npm - @zerothreatai/vulnerability-registry - Versions diffs - 4.0.0 → 6.0.0 - Mend

@zerothreatai/vulnerability-registry 4.0.0 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (99) hide show

package/dist/categories/authentication.js +17 -17
package/dist/categories/configuration.js +80 -80
package/dist/categories/injection.js +34 -34
package/dist/categories/sensitive-paths.js +84 -84
package/dist/categories/ssrf.js +11 -11
package/dist/categories/xss.js +15 -15
package/dist/compliance-codes.d.ts +207 -0
package/dist/compliance-codes.js +213 -0
package/dist/compliances/gdpr.d.ts +2 -0
package/dist/compliances/gdpr.js +252 -0
package/dist/compliances/helpers.d.ts +6 -0
package/dist/compliances/helpers.js +11 -0
package/dist/compliances/hipaa.d.ts +2 -0
package/dist/compliances/hipaa.js +187 -0
package/dist/compliances/index.d.ts +5 -0
package/dist/compliances/index.js +5 -0
package/dist/compliances/owasp.d.ts +2 -0
package/dist/compliances/owasp.js +127 -0
package/dist/compliances/pci-dss.d.ts +2 -0
package/dist/compliances/pci-dss.js +260 -0
package/dist/compliances/sans-top-25.d.ts +2 -0
package/dist/compliances/sans-top-25.js +242 -0
package/dist/index.d.ts +7 -1
package/dist/index.js +7 -1
package/dist/types.d.ts +33 -0
package/dist/types.js +11 -1
package/dist-cjs/categories/authentication.js +17 -17
package/dist-cjs/categories/configuration.js +80 -80
package/dist-cjs/categories/injection.js +34 -34
package/dist-cjs/categories/sensitive-paths.js +84 -84
package/dist-cjs/categories/ssrf.js +11 -11
package/dist-cjs/categories/xss.js +15 -15
package/dist-cjs/compliance-codes.js +216 -0
package/dist-cjs/compliances/gdpr.js +255 -0
package/dist-cjs/compliances/helpers.js +19 -0
package/dist-cjs/compliances/hipaa.js +190 -0
package/dist-cjs/compliances/index.js +13 -0
package/dist-cjs/compliances/owasp.js +130 -0
package/dist-cjs/compliances/pci-dss.js +263 -0
package/dist-cjs/compliances/sans-top-25.js +245 -0
package/dist-cjs/index.js +12 -1
package/dist-cjs/types.js +12 -0
package/package.json +40 -32
package/scripts/assign-ids.ts +105 -0
package/scripts/check-duplicate-ids.ts +45 -0
package/src/categories/authentication.ts +17 -17
package/src/categories/configuration.ts +80 -80
package/src/categories/injection.ts +34 -34
package/src/categories/sensitive-paths.ts +84 -84
package/src/categories/ssrf.ts +11 -11
package/src/categories/xss.ts +15 -15
package/src/compliance-codes.ts +216 -0
package/src/compliances/README.md +82 -0
package/src/compliances/gdpr.ts +258 -0
package/src/compliances/helpers.ts +29 -0
package/src/compliances/hipaa.ts +193 -0
package/src/compliances/index.ts +5 -0
package/src/compliances/owasp.ts +133 -0
package/src/compliances/pci-dss.ts +266 -0
package/src/compliances/sans-top-25.ts +246 -0
package/src/id-registry.json +1235 -0
package/src/index.ts +12 -1
package/src/types.ts +40 -4
package/src/categories/authentication.d.ts +0 -8
package/src/categories/authentication.d.ts.map +0 -1
package/src/categories/authentication.js +0 -392
package/src/categories/authentication.js.map +0 -1
package/src/categories/configuration.d.ts +0 -8
package/src/categories/configuration.d.ts.map +0 -1
package/src/categories/configuration.js +0 -1782
package/src/categories/configuration.js.map +0 -1
package/src/categories/injection.d.ts +0 -8
package/src/categories/injection.d.ts.map +0 -1
package/src/categories/injection.js +0 -781
package/src/categories/injection.js.map +0 -1
package/src/categories/sensitive-paths.d.ts +0 -9
package/src/categories/sensitive-paths.d.ts.map +0 -1
package/src/categories/sensitive-paths.js +0 -1872
package/src/categories/sensitive-paths.js.map +0 -1
package/src/categories/ssrf.d.ts +0 -8
package/src/categories/ssrf.d.ts.map +0 -1
package/src/categories/ssrf.js +0 -258
package/src/categories/ssrf.js.map +0 -1
package/src/categories/xss.d.ts +0 -7
package/src/categories/xss.d.ts.map +0 -1
package/src/categories/xss.js +0 -340
package/src/categories/xss.js.map +0 -1
package/src/error-codes.d.ts +0 -280
package/src/error-codes.d.ts.map +0 -1
package/src/error-codes.js +0 -350
package/src/error-codes.js.map +0 -1
package/src/index.d.ts +0 -60
package/src/index.d.ts.map +0 -1
package/src/index.js +0 -92
package/src/index.js.map +0 -1
package/src/types.d.ts +0 -88
package/src/types.d.ts.map +0 -1
package/src/types.js +0 -6
package/src/types.js.map +0 -1

package/src/categories/sensitive-paths.js DELETED Viewed

