RubyGems - brakeman-lib - Versions diffs - 5.2.2 → 5.3.1 - Mend

brakeman-lib 5.2.2 → 5.3.1

Files changed (100) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 45b4ed913efc8767851fa736f69591dad0bd6c26eb2b9c6f84e71acef92670ce
-  data.tar.gz: b40f9ee9b0dbd2187e071609193b3df891dd6e462bd3de572ce4a335db063185
+  metadata.gz: d1cfbfc4a477ca4da5ff22010526e792bc218fa2aa7abe454a8a9d0be4dd2128
+  data.tar.gz: 5209d14eb749f8ec05ffd724e53a0cf575834c8f21fda1ef6c0481be4165133b
 SHA512:
-  metadata.gz: 8966515fb503515fb38a7581061a72464b81a6bcf86b99c58711dbbb88b636b87b5e74a09190b53cd7c09ea1674458bfe874698416c4928dbf44eb46bc234221
-  data.tar.gz: ca7309e4b30e14213b1e697e33113737ee8c2da1d6997f6e28c0a68df965dcd348c9b7c7a4bbe285e7dc7356b7c6fceb2171b13aae92338d02d4e5ef4992c9a4
+  metadata.gz: 5e3deacdca32c220ca081e3ceff9f98f4a4152150b97e9fa2915c40569fc9a01b5f9a2b451593090e2ea20874ba741168ca2c1913a0fe77e59b215f58f2ea80e
+  data.tar.gz: 8acf5cef0175a70381c5dfa6d015e9882a23786317b13cf16b6432376614dffb3bb30ead9fd12bb45f267f92a786012dd28d86728fc17e9ae7a4ef467951def9

data/CHANGES.md CHANGED Viewed

@@ -1,3 +1,20 @@
+# 5.3.1 - 2022-08-09
+* Fix version range for CVE-2022-32209
+# 5.3.0 - 2022-08-09
+* Include explicit engine or lib paths in vendor/ (Joe Rafaniello)
+* Load rexml as a Brakeman dependency
+* Fix "full call" information propagating unnecessarily
+* Add check for CVE-2022-32209
+* Add CWE information to warnings (Stephen Aghaulor)
+# 5.2.3 - 2022-05-01
+* Fix error with hash shorthand syntax
+* Match order of interactive options with help message (Rory O'Kane)
 # 5.2.2 - 2022-04-06
 * Update `ruby_parser` for Ruby 3.1 support (Merek Skubela)

data/lib/brakeman/app_tree.rb CHANGED Viewed

@@ -205,7 +205,7 @@ module Brakeman
       paths.reject do |path|
         relative_path = path.relative
-        if @skip_vendor and relative_path.include? 'vendor/'
+        if @skip_vendor and relative_path.include? 'vendor/' and !in_engine_paths?(path) and !in_add_libs_paths?(path)
           true
         else
           EXCLUDED_PATHS.any? do |excluded|
@@ -215,6 +215,14 @@ module Brakeman
       end
     end
+    def in_engine_paths?(path)
+      @engine_paths.any? { |p| path.absolute.include?(p) }
+    end
+    def in_add_libs_paths?(path)
+      @additional_libs_path.any? { |p| path.absolute.include?(p) }
+    end
     def match_path files, path
       absolute_path = Pathname.new(path)
       # relative root never has a leading separator. But, we use a leading

data/lib/brakeman/checks/check_basic_auth.rb CHANGED Viewed

@@ -31,7 +31,8 @@ class Brakeman::CheckBasicAuth < Brakeman::BaseCheck
               :message => "Basic authentication password stored in source code",
               :code => call,
               :confidence => :high,
-              :file => controller.file
+              :file => controller.file,
+              :cwe_id => [259]
           break
         end
       end
@@ -50,7 +51,8 @@ class Brakeman::CheckBasicAuth < Brakeman::BaseCheck
               :warning_type => "Basic Auth",
               :warning_code => :basic_auth_password,
               :message => "Basic authentication password stored in source code",
-              :confidence => :high
+              :confidence => :high,
+              :cwe_id => [259]
       end
     end
   end

