RubyGems - brakeman - Versions diffs - 5.2.3 → 5.3.0 - Mend

brakeman 5.2.3 → 5.3.0

Files changed (141) hide show

data/lib/brakeman/checks/check_sanitize_config_cve.rb ADDED Viewed

@@ -0,0 +1,120 @@
+require 'brakeman/checks/base_check'
+class Brakeman::CheckSanitizeConfigCve < Brakeman::BaseCheck
+  Brakeman::Checks.add self
+  @description = "Checks for vunerable uses of sanitize (CVE-2022-32209)"
+  def run_check
+    @specific_warning = false
+    @gem_version = tracker.config.gem_version :'rails-html-sanitizer'
+    if version_between? "0.0.0", "1.4.3", @gem_version
+      check_config
+      check_sanitize_calls
+      check_safe_list_allowed_tags
+      unless @specific_warning
+        # General warning about the vulnerable version
+        cve_warning
+      end
+    end
+  end
+  def cve_warning confidence: :weak, result: nil
+    return if result and not original? result
+    message = msg(msg_version(@gem_version, 'rails-html-sanitizer'),
+                  " is vulnerable to cross-site scripting when ",
+                  msg_code('select'),
+                  " and ",
+                  msg_code("style"),
+                  " tags are allowed ",
+                  msg_cve("CVE-2022-32209")
+                 )
+    unless result
+      message << ". Upgrade to 1.4.3 or newer"
+    end
+    warn :warning_type => "Cross-Site Scripting",
+      :warning_code => :CVE_2022_32209,
+      :message => message,
+      :confidence => confidence,
+      :gem_info => gemfile_or_environment(:'rails-html-sanitizer'),
+      :link_path => "https://groups.google.com/g/rubyonrails-security/c/ce9PhUANQ6s/m/S0fJfnkmBAAJ",
+      :cwe_id => [79],
+      :result => result
+  end
+  # Look for
+  #   config.action_view.sanitized_allowed_tags = ["select", "style"]
+  def check_config
+    sanitizer_config = tracker.config.rails.dig(:action_view, :sanitized_allowed_tags)
+    if sanitizer_config and include_both_tags? sanitizer_config
+      @specific_warning = true
+      cve_warning confidence: :high
+    end
+  end
+  # Look for
+  #   sanitize ..., tags: ["select", "style"]
+  # and
+  #   Rails::Html::SafeListSanitizer.new.sanitize(..., tags: ["select", "style"])
+  def check_sanitize_calls
+    tracker.find_call(method: :sanitize, target: nil).each do |result|
+      check_tags_option result
+    end
+    tracker.find_call(method: :sanitize, target: :'Rails::Html::SafeListSanitizer.new').each do |result|
+      check_tags_option result
+    end
+  end
+  # Look for
+  #   Rails::Html::SafeListSanitizer.allowed_tags = ["select", "style"]
+  def check_safe_list_allowed_tags
+    tracker.find_call(target: :'Rails::Html::SafeListSanitizer', method: :allowed_tags=).each do |result|
+      check_result result, result[:call].first_arg
+    end
+  end
+  private
+  def check_tags_option result
+    options = result[:call].last_arg
+    if options
+      check_result result, hash_access(options, :tags)
+    end
+  end
+  def check_result result, arg
+    if include_both_tags? arg
+      @specific_warning = true
+      cve_warning confidence: :high, result: result
+    end
+  end
+  def include_both_tags? exp
+    return unless sexp? exp
+    has_tag? exp, 'select' and
+      has_tag? exp, 'style'
+  end
+  def has_tag? exp, tag
+    tag_sym = tag.to_sym
+    exp.each_sexp do |e|
+      if string? e and e.value == tag
+        return true
+      elsif symbol? e and e.value == tag_sym
+        return true
+      end
+    end
+    false
+  end
+end

