all issues

Problem

Software developers use programming and design knowledge to build reusable software components. Software components are the basic building blocks for modern applications. Software consumed by an enterprise consists of hundreds, and sometimes even thousands of open source components. Open source communities depend on the work of thousands of software developers that volunteer their time to maintain software components. Software developers build up the reputation of their open source projects by developing in public. Modern source code repositories have many social features that allow software developers to handle bug reports, have discussions with their users, and convey reaching significant project milestones. It is uncommon to find open source projects that omit linking their component to a publicly accessible source code repository.

Prevalence in NuGet community

99 packages

found in

Top 100

723 packages

found in

Top 1k

6007 packages

found in

Top 10k

575.57k packages

in community

Next steps

Check the software component behaviors for anomalies.

Consider exploratory software component testing within a sandbox environment.

Consider replacing the software component with a more widely used alternative.

Avoid using this software package until it is vetted as safe.

Problem

Prevalence in NuGet community

0 packages

found in

Top 100

29 packages

found in

Top 1k

343 packages

found in

Top 10k

9.57k packages

in community

Next steps

It's highly recommended to enable this option for all software components used at security boundaries, or those that process user controlled inputs.

To enable this mitigation, refer to your programming language toolchain documentation.

In Microsoft VisualStudio, you can enable CFG mitigation by passing the /guard:cf parameter to the compiler and linker.

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that dynamic calls are made only to vetted functions. Trusted execution paths rely on the ability of the operating system to build a list of valid function targets. Certain functions can intentionally be disallowed to prevent malicious code from deactivating vulnerability mitigation features. A list of such invalid function targets can include publicly exported symbols. Applications that enhance control flow integrity through export suppression rely on libraries to mark their publicly visible symbols as suppressed. This is done for all symbols that are considered to be sensitive functions, and to which access should be restricted. It is considered dangerous to mix applications that perform export suppression with libraries that do not.

Prevalence in NuGet community

0 packages

found in

Top 100

48 packages

found in

Top 1k

527 packages

found in

Top 10k

16.29k packages

in community

Next steps

To enable this mitigation on library code, refer to your programming language toolchain documentation.

In Microsoft VisualStudio, you can enable CFG mitigation by passing the /guard:cf parameter to the compiler and linker.

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that indirect calls are made only to vetted functions. This mitigation protects dynamically resolved function targets by instrumenting the code responsible for transferring execution control. Higher-level programming languages implement structured exception handling by managing their own code flow execution paths. As such, they are subject to code flow hijacking during runtime. Language-specific exception handling mitigation enforces execution integrity by instrumenting calls to manage execution context switching. Any deviation from the known and trusted code flow paths will cause the application to terminate. This makes malicious code less likely to execute.

Prevalence in NuGet community

0 packages

found in

Top 100

51 packages

found in

Top 1k

558 packages

found in

Top 10k

16.98k packages

in community

Next steps

It's highly recommended to enable this option for all software components used at security boundaries, or those that process user controlled inputs.

To enable this mitigation, refer to your programming language toolchain documentation.

In Microsoft VisualStudio, you can enable CFG mitigation by passing the /guard:cf parameter to the compiler and linker.

Problem

Digital signatures are applied to applications, packages and documents as a cryptographically secured authenticity record. Signatures verify the origin and the integrity of the object they apply to. The integrity validation relies on the cryptographic strength of the encryption and the hash verification algorithm. If either of the two is considered weak by current standards, there is a chance the signed object could be maliciously modified, without triggering the integrity failure check.

Prevalence in NuGet community

100 packages

found in

Top 100

899 packages

found in

Top 1k

8997 packages

found in

Top 10k

755.66k packages

in community

Next steps

found in

Top 10k

71.76k packages

in community

Top vulnerabilities

No vulnerabilities found.

FAQ for Microsoft.ReportingServices.ReportViewerControl.WebForms

What is Microsoft.ReportingServices.ReportViewerControl.WebForms?

Microsoft Report Viewer Control for ASP.Net Web Forms applications. Contains the assemblies required to use the ASP.Net Web Forms Report Viewer Control. For more information about this package, visit its homepage.

Is Microsoft.ReportingServices.ReportViewerControl.WebForms malicious or is it safe to use?

The .NET package Microsoft.ReportingServices.ReportViewerControl.WebForms was scanned for malware, software tampering, risky behaviors, exposed secrets and known vulnerabilities. The package contains risks, and the analysis results should be reviewed before it is downloaded and used. Visit the Issues and Behaviors sections of the analysis for more details.

Is Microsoft.ReportingServices.ReportViewerControl.WebForms popular?

The .NET package Microsoft.ReportingServices.ReportViewerControl.WebForms ranks among the top 10000 projects in this community. It has 10M recorded downloads. A package's popularity is not a good indicator of its safety, visit the SAFE Assessment section to see the full analysis of package deployment risk categories.

How do I secure Microsoft.ReportingServices.ReportViewerControl.WebForms once it is in my app?

Since we can't know when or where malicious attacks will happen, we recommend tracking how Microsoft.ReportingServices.ReportViewerControl.WebForms behaviors change over multiple software releases. By adopting differential analysis in your release process, you can detect unexpected changes to a Microsoft.ReportingServices.ReportViewerControl.WebForms version, which can prevent advanced software supply chain attacks. Read how our technology can help prevent future attacks similar to SolarWinds and 3CX.