data/lib/brakeman/checks/check_basic_auth_timing_attack.rb CHANGED Viewed

@@ -27,7 +27,8 @@ class Brakeman::CheckBasicAuthTimingAttack < Brakeman::BaseCheck
         :warning_code => :CVE_2015_7576,
         :message => msg("Basic authentication in ", msg_version(rails_version), " is vulnerable to timing attacks. Upgrade to ", msg_version(@upgrade)),
         :confidence => :high,
-        :link => "https://groups.google.com/d/msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ"
+        :link => "https://groups.google.com/d/msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ",
+        :cwe_id => [1254]
     end
   end
 end

data/lib/brakeman/checks/check_content_tag.rb CHANGED Viewed

@@ -117,7 +117,8 @@ class Brakeman::CheckContentTag < Brakeman::CheckCrossSiteScripting
         :message => message,
         :user_input => input,
         :confidence => :high,
-        :link_path => "content_tag"
+        :link_path => "content_tag",
+        :cwe_id => [79]
     elsif not tracker.options[:ignore_model_output] and match = has_immediate_model?(arg)
       unless IGNORE_MODEL_METHODS.include? match.method
@@ -135,7 +136,8 @@ class Brakeman::CheckContentTag < Brakeman::CheckCrossSiteScripting
           :message => msg("Unescaped model attribute in ", msg_code("content_tag")),
           :user_input => match,
           :confidence => confidence,
-          :link_path => "content_tag"
+          :link_path => "content_tag",
+          :cwe_id => [79]
       end
     elsif @matched
@@ -151,7 +153,8 @@ class Brakeman::CheckContentTag < Brakeman::CheckCrossSiteScripting
         :message => message,
         :user_input => @matched,
         :confidence => :medium,
-        :link_path => "content_tag"
+        :link_path => "content_tag",
+        :cwe_id => [79]
     end
   end
@@ -195,7 +198,8 @@ class Brakeman::CheckContentTag < Brakeman::CheckCrossSiteScripting
         :message => msg(msg_version(rails_version), " ", msg_code("content_tag"), " does not escape double quotes in attribute values ", msg_cve("CVE-2016-6316"), ". Upgrade to ", msg_version(fix_version)),
         :confidence => confidence,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/8B2iV2tPRSE/JkjCJkSoCgAJ"
+        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/8B2iV2tPRSE/JkjCJkSoCgAJ",
+        :cwe_id => [79]
     end
   end

data/lib/brakeman/checks/check_cookie_serialization.rb CHANGED Viewed

@@ -15,7 +15,8 @@ class Brakeman::CheckCookieSerialization < Brakeman::BaseCheck
           :warning_code => :unsafe_cookie_serialization,
           :message => msg("Use of unsafe cookie serialization strategy ", msg_code(setting.value.inspect), " might lead to remote code execution"),
           :confidence => :medium,
-          :link_path => "unsafe_deserialization"
+          :link_path => "unsafe_deserialization",
+          :cwe_id => [565, 502]
       end
     end
   end

data/lib/brakeman/checks/check_create_with.rb CHANGED Viewed

@@ -39,7 +39,8 @@ class Brakeman::CheckCreateWith < Brakeman::BaseCheck
         :result => result,
         :message => @message,
         :confidence => confidence,
-        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"
+        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ",
+        :cwe_id => [915]
     end
   end
@@ -69,6 +70,7 @@ class Brakeman::CheckCreateWith < Brakeman::BaseCheck
         :message => @message,
         :gem_info => gemfile_or_environment,
         :confidence => :medium,
-        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"
+        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ",
+        :cwe_id => [915]
   end
 end