@@ -1,1872 +0,0 @@
-/**
- * Vulnerability Registry - Sensitive Path Vulnerabilities
- *
- * Definitions for all sensitive path exposure vulnerabilities
- * detected by the sensitive-path-scout scanner.
- */
-import { VulnerabilityCode } from '../error-codes.js';
-export const SENSITIVE_PATH_VULNERABILITIES = {
-    // ========================================
-    // CRITICAL - CREDENTIAL EXPOSURE
-    // ========================================
-    [VulnerabilityCode.SENS_CRIT_AWS_CREDENTIALS]: {
-        id: 88,
-        code: VulnerabilityCode.SENS_CRIT_AWS_CREDENTIALS,
-        title: 'AWS Credentials Exposed',
-        description: 'AWS credentials file (.aws/credentials) is publicly accessible containing AWS Access Key ID and Secret Access Key, enabling complete access to AWS services including S3 buckets, EC2 instances, RDS databases, and all cloud resources associated with the compromised account.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.8,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-798', name: 'Hard-coded Credentials', url: 'https://cwe.mitre.org/data/definitions/798.html' },
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A07:2021', name: 'Identification and Authentication Failures', url: 'https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/' },
-        ],
-        remediation: 'Immediately rotate all exposed AWS credentials. Remove credentials from web-accessible paths. Use IAM roles for EC2 instances. Implement AWS Secrets Manager for credential storage.',
-    },
-    [VulnerabilityCode.SENS_CRIT_SSH_PRIVATE_KEY]: {
-        id: 89,
-        code: VulnerabilityCode.SENS_CRIT_SSH_PRIVATE_KEY,
-        title: 'SSH Private Key Exposed',
-        description: 'SSH private key file (id_rsa, id_ed25519) is publicly accessible, allowing attackers to authenticate to any system where the corresponding public key is authorized, potentially including production servers, databases, and version control systems.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.8,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-321', name: 'Hard-coded Cryptographic Key', url: 'https://cwe.mitre.org/data/definitions/321.html' },
-        ],
-        owasp: [
-            { id: 'A02:2021', name: 'Cryptographic Failures', url: 'https://owasp.org/Top10/A02_2021-Cryptographic_Failures/' },
-        ],
-        remediation: 'Immediately revoke and regenerate all SSH key pairs. Remove key files from web-accessible paths. Audit authorized_keys on all systems. Block access to .ssh directories in web server config.',
-    },
-    [VulnerabilityCode.SENS_CRIT_SSL_PRIVATE_KEY]: {
-        id: 90,
-        code: VulnerabilityCode.SENS_CRIT_SSL_PRIVATE_KEY,
-        title: 'SSL/TLS Private Key Exposed',
-        description: 'SSL/TLS private key file is publicly accessible, enabling attackers to decrypt all HTTPS traffic, perform man-in-the-middle attacks, and impersonate the server for phishing or credential theft operations against legitimate users.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'cryptographic',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.8,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-321', name: 'Hard-coded Cryptographic Key', url: 'https://cwe.mitre.org/data/definitions/321.html' },
-        ],
-        owasp: [
-            { id: 'A02:2021', name: 'Cryptographic Failures', url: 'https://owasp.org/Top10/A02_2021-Cryptographic_Failures/' },
-        ],
-        remediation: 'Immediately revoke the SSL certificate and generate new key pair. Remove private keys from web-accessible directories. Store keys outside webroot with restricted permissions.',
-    },
-    [VulnerabilityCode.SENS_CRIT_RAILS_MASTER_KEY]: {
-        id: 91,
-        code: VulnerabilityCode.SENS_CRIT_RAILS_MASTER_KEY,
-        title: 'Rails Master Key Exposed',
-        description: 'Rails master.key file is publicly accessible, allowing decryption of all Rails encrypted credentials including database passwords, API keys, and session secrets, enabling complete application compromise and access to all encrypted secrets.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.8,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-798', name: 'Hard-coded Credentials', url: 'https://cwe.mitre.org/data/definitions/798.html' },
-        ],
-        owasp: [