data/lib/brakeman/checks/check_sanitize_methods.rb CHANGED Viewed

@@ -51,7 +51,8 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
         :warning_code => code,
         :message => message,
         :confidence => :high,
-        :link_path => link
+        :link_path => link,
+        :cwe_id => [79]
     end
   end
@@ -83,7 +84,8 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
         :message => message,
         :gem_info => gemfile_or_environment(:loofah),
         :confidence => confidence,
-        :link_path => "https://github.com/flavorjones/loofah/issues/144"
+        :link_path => "https://github.com/flavorjones/loofah/issues/144",
+        :cwe_id => [79]
     end
   end
@@ -108,6 +110,7 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
       :message => message,
       :gem_info => gemfile_or_environment(:'rails-html-sanitizer'),
       :confidence => confidence,
-      :link_path => link
+      :link_path => link,
+      :cwe_id => [79]
   end
 end

data/lib/brakeman/checks/check_secrets.rb CHANGED Viewed

@@ -27,7 +27,8 @@ class Brakeman::CheckSecrets < Brakeman::BaseCheck
             :message => msg("Hardcoded value for ", msg_code(name), " in source code"),
             :confidence => :medium,
             :file => constant.file,
-            :line => constant.line
+            :line => constant.line,
+            :cwe_id => [798]
         end
       end
     end

data/lib/brakeman/checks/check_select_tag.rb CHANGED Viewed

@@ -52,7 +52,8 @@ class Brakeman::CheckSelectTag < Brakeman::BaseCheck
           :message => @message,
           :confidence => :high,
           :user_input => input,
-          :link_path => "https://groups.google.com/d/topic/rubyonrails-security/fV3QUToSMSw/discussion"
+          :link_path => "https://groups.google.com/d/topic/rubyonrails-security/fV3QUToSMSw/discussion",
+          :cwe_id => [79]
       end
     end
   end

data/lib/brakeman/checks/check_select_vulnerability.rb CHANGED Viewed

@@ -54,7 +54,8 @@ class Brakeman::CheckSelectVulnerability < Brakeman::BaseCheck
           :warning_code => :select_options_vuln,
           :result => result,
           :message => @message,
-          :confidence => confidence
+          :confidence => confidence,
+          :cwe_id => [79]
     end
   end
 end

data/lib/brakeman/checks/check_send.rb CHANGED Viewed

@@ -29,7 +29,8 @@ class Brakeman::CheckSend < Brakeman::BaseCheck
         :warning_code => :dangerous_send,
         :message => "User controlled method execution",
         :user_input => input,
-        :confidence => :high
+        :confidence => :high,
+        :cwe_id => [77]
     end
   end

data/lib/brakeman/checks/check_session_manipulation.rb CHANGED Viewed

@@ -28,7 +28,8 @@ class Brakeman::CheckSessionManipulation < Brakeman::BaseCheck
         :warning_code => :session_key_manipulation,
         :message => msg(msg_input(input), " used as key in session hash"),
         :user_input => input,
-        :confidence => confidence
+        :confidence => confidence,
+        :cwe_id => [20] # TODO: what cwe should this be? it seems like it's looking for authz bypass
     end
   end
 end

data/lib/brakeman/checks/check_session_settings.rb CHANGED Viewed

@@ -142,7 +142,8 @@ class Brakeman::CheckSessionSettings < Brakeman::BaseCheck
       :message => "Session cookies should be set to HTTP only",
       :confidence => :high,
       :line => line,
-      :file => file
+      :file => file,
+      :cwe_id => [1004]
   end
@@ -152,7 +153,8 @@ class Brakeman::CheckSessionSettings < Brakeman::BaseCheck
       :message => "Session secret should not be included in version control",
       :confidence => :high,
       :line => line,
-      :file => file
+      :file => file,
+      :cwe_id => [798]
   end
   def warn_about_secure_only line, file
@@ -161,7 +163,8 @@ class Brakeman::CheckSessionSettings < Brakeman::BaseCheck
       :message => "Session cookie should be set to secure only",
       :confidence => :high,
       :line => line,
-      :file => file
+      :file => file,
+      :cwe_id => [614]
   end
   def ignored? file