data/lib/brakeman/checks/check_cross_site_scripting.rb CHANGED Viewed

@@ -82,7 +82,8 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
         :warning_code => :cross_site_scripting,
         :message => message,
         :code => input.match,
-        :confidence => :high
+        :confidence => :high,
+        :cwe_id => [79]
     elsif not tracker.options[:ignore_model_output] and match = has_immediate_model?(out)
       method = if call? match
@@ -116,7 +117,8 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
           :message => message,
           :code => match,
           :confidence => confidence,
-          :link_path => link_path
+          :link_path => link_path,
+          :cwe_id => [79]
       end
     else
@@ -200,7 +202,8 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
             :code => exp,
             :user_input => @matched,
             :confidence => confidence,
-            :link_path => link_path
+            :link_path => link_path,
+            :cwe_id => [79]
         end
       end

data/lib/brakeman/checks/check_csrf_token_forgery_cve.rb CHANGED Viewed

@@ -21,7 +21,8 @@ class Brakeman::CheckCSRFTokenForgeryCVE < Brakeman::BaseCheck
         :message => msg(msg_version(rails_version), " has a vulnerability that may allow CSRF token forgery. Upgrade to ", msg_version(fix_version), " or patch"),
         :confidence => :medium,
         :gem_info => gemfile_or_environment,
-        :link => "https://groups.google.com/g/rubyonrails-security/c/NOjKiGeXUgw"
+        :link => "https://groups.google.com/g/rubyonrails-security/c/NOjKiGeXUgw",
+        :cwe_id => [352]
     end
   end
 end

data/lib/brakeman/checks/check_default_routes.rb CHANGED Viewed

@@ -27,7 +27,8 @@ class Brakeman::CheckDefaultRoutes < Brakeman::BaseCheck
         :message => msg("All public methods in controllers are available as actions in ", msg_file("routes.rb")),
         :line => tracker.routes[:allow_all_actions].line,
         :confidence => :high,
-        :file => "#{tracker.app_path}/config/routes.rb"
+        :file => "#{tracker.app_path}/config/routes.rb",
+        :cwe_id => [22]
     end
   end
@@ -49,7 +50,8 @@ class Brakeman::CheckDefaultRoutes < Brakeman::BaseCheck
           :message => msg("Any public method in ", msg_code(name), " can be used as an action for ", msg_code(verb), " requests."),
           :line => actions[2],
           :confidence => :medium,
-          :file => "#{tracker.app_path}/config/routes.rb"
+          :file => "#{tracker.app_path}/config/routes.rb",
+          :cwe_id => [22]
       end
     end
   end
@@ -82,7 +84,8 @@ class Brakeman::CheckDefaultRoutes < Brakeman::BaseCheck
       :message => msg(msg_version(rails_version), " with globbing routes is vulnerable to directory traversal and remote code execution. Patch or upgrade to ", msg_version(upgrade)),
       :confidence => confidence,
       :file => "#{tracker.app_path}/config/routes.rb",
-      :link => "http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf"
+      :link => "http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf",
+      :cwe_id => [22]
   end
   def allow_all_actions?

data/lib/brakeman/checks/check_deserialize.rb CHANGED Viewed

@@ -87,7 +87,8 @@ class Brakeman::CheckDeserialize < Brakeman::BaseCheck
         :message => message,
         :user_input => input,
         :confidence => confidence,
-        :link_path => "unsafe_deserialization"
+        :link_path => "unsafe_deserialization",
+        :cwe_id => [502]
     end
   end

data/lib/brakeman/checks/check_detailed_exceptions.rb CHANGED Viewed

@@ -19,7 +19,8 @@ class Brakeman::CheckDetailedExceptions < Brakeman::BaseCheck
            :warning_code => :local_request_config,
            :message => "Detailed exceptions are enabled in production",
            :confidence => :high,
-           :file => "config/environments/production.rb"
+           :file => "config/environments/production.rb",
+           :cwe_id => [200]
     end
   end
@@ -42,7 +43,8 @@ class Brakeman::CheckDetailedExceptions < Brakeman::BaseCheck
                :message => msg("Detailed exceptions may be enabled in ", msg_code("show_detailed_exceptions?")),
                :confidence => confidence,
                :code => src,
-               :file => definition[:file]
+               :file => definition[:file],
+               :cwe_id => [200]
         end
       end
     end

