Security Test: Duplicated object¶
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | Frontend Scanner |
|---|---|---|
Description¶
Default Severity:
Duplicated objects occur when the same concept is defined more than once in your API schema, potentially causing different parts of your system to behave inconsistently. This can happen due to copy-pasting or poor organization, and it makes the API hard to maintain because changes in one instance might not be applied elsewhere. The risk lies in creating confusion about which definition is the true one, leading to bugs, integration issues, and even performance drops if the API ends up doing unnecessary work. Developers often fall into this trap when trying to speed up development without a proper plan for managing common data structures.
Configuration¶
Identifier:
schema/duplicated_object
Examples¶
All configuration available:
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API9:2023 |
| OWASP LLM Top 10 | LLM02:2023 |
| PCI DSS | 6.5.1 |
| GDPR | Article-32 |
| SOC2 | CC1 |
| PSD2 | Article-95 |
| ISO 27001 | A.12.6 |
| NIST | SP800-53 |
| FedRAMP | CM-3 |
| CWE | 710 |
| CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N |