data/lib/brakeman/checks/check_simple_format.rb CHANGED Viewed

@@ -28,7 +28,8 @@ class Brakeman::CheckSimpleFormat < Brakeman::CheckCrossSiteScripting
       :message => message,
       :confidence => :medium,
       :gem_info => gemfile_or_environment,
-      :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ"
+      :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ",
+      :cwe_id => [79]
   end
   def check_simple_format_usage
@@ -58,6 +59,7 @@ class Brakeman::CheckSimpleFormat < Brakeman::CheckCrossSiteScripting
       :message => msg("Values passed to ", msg_code("simple_format"), " are not safe in ", msg_version(rails_version)),
       :confidence => :high,
       :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ",
-      :user_input => match
+      :user_input => match,
+      :cwe_id => [79]
   end
 end

data/lib/brakeman/checks/check_single_quotes.rb CHANGED Viewed

@@ -38,7 +38,8 @@ class Brakeman::CheckSingleQuotes < Brakeman::BaseCheck
       :message => message,
       :confidence => :medium,
       :gem_info => gemfile_or_environment,
-      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/kKGNeMrnmiY/discussion"
+      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/kKGNeMrnmiY/discussion",
+      :cwe_id => [79]
   end
   #Process initializers to see if they use workaround

data/lib/brakeman/checks/check_skip_before_filter.rb CHANGED Viewed

@@ -29,7 +29,8 @@ class Brakeman::CheckSkipBeforeFilter < Brakeman::BaseCheck
         :message => msg("List specific actions (", msg_code(":only => [..]"), ") when skipping CSRF check"),
         :code => filter,
         :confidence => :medium,
-        :file => controller.file
+        :file => controller.file,
+        :cwe_id => [352]
     when :login_required, :authenticate_user!, :require_user
       warn :controller => controller.name,
@@ -39,7 +40,8 @@ class Brakeman::CheckSkipBeforeFilter < Brakeman::BaseCheck
         :code => filter,
         :confidence => :medium,
         :link_path => "authentication_whitelist",
-        :file => controller.file
+        :file => controller.file,
+        :cwe_id => [287]
     end
   end

data/lib/brakeman/checks/check_sprockets_path_traversal.rb CHANGED Viewed

@@ -30,7 +30,8 @@ class Brakeman::CheckSprocketsPathTraversal < Brakeman::BaseCheck
       :message => message,
       :confidence => confidence,
       :gem_info => gemfile_or_environment(:sprockets),
-      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ"
+      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ",
+      :cwe_id => [22, 200]
   end
   def has_workaround?

data/lib/brakeman/checks/check_sql.rb CHANGED Viewed

@@ -247,7 +247,8 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
         :warning_code => :sql_injection,
         :message => "Possible SQL injection",
         :user_input => user_input,
-        :confidence => confidence
+        :confidence => confidence,
+        :cwe_id => [89]
     end
     if check_for_limit_or_offset_vulnerability call.last_arg
@@ -261,7 +262,8 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
         :warning_type => "SQL Injection",
         :warning_code => :sql_injection_limit_offset,
         :message => msg("Upgrade to Rails >= 2.1.2 to escape ", msg_code(":limit"), " and ", msg_code("offset"), ". Possible SQL injection"),
-        :confidence => confidence
+        :confidence => confidence,
+        :cwe_id => [89]
     end
   end

data/lib/brakeman/checks/check_sql_cves.rb CHANGED Viewed

@@ -81,7 +81,8 @@ class Brakeman::CheckSQLCVEs < Brakeman::BaseCheck
       :message => msg(msg_version(rails_version), " contains a SQL injection vulnerability ", msg_cve(cve), ". Upgrade to ", msg_version(upgrade_version)),
       :confidence => :high,
       :gem_info => gemfile_or_environment,
-      :link_path => link
+      :link_path => link,
+      :cwe_id => [89]
   end
   def upgrade_version? versions
@@ -101,6 +102,7 @@ class Brakeman::CheckSQLCVEs < Brakeman::BaseCheck
       :message => msg(msg_version(rails_version), " contains a SQL injection vulnerability ", msg_cve("CVE-2014-0080"), " with PostgreSQL. Upgrade to ", msg_version("4.0.3")),
       :confidence => :high,
       :gem_info => gemfile_or_environment(:pg),
-      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ"
+      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ",
+      :cwe_id => [89]
   end
 end