data/lib/brakeman/checks/check_digest_dos.rb CHANGED Viewed

@@ -29,7 +29,8 @@ class Brakeman::CheckDigestDoS < Brakeman::BaseCheck
       :message => message,
       :confidence => confidence,
       :link_path => "https://groups.google.com/d/topic/rubyonrails-security/vxJjrc15qYM/discussion",
-      :gem_info => gemfile_or_environment
+      :gem_info => gemfile_or_environment,
+      :cwe_id => [287]
   end
   def with_http_digest?

data/lib/brakeman/checks/check_divide_by_zero.rb CHANGED Viewed

@@ -36,7 +36,8 @@ class Brakeman::CheckDivideByZero < Brakeman::BaseCheck
         :warning_code => :divide_by_zero,
         :message => "Potential division by zero",
         :confidence => confidence,
-        :user_input => denominator
+        :user_input => denominator,
+        :cwe_id => [369]
     end
   end
 end

data/lib/brakeman/checks/check_dynamic_finders.rb CHANGED Viewed

@@ -27,7 +27,8 @@ class Brakeman::CheckDynamicFinders < Brakeman::BaseCheck
             :warning_code => :sql_injection_dynamic_finder,
             :message => "MySQL integer conversion may cause 0 to match any string",
             :confidence => :medium,
-            :user_input => arg
+            :user_input => arg,
+            :cwe_id => [89]
           break
         end

data/lib/brakeman/checks/check_escape_function.rb CHANGED Viewed

@@ -15,7 +15,8 @@ class Brakeman::CheckEscapeFunction < Brakeman::BaseCheck
         :message => msg("Rails versions before 2.3.14 have a vulnerability in the ", msg_code("escape"), " method when used with Ruby 1.8 ", msg_cve("CVE-2011-2932")),
         :confidence => :high,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/Vr_7WSOrEZU/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/Vr_7WSOrEZU/discussion",
+        :cwe_id => [79]
     end
   end
 end

data/lib/brakeman/checks/check_evaluation.rb CHANGED Viewed

@@ -28,7 +28,8 @@ class Brakeman::CheckEvaluation < Brakeman::BaseCheck
         :warning_code => :code_eval,
         :message => "User input in eval",
         :user_input => input,
-        :confidence => :high
+        :confidence => :high,
+        :cwe_id => [913, 95]
     end
   end
 end

data/lib/brakeman/checks/check_execute.rb CHANGED Viewed

@@ -117,7 +117,8 @@ class Brakeman::CheckExecute < Brakeman::BaseCheck
         :message => "Possible command injection",
         :code => call,
         :user_input => failure,
-        :confidence => confidence
+        :confidence => confidence,
+        :cwe_id => [77]
     end
   end
@@ -138,7 +139,8 @@ class Brakeman::CheckExecute < Brakeman::BaseCheck
           :warning_code => :command_injection,
           :message => msg("Possible command injection in ", msg_code("open")),
           :user_input => match,
-          :confidence => :high
+          :confidence => :high,
+          :cwe_id => [77]
       end
     end
   end
@@ -201,7 +203,8 @@ class Brakeman::CheckExecute < Brakeman::BaseCheck
       :message => "Possible command injection",
       :code => exp,
       :user_input => input,
-      :confidence => confidence
+      :confidence => confidence,
+      :cwe_id => [77]
   end
   # This method expects a :dstr or :evstr node

data/lib/brakeman/checks/check_file_access.rb CHANGED Viewed

@@ -60,7 +60,8 @@ class Brakeman::CheckFileAccess < Brakeman::BaseCheck
         :message => message,
         :confidence => confidence,
         :code => call,
-        :user_input => match
+        :user_input => match,
+        :cwe_id => [22]
     end
   end