-            { id: 'A02:2021', name: 'Cryptographic Failures', url: 'https://owasp.org/Top10/A02_2021-Cryptographic_Failures/' },
-        ],
-        remediation: 'Regenerate Rails master key immediately. Rotate all credentials encrypted with the old key. Remove master.key from version control and web-accessible paths. Use environment variables.',
-    },
-    [VulnerabilityCode.SENS_CRIT_TERRAFORM_STATE]: {
-        id: 92,
-        code: VulnerabilityCode.SENS_CRIT_TERRAFORM_STATE,
-        title: 'Terraform State File Exposed',
-        description: 'Terraform state file (tfstate) is publicly accessible containing complete infrastructure configuration, resource IDs, IP addresses, and potentially sensitive outputs including database passwords and API keys stored in plain text.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.1,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove state files from web-accessible paths. Use remote state backends (S3, GCS, Azure) with encryption. Rotate any credentials found in state file. Enable state encryption.',
-    },
-    [VulnerabilityCode.SENS_CRIT_KUBE_CONFIG]: {
-        id: 93,
-        code: VulnerabilityCode.SENS_CRIT_KUBE_CONFIG,
-        title: 'Kubernetes Config Exposed',
-        description: 'Kubernetes kubeconfig file is publicly accessible containing cluster credentials, certificates, and tokens that allow full administrative access to Kubernetes clusters including ability to deploy, modify, and delete all workloads.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.8,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-798', name: 'Hard-coded Credentials', url: 'https://cwe.mitre.org/data/definitions/798.html' },
-        ],
-        owasp: [
-            { id: 'A07:2021', name: 'Identification and Authentication Failures', url: 'https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/' },
-        ],
-        remediation: 'Immediately revoke exposed service account tokens and certificates. Rotate cluster credentials. Remove config from web paths. Use RBAC with minimal permissions.',
-    },
-    [VulnerabilityCode.SENS_CRIT_VAULT_SECRET]: {
-        id: 94,
-        code: VulnerabilityCode.SENS_CRIT_VAULT_SECRET,
-        title: 'HashiCorp Vault Secret Exposed',
-        description: 'HashiCorp Vault secrets or root token exposed, providing access to the centralized secrets management system and all secrets stored within, potentially compromising hundreds of application credentials and encryption keys.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.8,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-798', name: 'Hard-coded Credentials', url: 'https://cwe.mitre.org/data/definitions/798.html' },
-        ],
-        owasp: [
-            { id: 'A07:2021', name: 'Identification and Authentication Failures', url: 'https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/' },
-        ],
-        remediation: 'Immediately revoke exposed Vault tokens. Rotate all secrets stored in Vault. Enable audit logging. Restrict Vault API access to internal networks only.',
-    },
-    // ========================================
-    // HIGH - SOURCE CODE & CONFIG EXPOSURE
-    // ========================================
-    [VulnerabilityCode.SENS_HIGH_GIT_EXPOSED]: {
-        id: 95,
-        code: VulnerabilityCode.SENS_HIGH_GIT_EXPOSED,
-        title: 'Git Repository Exposed',
-        description: 'Git repository metadata (.git/HEAD, .git/config) is publicly accessible, allowing attackers to download the complete repository including all source code, commit history, configuration files, and potentially credentials committed accidentally.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-538', name: 'Insertion of Sensitive Information into Externally-Accessible File or Directory', url: 'https://cwe.mitre.org/data/definitions/538.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Block access to .git directory in web server configuration. Remove .git from production deployments. Audit git history for accidentally committed secrets.',
-    },
-    [VulnerabilityCode.SENS_HIGH_ENV_FILE]: {
-        id: 96,
-        code: VulnerabilityCode.SENS_HIGH_ENV_FILE,
-        title: 'Environment File Exposed',
