Skip to content

Invalid condition in allOf

Description

Your current allOf condition does not allow any value to be valid.

Remediation

Update your condition to allow at least one value to be valid. You can use anyOf if you want to allow multiple values to be valid.

REST Specific

Asp_net Ensure that the allOf condition in your schema is correctly defined with overlapping valid value ranges or compatible conditions, allowing for at least one set of values to satisfy all specified schemas.
Ruby_on_rails In Ruby on Rails, ensure that your allOf conditions in JSON Schemas are correctly defined to allow for valid combinations of the specified schemas. Review the conditions and adjust them to accurately reflect the intended logic. Additionally, consider using ActiveModel::Validations for more complex validation logic within your Rails models.
Next_js Ensure that the allOf condition in your schema has at least one possible set of valid conditions. Review the schema logic to allow for a meaningful combination of the included schemas that can be satisfied by appropriate input data.
Laravel In Laravel, ensure that your allOf condition in validation rules is properly defined to allow for valid combinations of input. Review the conditions and adjust them to accurately reflect the intended logic. Utilize Laravel's built-in validation rules or custom rules if necessary to create a coherent allOf condition.
Express_js Ensure that the allOf condition in your schema has at least one set of valid criteria that can be met. Review the schema definitions included in the allOf array and adjust them so that they do not contradict each other, allowing for a valid set of data to satisfy the condition.
Django Ensure that the allOf condition in your schema has at least one possible set of valid conditions. Review the nested schemas within allOf to confirm they are not mutually exclusive and can be satisfied simultaneously. In the Django framework, use Django's form or serializer validation to enforce the combined conditions.
Symfony In Symfony, ensure that your 'allOf' condition in the validation configuration is correctly defined with overlapping valid value ranges or compatible conditions. Review the constraints within 'allOf' to allow for a valid intersection of conditions. Utilize the Symfony Validator component and properly configure your validation rules to prevent mutually exclusive conditions.
Spring_boot Ensure that the allOf condition in your Spring Boot application's JSON schema is correctly defined with overlapping valid sets, or refactor the schema to use anyOf or oneOf if mutually exclusive conditions are intended.
Flask Ensure that the allOf condition in your JSON Schema is correctly defined with overlapping valid value ranges or compatible conditions. In the Flask framework, review your schema definitions and adjust the allOf conditions to create a logical intersection that allows for valid input. Additionally, consider using Flask extensions like Flask-RESTful or Marshmallow to help with request parsing and validation.
Nuxt Ensure that the allOf condition in your schema has at least one set of valid criteria that an object can satisfy. Review the schema definitions included in the allOf array and adjust them so that they do not contradict each other, allowing for a valid object to meet the combined requirements.
Fastapi Ensure that the allOf condition in your OpenAPI schema is correctly defined with overlapping valid value ranges or compatible conditions, allowing for a subset of data to be valid. In FastAPI, review your Pydantic models to make sure the allOf conditions are used properly and reflect the intended constraints.
Frappe Ensure that all conditions within the allOf schema in the Frappe framework are correctly defined to allow valid values, and verify that each condition is logically consistent and necessary for the intended validation.
Genzio Ensure that the allOf condition in your Genzio framework engine configuration is correctly defined to allow valid values by reviewing and adjusting the schema logic.
Gin Ensure that all conditions within the allOf clause are correctly defined and allow for valid values. Review the schema to ensure that each condition is logically consistent and does not contradict other conditions, allowing for valid data to pass through.
Gorilla Ensure that all conditions within the allOf clause are correctly defined and allow for valid values by reviewing and adjusting the schema constraints.
Hapi Ensure that all conditions within the allOf schema are correctly defined to allow valid values, and verify that each condition is necessary and correctly implemented in the Hapi framework.
Hono Ensure that the allOf condition in your JSON schema is correctly defined to allow valid values by reviewing and adjusting the constraints and conditions specified within each schema component.
Jersey Ensure that all conditions within the allOf schema are correctly defined to allow valid values, and verify that each condition is necessary and correctly implemented in the Jersey framework.
Koa Ensure that all conditions in the allOf array are valid and correctly defined to allow the intended values in the Koa framework.
Ktor Ensure that all conditions within the allOf clause are correctly defined and allow for valid values in the Ktor framework engine configuration.
Leptos Ensure that all conditions within the allOf schema are valid and can be satisfied by at least one possible value.
Macaron Ensure allOf conditions are correctly defined to allow valid values in the Macaron framework engine.
Phoenix Ensure that all conditions within the allOf clause are correctly defined and allow for valid values in the Phoenix framework.
Redwoodjs Ensure that all conditions within the allOf schema are valid and can be satisfied by the input data in your RedwoodJS application.
Rocket Ensure allOf conditions are correctly defined to allow valid values in the Rocket framework engine.
Sveltekit Ensure that allOf conditions in your SvelteKit application are correctly defined to allow valid values by reviewing and adjusting the schema logic.

Configuration

Identifier: schema/invalid_allof

Examples

Ignore this check

checks:
  schema/invalid_allof:
    skip: true

Score

  • Escape Severity:

Compliance

  • OWASP: API9:2023
  • OWASP LLM: LLM02:2023
  • pci: 1.1
  • gdpr: Article-32
  • soc2: CC1
  • psd2: Article-95
  • iso27001: A.14.2
  • nist: SP800-53
  • fedramp: AC-2

Classification

  • CWE: 758

Score

  • CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

References