data/lib/brakeman/checks/check_file_disclosure.rb CHANGED Viewed

@@ -25,7 +25,8 @@ class Brakeman::CheckFileDisclosure < Brakeman::BaseCheck
         :message => msg(msg_version(rails_version), " has a file existence disclosure vulnerability. Upgrade to ", msg_version(fix_version), " or disable serving static assets"),
         :confidence => :high,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/23fiuwb1NBA/MQVM1-5GkPMJ"
+        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/23fiuwb1NBA/MQVM1-5GkPMJ",
+        :cwe_id => [22]
     end
   end

data/lib/brakeman/checks/check_filter_skipping.rb CHANGED Viewed

@@ -15,7 +15,8 @@ class Brakeman::CheckFilterSkipping < Brakeman::BaseCheck
         :message => msg("Rails versions before 3.0.10 have a vulnerability which allows filters to be bypassed", msg_cve("CVE-2011-2929")),
         :confidence => :high,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/NCCsca7TEtY/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/NCCsca7TEtY/discussion",
+        :cwe_id => [20]
     end
   end

data/lib/brakeman/checks/check_force_ssl.rb CHANGED Viewed

@@ -21,7 +21,8 @@ class Brakeman::CheckForceSSL < Brakeman::BaseCheck
         :message => msg("The application does not force use of HTTPS: ", msg_code("config.force_ssl"), " is not enabled"),
         :confidence => :high,
         :file => "config/environments/production.rb",
-        :line => line
+        :line => line,
+        :cwe_id => [311]
     end
   end
 end

data/lib/brakeman/checks/check_forgery_setting.rb CHANGED Viewed

@@ -52,7 +52,8 @@ class Brakeman::CheckForgerySetting < Brakeman::BaseCheck
     opts = {
       :controller => :ApplicationController,
       :warning_type => "Cross-Site Request Forgery",
-      :confidence => :high
+      :confidence => :high,
+      :cwe_id => [352]
     }.merge opts
     warn opts
@@ -76,6 +77,7 @@ class Brakeman::CheckForgerySetting < Brakeman::BaseCheck
       :message => msg("CSRF protection is flawed in unpatched versions of ", msg_version(rails_version), " ", msg_cve("CVE-2011-0447"), ". Upgrade to ", msg_version(new_version), " or apply patches as needed"),
       :gem_info => gemfile_or_environment,
       :file => nil,
-      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/LZWjzCPgNmU/discussion"
+      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/LZWjzCPgNmU/discussion",
+      :cwe_id => [352]
   end
 end

data/lib/brakeman/checks/check_header_dos.rb CHANGED Viewed

@@ -20,7 +20,8 @@ class Brakeman::CheckHeaderDoS < Brakeman::BaseCheck
         :message => message,
         :confidence => :medium,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/A-ebV4WxzKg/KNPTbX8XAQUJ"
+        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/A-ebV4WxzKg/KNPTbX8XAQUJ",
+        :cwe_id => [20]
     end
   end

data/lib/brakeman/checks/check_i18n_xss.rb CHANGED Viewed

@@ -23,7 +23,8 @@ class Brakeman::CheckI18nXSS < Brakeman::BaseCheck
         :message => message,
         :confidence => :medium,
         :gem_info => gemfile_or_environment(:i18n),
-        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ"
+        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ",
+        :cwe_id => [79]
     end
   end

data/lib/brakeman/checks/check_jruby_xml.rb CHANGED Viewed

@@ -31,6 +31,7 @@ class Brakeman::CheckJRubyXML < Brakeman::BaseCheck
       :message => msg(msg_version(rails_version), " with JRuby has a vulnerability in XML parser. Upgrade to ", msg_version(fix_version), " or patch"),
       :confidence => :high,
       :gem_info => gemfile_or_environment,
-      :link => "https://groups.google.com/d/msg/rubyonrails-security/KZwsQbYsOiI/5kUV7dSCJGwJ"
+      :link => "https://groups.google.com/d/msg/rubyonrails-security/KZwsQbYsOiI/5kUV7dSCJGwJ",
+      :cwe_id => [20]
   end
 end