-        description: 'Environment configuration file (.env, .env.local, .env.production) is publicly accessible containing application secrets, database credentials, API keys, and other sensitive configuration that should never be exposed to end users.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 8.6,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-798', name: 'Hard-coded Credentials', url: 'https://cwe.mitre.org/data/definitions/798.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove .env files from web-accessible directories. Block access to dotfiles in web server config. Rotate all credentials found in exposed files. Use secrets management services.',
-    },
-    [VulnerabilityCode.SENS_HIGH_WORDPRESS_CONFIG]: {
-        id: 97,
-        code: VulnerabilityCode.SENS_HIGH_WORDPRESS_CONFIG,
-        title: 'WordPress Configuration File Exposed',
-        description: 'WordPress wp-config.php file is accessible and readable, exposing database credentials, authentication keys, salts, table prefix, and debug settings that allow complete compromise of the WordPress installation and underlying database.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 8.6,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Ensure PHP is properly configured to execute .php files rather than serve them as text. Move wp-config.php above the web root. Change database credentials immediately.',
-    },
-    [VulnerabilityCode.SENS_HIGH_SPRING_ACTUATOR]: {
-        id: 98,
-        code: VulnerabilityCode.SENS_HIGH_SPRING_ACTUATOR,
-        title: 'Spring Boot Actuator Endpoints Exposed',
-        description: 'Spring Boot Actuator management endpoints are publicly accessible without authentication, exposing application internals including environment variables, configuration properties, health status, thread dumps, and potentially enabling remote code execution through certain endpoints.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-            { id: 'CWE-215', name: 'Insertion of Sensitive Information Into Debugging Code', url: 'https://cwe.mitre.org/data/definitions/215.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Secure actuator endpoints with authentication. Disable sensitive endpoints in production. Use separate management port accessible only internally. Apply principle of least exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_SPRING_HEAPDUMP]: {
-        id: 99,
-        code: VulnerabilityCode.SENS_HIGH_SPRING_HEAPDUMP,
-        title: 'Spring Boot Heapdump Exposed',
-        description: 'Spring Boot Actuator heapdump endpoint is accessible allowing download of JVM heap memory containing sensitive runtime data including session tokens, passwords, encryption keys, personal data, and other secrets temporarily held in application memory.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.1,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Disable heapdump endpoint in production (management.endpoint.heapdump.enabled=false). Require authentication for all actuator endpoints. Invalidate all active sessions.',
-    },
-    [VulnerabilityCode.SENS_HIGH_PHPINFO]: {
-        id: 100,
-        code: VulnerabilityCode.SENS_HIGH_PHPINFO,
-        title: 'PHP Info Page Exposed',
-        description: 'PHP info page (phpinfo.php) is publicly accessible revealing complete server configuration including PHP version, loaded modules, environment variables, system paths, and potentially database connection strings that aid attackers in planning targeted attacks.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove phpinfo files from production servers. If needed for debugging, protect with authentication or IP restrictions. Delete all debug and test files before deployment.',
-    },
-    [VulnerabilityCode.SENS_HIGH_LARAVEL_DEBUG]: {
-        id: 101,
-        code: VulnerabilityCode.SENS_HIGH_LARAVEL_DEBUG,
-        title: 'Laravel Debug Mode Enabled',
-        description: 'Laravel application is running with debug mode enabled in production, exposing detailed stack traces, database queries, environment variables, and potentially the APP_KEY which can be used to decrypt session data and forge authenticated sessions.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-215', name: 'Insertion of Sensitive Information Into Debugging Code', url: 'https://cwe.mitre.org/data/definitions/215.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Set APP_DEBUG=false in production environment. Rotate APP_KEY if exposed. Implement proper error logging that does not expose internals to users.',
-    },
