Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
Sensitive Linear API client secrets have been found hard-coded directly in the source code. Storing credentials in code exposes them to anyone with access to the codebase, making them easily discoverable.
Impact#
If these secrets are leaked, attackers could gain unauthorized access to your Linear account or data, potentially leading to data breaches, unauthorized actions, or compromise of other connected systems. This puts both your application’s security and your organization’s data integrity at risk.