data/lib/brakeman/checks/check_ssl_verify.rb CHANGED Viewed

@@ -43,6 +43,7 @@ class Brakeman::CheckSSLVerify < Brakeman::BaseCheck
       :warning_type => "SSL Verification Bypass",
       :warning_code => :ssl_verification_bypass,
       :message => "SSL certificate verification was bypassed",
-      :confidence => :high
+      :confidence => :high,
+      :cwe_id => [295]
   end
 end

data/lib/brakeman/checks/check_strip_tags.rb CHANGED Viewed

@@ -35,7 +35,8 @@ class Brakeman::CheckStripTags < Brakeman::BaseCheck
         :message => message,
         :gem_info => gemfile_or_environment,
         :confidence => :high,
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/K5EwdJt06hI/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/K5EwdJt06hI/discussion",
+        :cwe_id => [79]
     end
   end
@@ -60,7 +61,8 @@ class Brakeman::CheckStripTags < Brakeman::BaseCheck
       :message => message,
       :confidence => :high,
       :gem_info => gemfile_or_environment,
-      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/FgVEtBajcTY/discussion"
+      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/FgVEtBajcTY/discussion",
+      :cwe_id => [79]
   end
   def cve_2015_7579
@@ -78,7 +80,8 @@ class Brakeman::CheckStripTags < Brakeman::BaseCheck
         :message => message,
         :confidence => confidence,
         :gem_info => gemfile_or_environment(:"rails-html-sanitizer"),
-        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/OU9ugTZcbjc/PjEP46pbFQAJ"
+        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/OU9ugTZcbjc/PjEP46pbFQAJ",
+        :cwe_id => [79]
     end
   end

data/lib/brakeman/checks/check_symbol_dos.rb CHANGED Viewed

@@ -45,7 +45,8 @@ class Brakeman::CheckSymbolDoS < Brakeman::BaseCheck
         :warning_code => :unsafe_symbol_creation,
         :message => message,
         :user_input => input,
-        :confidence => confidence
+        :confidence => confidence,
+        :cwe_id => [20]
     end
   end

data/lib/brakeman/checks/check_symbol_dos_cve.rb CHANGED Viewed

@@ -23,7 +23,8 @@ class Brakeman::CheckSymbolDoSCVE < Brakeman::BaseCheck
         :message => msg(msg_version(rails_version), " has a denial of service vulnerability in ActiveRecord. Upgrade to ", msg_version(fix_version), " or patch"),
         :confidence => :medium,
         :gem_info => gemfile_or_environment,
-        :link => "https://groups.google.com/d/msg/rubyonrails-security/jgJ4cjjS8FE/BGbHRxnDRTIJ"
+        :link => "https://groups.google.com/d/msg/rubyonrails-security/jgJ4cjjS8FE/BGbHRxnDRTIJ",
+        :cwe_id => [20]
     end
   end
 end

data/lib/brakeman/checks/check_template_injection.rb CHANGED Viewed

@@ -26,7 +26,8 @@ class Brakeman::CheckTemplateInjection < Brakeman::BaseCheck
         :warning_code => :erb_template_injection,
         :message => msg(msg_input(input), " used directly in ", msg_code("ERB"), " template, which might enable remote code execution"),
         :user_input => input,
-        :confidence => :high
+        :confidence => :high,
+        :cwe_id => [1336]
     end
   end
 end