-    [VulnerabilityCode.SENS_HIGH_GRAPHQL_INTROSPECTION]: {
-        id: 102,
-        code: VulnerabilityCode.SENS_HIGH_GRAPHQL_INTROSPECTION,
-        title: 'GraphQL Introspection Enabled',
-        description: 'GraphQL API has introspection enabled in production, allowing attackers to query the complete schema including all types, queries, mutations, and fields, which reveals the entire API structure and aids in discovering sensitive operations and data access points.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Disable introspection in production (introspection: false in Apollo Server). Implement query depth limiting and complexity analysis. Use persisted queries.',
-    },
-    [VulnerabilityCode.SENS_HIGH_DATABASE_BACKUP]: {
-        id: 103,
-        code: VulnerabilityCode.SENS_HIGH_DATABASE_BACKUP,
-        title: 'Database Backup File Exposed',
-        description: 'Database backup or dump file (.sql, .dump, .bak) is publicly accessible containing complete database contents including user credentials, personal information, business data, and all other stored information enabling massive data breach.',
-        severity: 'critical',
-        levelId: 1,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 9.1,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N',
-            severity: 'CRITICAL',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Immediately remove backup files from web-accessible directories. Store backups in secure off-site locations. Notify affected users of potential data breach. Reset all user passwords.',
-    },
-    // ========================================
-    // MEDIUM - API & SERVICE EXPOSURE
-    // ========================================
-    [VulnerabilityCode.SENS_MED_SWAGGER_DOCS]: {
-        id: 104,
-        code: VulnerabilityCode.SENS_MED_SWAGGER_DOCS,
-        title: 'Swagger/OpenAPI Documentation Exposed',
-        description: 'API documentation (swagger.json, openapi.yaml) is publicly accessible revealing complete API structure including all endpoints, parameters, authentication methods, and data models which aids attackers in understanding and exploiting the API systematically.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Protect API documentation with authentication if it should be internal. Ensure publicly documented APIs have proper authorization. Remove internal endpoints from public docs.',
-    },
-    [VulnerabilityCode.SENS_MED_PROMETHEUS_METRICS]: {
-        id: 105,
-        code: VulnerabilityCode.SENS_MED_PROMETHEUS_METRICS,
-        title: 'Prometheus Metrics Endpoint Exposed',
-        description: 'Prometheus metrics endpoint (/metrics) is publicly accessible exposing application performance data, error rates, request patterns, resource usage, and potentially business metrics that reveal internal operations and aid in planning attacks.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Restrict metrics endpoint to internal network or Prometheus server IPs. Use separate port for metrics collection. Implement authentication if external access is required.',
-    },
-    [VulnerabilityCode.SENS_MED_ADMIN_PANEL]: {
-        id: 106,
-        code: VulnerabilityCode.SENS_MED_ADMIN_PANEL,
-        title: 'Admin Panel Publicly Accessible',
-        description: 'Administrative interface is accessible from the public internet without IP restrictions, enabling brute force attacks against admin credentials and exposing sensitive management functionality that should be restricted to internal networks only.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'access_control',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-306', name: 'Missing Authentication for Critical Function', url: 'https://cwe.mitre.org/data/definitions/306.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Restrict admin panel access to VPN or internal IP ranges. Implement strong multi-factor authentication. Use rate limiting and account lockout. Consider separate admin domain.',
-    },
-    [VulnerabilityCode.SENS_MED_SOURCE_MAP]: {
-        id: 107,
-        code: VulnerabilityCode.SENS_MED_SOURCE_MAP,
-        title: 'JavaScript Source Maps Exposed',