data/lib/brakeman/checks/check_json_encoding.rb CHANGED Viewed

@@ -26,7 +26,8 @@ class Brakeman::CheckJSONEncoding < Brakeman::BaseCheck
         :message => message,
         :confidence => confidence,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/7VlB_pck3hU/3QZrGIaQW6cJ"
+        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/7VlB_pck3hU/3QZrGIaQW6cJ",
+        :cwe_id => [79]
     end
   end

data/lib/brakeman/checks/check_json_entity_escape.rb CHANGED Viewed

@@ -17,7 +17,8 @@ class Brakeman::CheckJSONEntityEscape < Brakeman::BaseCheck
         :message => msg("HTML entities in JSON are not escaped by default"),
         :confidence => :medium,
         :file => "config/environments/production.rb",
-        :line => 1
+        :line => 1,
+        :cwe_id => [79]
     end
   end
@@ -31,7 +32,8 @@ class Brakeman::CheckJSONEntityEscape < Brakeman::BaseCheck
           :warning_code => :json_html_escape_module,
           :message => msg("HTML entities in JSON are not escaped by default"),
           :confidence => :medium,
-          :file => "config/environments/production.rb"
+          :file => "config/environments/production.rb",
+          :cwe_id => [79]
       end
     end
   end

data/lib/brakeman/checks/check_json_parsing.rb CHANGED Viewed

@@ -33,7 +33,8 @@ class Brakeman::CheckJSONParsing < Brakeman::BaseCheck
         :message => message,
         :confidence => :high,
         :gem_info => gem_info,
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/1h2DR63ViGo/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/1h2DR63ViGo/discussion",
+        :cwe_id => [74] # TODO: is this the best CWE for this?
     end
   end
@@ -98,7 +99,8 @@ class Brakeman::CheckJSONParsing < Brakeman::BaseCheck
       :message => message,
       :confidence => confidence,
       :gem_info => gemfile_or_environment(name),
-      :link => "https://groups.google.com/d/topic/rubyonrails-security/4_YvCpLzL58/discussion"
+      :link => "https://groups.google.com/d/topic/rubyonrails-security/4_YvCpLzL58/discussion",
+      :cwe_id => [74] # TODO: is this the best CWE for this?
   end
   def uses_json_parse?

data/lib/brakeman/checks/check_link_to.rb CHANGED Viewed

@@ -105,7 +105,8 @@ class Brakeman::CheckLinkTo < Brakeman::CheckCrossSiteScripting
       :message => message,
       :user_input => user_input,
       :confidence => confidence,
-      :link_path => "link_to"
+      :link_path => "link_to",
+      :cwe_id => [79]
     true
   end

data/lib/brakeman/checks/check_link_to_href.rb CHANGED Viewed

@@ -56,7 +56,8 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
           :message => message,
           :user_input => input,
           :confidence => :high,
-          :link_path => "link_to_href"
+          :link_path => "link_to_href",
+          :cwe_id => [79]
       end
     elsif not tracker.options[:ignore_model_output] and input = has_immediate_model?(url_arg)
       return if ignore_model_call? url_arg, input or duplicate? result
@@ -70,7 +71,8 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
         :message => message,
         :user_input => input,
         :confidence => :weak,
-        :link_path => "link_to_href"
+        :link_path => "link_to_href",
+        :cwe_id => [79]
     end
   end

data/lib/brakeman/checks/check_mail_to.rb CHANGED Viewed

@@ -25,7 +25,8 @@ class Brakeman::CheckMailTo < Brakeman::BaseCheck
         :message => message,
         :confidence => :high,
         :gem_info => gemfile_or_environment, # Probably ignored now
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/8CpI7egxX4E/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/8CpI7egxX4E/discussion",
+        :cwe_id => [79]
     end
   end