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.

This website uses cookies to ensure the best website experience. By continuing to use this website you are giving your consent to cookies being used. Detailed information about our use of cookies is here.

Popularity

9.92M

Total Downloads

Contributors

Declared Dependencies

Dependents

Top issues

See all issues

Problem

Prevalence in NuGet community

99 packages

found in

Top 100

723 packages

found in

Top 1k

6007 packages

found in

Top 10k

575.57k packages

in community

Next steps

Check the software component behaviors for anomalies.

Consider exploratory software component testing within a sandbox environment.

Consider replacing the software component with a more widely used alternative.

Avoid using this software package until it is vetted as safe.

Problem

Prevalence in NuGet community

0 packages

found in

Top 100

29 packages

found in

Top 1k

343 packages

found in

Top 10k

9.57k packages

in community

Next steps

It's highly recommended to enable this option for all software components used at security boundaries, or those that process user controlled inputs.

To enable this mitigation, refer to your programming language toolchain documentation.

In Microsoft VisualStudio, you can enable CFG mitigation by passing the /guard:cf parameter to the compiler and linker.

Problem

Prevalence in NuGet community

0 packages

found in

Top 100

48 packages

found in

Top 1k

527 packages

found in

Top 10k

16.29k packages

in community

Next steps

To enable this mitigation on library code, refer to your programming language toolchain documentation.

In Microsoft VisualStudio, you can enable CFG mitigation by passing the /guard:cf parameter to the compiler and linker.

Problem

Prevalence in NuGet community

0 packages

found in

Top 100

51 packages

found in

Top 1k

558 packages

found in

Top 10k

16.98k packages

in community

Next steps

It's highly recommended to enable this option for all software components used at security boundaries, or those that process user controlled inputs.

To enable this mitigation, refer to your programming language toolchain documentation.

In Microsoft VisualStudio, you can enable CFG mitigation by passing the /guard:cf parameter to the compiler and linker.

Problem

Prevalence in NuGet community

100 packages

found in

Top 100

899 packages

found in

Top 1k

8997 packages

found in

Top 10k

755.66k packages

in community

Next steps

Top 10k

71.76k packages

in community

Top vulnerabilities

No vulnerabilities found.

Microsoft.ReportingServices.ReportViewerControl.WebForms

SAFE Assessment

Compliance

Security

Threats

Popularity

Top issues

TH30112Detected presence of software components without a declared source code repository.hunting

Problem

Prevalence in NuGet community

Next steps

SQ14122Detected Windows executable files that do not implement CFG vulnerability mitigation protection.Causes risk: modern mitigations missinghardening

Problem

Prevalence in NuGet community

Next steps

SQ14125Detected Windows shared library files that do not suppress exports which reduces CFG vulnerability mitigation protection effectiveness.Causes risk: low priority mitigations absenthardening

Problem

Prevalence in NuGet community

Next steps

SQ14127Detected Windows executable files that do not implement long jump control flow vulnerability mitigation protection.Causes risk: low priority mitigations absenthardening

Problem

Prevalence in NuGet community

Next steps

SQ20119Detected digital signatures that rely on a weak digest algorithm for integrity validation.signatures

Problem

Prevalence in NuGet community

Next steps

Top behaviors

Retrieves the name of the user associated with the process.search

Prevalence in NuGet community

Deletes the value of a registry key.registry

Prevalence in NuGet community

Deletes a registry key and its values.registry

Prevalence in NuGet community

Changes the value of a registry key.registry

Prevalence in NuGet community

Encodes data using the Base64 algorithm.packer

Prevalence in NuGet community

Top vulnerabilities

FAQ for Microsoft.ReportingServices.ReportViewerControl.WebForms

What is Microsoft.ReportingServices.ReportViewerControl.WebForms?

Is Microsoft.ReportingServices.ReportViewerControl.WebForms malicious or is it safe to use?

Is Microsoft.ReportingServices.ReportViewerControl.WebForms popular?

How do I secure Microsoft.ReportingServices.ReportViewerControl.WebForms once it is in my app?

Did you know...

Popularity

Top issues

TH30112Detected presence of software components without a declared source code repository.hunting

Problem

Prevalence in NuGet community

Next steps

SQ14122Detected Windows executable files that do not implement CFG vulnerability mitigation protection.Causes risk: modern mitigations missinghardening

Problem

Prevalence in NuGet community

Next steps

SQ14125Detected Windows shared library files that do not suppress exports which reduces CFG vulnerability mitigation protection effectiveness.Causes risk: low priority mitigations absenthardening

Problem

Prevalence in NuGet community

Next steps

SQ14127Detected Windows executable files that do not implement long jump control flow vulnerability mitigation protection.Causes risk: low priority mitigations absenthardening

Problem

Prevalence in NuGet community

Next steps

SQ20119Detected digital signatures that rely on a weak digest algorithm for integrity validation.signatures

Problem

Prevalence in NuGet community

Next steps

Top behaviors

Retrieves the name of the user associated with the process.search

Prevalence in NuGet community

Deletes the value of a registry key.registry

Prevalence in NuGet community

Deletes a registry key and its values.registry

Prevalence in NuGet community

Changes the value of a registry key.registry

Prevalence in NuGet community

Encodes data using the Base64 algorithm.packer

Prevalence in NuGet community

Top vulnerabilities