data/lib/brakeman/checks/check_translate_bug.rb CHANGED Viewed

@@ -33,7 +33,8 @@ class Brakeman::CheckTranslateBug < Brakeman::BaseCheck
         :message => message,
         :confidence => confidence,
         :gem_info => gemfile_or_environment,
-        :link_path => "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b61d70fb73c7cc5"
+        :link_path => "http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b61d70fb73c7cc5",
+        :cwe_id => [79]
     end
   end

data/lib/brakeman/checks/check_unsafe_reflection.rb CHANGED Viewed

@@ -49,7 +49,8 @@ class Brakeman::CheckUnsafeReflection < Brakeman::BaseCheck
         :warning_code => :unsafe_constantize,
         :message => message,
         :user_input => input,
-        :confidence => confidence
+        :confidence => confidence,
+        :cwe_id => [470]
     end
   end
 end

data/lib/brakeman/checks/check_unsafe_reflection_methods.rb CHANGED Viewed

@@ -63,6 +63,7 @@ class Brakeman::CheckUnsafeReflectionMethods < Brakeman::BaseCheck
       :warning_code => :unsafe_method_reflection,
       :message => message,
       :user_input => input,
-      :confidence => confidence
+      :confidence => confidence,
+      :cwe_id => [470]
   end
 end

data/lib/brakeman/checks/check_unscoped_find.rb CHANGED Viewed

@@ -40,7 +40,8 @@ class Brakeman::CheckUnscopedFind < Brakeman::BaseCheck
       :message      => msg("Unscoped call to ", msg_code("#{result[:target]}##{result[:method]}")),
       :code         => result[:call],
       :confidence   => :weak,
-      :user_input   => input
+      :user_input   => input,
+      :cwe_id => [285]
   end
   def optional_belongs_to? exp

data/lib/brakeman/checks/check_validation_regex.rb CHANGED Viewed

@@ -91,7 +91,8 @@ class Brakeman::CheckValidationRegex < Brakeman::BaseCheck
       :warning_code => :validation_regex,
       :message => msg("Insufficient validation for ", msg_code(get_name validator), " using ", msg_code(regex.inspect), ". Use ", msg_code("\\A"), " and ", msg_code("\\z"), " as anchors"),
       :line => value.line,
-      :confidence => :high
+      :confidence => :high,
+      :cwe_id => [777]
     end
   end

data/lib/brakeman/checks/check_verb_confusion.rb CHANGED Viewed

@@ -70,6 +70,7 @@ class Brakeman::CheckVerbConfusion < Brakeman::BaseCheck
       :message => message,
       :code => code,
       :user_input => result[:call],
-      :confidence => confidence
+      :confidence => confidence,
+      :cwe_id => [352]
   end
 end

data/lib/brakeman/checks/check_weak_hash.rb CHANGED Viewed

@@ -53,7 +53,8 @@ class Brakeman::CheckWeakHash < Brakeman::BaseCheck
       :warning_code => :weak_hash_digest,
       :message => message,
       :confidence => confidence,
-      :user_input => input
+      :user_input => input,
+      :cwe_id => [328]
   end
   def process_hmac_result result
@@ -74,7 +75,8 @@ class Brakeman::CheckWeakHash < Brakeman::BaseCheck
       :warning_type => "Weak Hash",
       :warning_code => :weak_hash_hmac,
       :message => message,
-      :confidence => :medium
+      :confidence => :medium,
+      :cwe_id => [328]
   end
   def process_openssl_result result
@@ -90,7 +92,8 @@ class Brakeman::CheckWeakHash < Brakeman::BaseCheck
           :warning_type => "Weak Hash",
           :warning_code => :weak_hash_digest,
           :message => msg("Weak hashing algorithm used: ", msg_lit(alg)),
-          :confidence => :medium
+          :confidence => :medium,
+          :cwe_id => [328]
       end
     end
   end

data/lib/brakeman/checks/check_without_protection.rb CHANGED Viewed

@@ -55,7 +55,8 @@ class Brakeman::CheckWithoutProtection < Brakeman::BaseCheck
             :message => "Unprotected mass assignment",
             :code => call,
             :user_input => input,
-            :confidence => confidence
+            :confidence => confidence,
+            :cwe_id => [915]
         end
       end

data/lib/brakeman/checks/check_xml_dos.rb CHANGED Viewed

@@ -30,7 +30,8 @@ class Brakeman::CheckXMLDoS < Brakeman::BaseCheck
       :message => message,
       :confidence => :medium,
       :gem_info => gemfile_or_environment,
-      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J"
+      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J",
+      :cwe_id => [125]
   end
   def has_workaround?