data/lib/brakeman/checks/check_mass_assignment.rb CHANGED Viewed

@@ -99,7 +99,8 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
         :message => "Unprotected mass assignment",
         :code => call,
         :user_input => input,
-        :confidence => confidence
+        :confidence => confidence,
+        :cwe_id => [915]
     end
     res
@@ -205,7 +206,8 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
       :warning_type => "Mass Assignment",
       :warning_code => :mass_assign_permit!,
       :message => msg('Specify exact keys allowed for mass assignment instead of using ', msg_code('permit!'), ' which allows any keys'),
-      :confidence => confidence
+      :confidence => confidence,
+      :cwe_id => [915]
   end
   def check_permit_all_parameters
@@ -217,7 +219,8 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
           :warning_type => "Mass Assignment",
           :warning_code => :mass_assign_permit_all,
           :message => msg('Mass assignment is globally enabled. Disable and specify exact keys using ', msg_code('params.permit'), ' instead'),
-          :confidence => :high
+          :confidence => :high,
+          :cwe_id => [915]
       end
     end
   end

data/lib/brakeman/checks/check_mime_type_dos.rb CHANGED Viewed

@@ -26,7 +26,8 @@ class Brakeman::CheckMimeTypeDoS < Brakeman::BaseCheck
       :message => message,
       :confidence => :medium,
       :gem_info => gemfile_or_environment,
-      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ"
+      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ",
+      :cwe_id => [399]
   end
   def has_workaround?

data/lib/brakeman/checks/check_model_attr_accessible.rb CHANGED Viewed

@@ -31,7 +31,8 @@ class Brakeman::CheckModelAttrAccessible < Brakeman::BaseCheck
               :warning_code => :dangerous_attr_accessible,
               :message => "Potentially dangerous attribute available for mass assignment",
               :confidence => confidence,
-              :code => Sexp.new(:lit, attribute)
+              :code => Sexp.new(:lit, attribute),
+              :cwe_id => [915]
             break # Prevent from matching single attr multiple times
           end
         end

data/lib/brakeman/checks/check_model_attributes.rb CHANGED Viewed

@@ -23,7 +23,8 @@ class Brakeman::CheckModelAttributes < Brakeman::BaseCheck
           :warning_type => "Attribute Restriction",
           :warning_code => :no_attr_accessible,
           :message => msg("Mass assignment is not restricted using ", msg_code("attr_accessible")),
-          :confidence => :high
+          :confidence => :high,
+          :cwe_id => [915] # TODO: Should this be mass assignment?
       elsif not tracker.options[:ignore_attr_protected]
         message, confidence, link = check_for_attr_protected_bypass
@@ -39,7 +40,8 @@ class Brakeman::CheckModelAttributes < Brakeman::BaseCheck
           :warning_type => "Attribute Restriction",
           :warning_code => warning_code,
           :message => message,
-          :confidence => confidence
+          :confidence => confidence,
+          :cwe_id => [915] # TODO: Should this be mass assignment?
       end
     end
   end

data/lib/brakeman/checks/check_model_serialize.rb CHANGED Viewed

@@ -61,7 +61,8 @@ class Brakeman::CheckModelSerialize < Brakeman::BaseCheck
         :confidence => confidence,
         :link => "https://groups.google.com/d/topic/rubyonrails-security/KtmwSbEpzrU/discussion",
         :file => model.file,
-        :line => model.top_line
+        :line => model.top_line,
+        :cwe_id => [502]
     end
   end
 end

data/lib/brakeman/checks/check_nested_attributes.rb CHANGED Viewed

@@ -24,7 +24,8 @@ class Brakeman::CheckNestedAttributes < Brakeman::BaseCheck
         :message => message,
         :confidence => :high,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/-fkT0yja_gw/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/-fkT0yja_gw/discussion",
+        :cwe_id => [20]
     end
   end