data/lib/brakeman/checks/check_yaml_parsing.rb CHANGED Viewed

@@ -29,7 +29,8 @@ class Brakeman::CheckYAMLParsing < Brakeman::BaseCheck
         :message => message,
         :confidence => :high,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/61bkgvnSGTQ/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/61bkgvnSGTQ/discussion",
+        :cwe_id => [20]
     end
     #Warn if app accepts YAML
@@ -41,7 +42,8 @@ class Brakeman::CheckYAMLParsing < Brakeman::BaseCheck
         :message => message,
         :confidence => :high,
         :gem_info => gemfile_or_environment,
-        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/61bkgvnSGTQ/discussion"
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/61bkgvnSGTQ/discussion",
+        :cwe_id => [20]
     end
   end

data/lib/brakeman/checks/eol_check.rb CHANGED Viewed

@@ -34,7 +34,8 @@ class Brakeman::EOLCheck < Brakeman::BaseCheck
       warning_code: :"pending_eol_#{library}",
       message: msg("Support for ", msg_version(version, library.capitalize), " ends on #{eol_date}"),
       confidence: confidence,
-      gem_info: gemfile_or_environment
+      gem_info: gemfile_or_environment,
+      :cwe_id => [1104]
   end
   def warn_about_unsupported_version library, eol_date, version
@@ -42,6 +43,7 @@ class Brakeman::EOLCheck < Brakeman::BaseCheck
       warning_code: :"eol_#{library}",
       message: msg("Support for ", msg_version(version, library.capitalize), " ended on #{eol_date}"),
       confidence: :high,
-      gem_info: gemfile_or_environment
+      gem_info: gemfile_or_environment,
+      :cwe_id => [1104]
   end
 end

data/lib/brakeman/options.rb CHANGED Viewed

@@ -323,7 +323,7 @@ module Brakeman::Options
         end
         opts.on "--text-fields field1,field2,etc.", Array, "Specify fields for text report format" do |format|
-          valid_options = [:category, :category_id, :check, :code, :confidence, :file, :fingerprint, :line, :link, :message, :render_path]
+          valid_options = [:category, :category_id, :check, :code, :confidence, :cwe, :file, :fingerprint, :line, :link, :message, :render_path]
           options[:text_fields] = format.map(&:to_sym)

data/lib/brakeman/processors/lib/find_all_calls.rb CHANGED Viewed

@@ -233,6 +233,7 @@ class Brakeman::FindAllCalls < Brakeman::BasicProcessor
     unless @in_target
       @full_call = call_hash
+      call_hash[:full_call] = call_hash
     end
     # Process up the call chain

data/lib/brakeman/report/report_csv.rb CHANGED Viewed

@@ -5,6 +5,7 @@ class Brakeman::Report::CSV < Brakeman::Report::Base
     headers = [
       "Confidence",
       "Warning Type",
+      "CWE",
       "File",
       "Line",
       "Message",
@@ -35,6 +36,7 @@ class Brakeman::Report::CSV < Brakeman::Report::Base
     [
       warning.confidence_name,
       warning.warning_type,
+      warning.cwe_id.first,
       warning_file(warning),
       warning.line,
       warning.message,

data/lib/brakeman/report/report_junit.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 require 'time'
-require "stringio"
-require 'rexml/document'
+require 'stringio'
+Brakeman.load_brakeman_dependency 'rexml/document'
 class Brakeman::Report::JUnit < Brakeman::Report::Base
   def generate_report