-        description: 'JavaScript source map files (.js.map) are publicly accessible allowing attackers to view original unminified source code including comments, variable names, internal logic, and potentially security-sensitive implementation details.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-540', name: 'Inclusion of Sensitive Information in Source Code', url: 'https://cwe.mitre.org/data/definitions/540.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Exclude source maps from production deployments. If required for error monitoring, upload to error tracking services privately. Block .map files in web server configuration.',
-    },
-    // ========================================
-    // EXTENDED SENSITIVE PATH EXPOSURES
-    // ========================================
-    [VulnerabilityCode.SENS_MED_UN_PROTECTED_CONFIG_JSON]: {
-        id: 203,
-        code: VulnerabilityCode.SENS_MED_UN_PROTECTED_CONFIG_JSON,
-        title: 'Un Protected Config JSON',
-        description: 'The application exposes un protected config json in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_WEB_SERVER_CONFIGURATION_FILE_DETECTED]: {
-        id: 109,
-        code: VulnerabilityCode.SENS_HIGH_WEB_SERVER_CONFIGURATION_FILE_DETECTED,
-        title: 'Web Server Configuration File Detected',
-        description: 'The application exposes web server configuration file detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_APPSETTINGS_JSON_EXPOSED]: {
-        id: 110,
-        code: VulnerabilityCode.SENS_HIGH_APPSETTINGS_JSON_EXPOSED,
-        title: 'Appsettings JSON Exposed',
-        description: 'The application exposes appsettings json exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_SPRING_CONFIG_EXPOSED]: {
-        id: 111,
-        code: VulnerabilityCode.SENS_HIGH_SPRING_CONFIG_EXPOSED,
-        title: 'Spring Config Exposed',
-        description: 'The application exposes spring config exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_NPMRC_EXPOSED]: {
-        id: 112,
-        code: VulnerabilityCode.SENS_HIGH_NPMRC_EXPOSED,
-        title: 'Npmrc Exposed',
-        description: 'The application exposes npmrc exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_TOML_PROJECT_FILE_EXPOSED]: {
-        id: 113,
-        code: VulnerabilityCode.SENS_LOW_TOML_PROJECT_FILE_EXPOSED,
-        title: 'TOML Project File Exposed',
-        description: 'The application exposes toml project file exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_RAILS_DATABASE_YML_EXPOSED]: {
-        id: 114,
-        code: VulnerabilityCode.SENS_HIGH_RAILS_DATABASE_YML_EXPOSED,
-        title: 'Rails Database YML Exposed',
-        description: 'The application exposes rails database yml exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_DRUPAL_SETTINGS_PHP_EXPOSED]: {
-        id: 115,
-        code: VulnerabilityCode.SENS_HIGH_DRUPAL_SETTINGS_PHP_EXPOSED,
-        title: 'Drupal Settings PHP Exposed',
-        description: 'The application exposes drupal settings php exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_MAGENTO_ENV_PHP_EXPOSED]: {
-        id: 116,
-        code: VulnerabilityCode.SENS_HIGH_MAGENTO_ENV_PHP_EXPOSED,
-        title: 'Magento Env PHP Exposed',
-        description: 'The application exposes magento env php exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_JOLOKIA_EXPOSED]: {
-        id: 117,
-        code: VulnerabilityCode.SENS_HIGH_JOLOKIA_EXPOSED,
-        title: 'Jolokia Exposed',
-        description: 'The application exposes jolokia exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_SVN_WORKING_COPY_DATABASE_EXPOSED]: {
-        id: 118,
-        code: VulnerabilityCode.SENS_HIGH_SVN_WORKING_COPY_DATABASE_EXPOSED,
-        title: 'SVN Working Copy Database Exposed',
-        description: 'The application exposes svn working copy database exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_SUBVERSION_REPOSITORY_DETECTED]: {
-        id: 119,
-        code: VulnerabilityCode.SENS_HIGH_SUBVERSION_REPOSITORY_DETECTED,
-        title: 'Subversion Repository Detected',
-        description: 'The application exposes subversion repository detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_MERCURIAL_REPOSITORY_FOUND]: {
-        id: 120,
-        code: VulnerabilityCode.SENS_MED_MERCURIAL_REPOSITORY_FOUND,
-        title: 'Mercurial Repository Found',
-        description: 'The application exposes mercurial repository found in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_MERCURIAL_HGRC_EXPOSED]: {
-        id: 121,
-        code: VulnerabilityCode.SENS_MED_MERCURIAL_HGRC_EXPOSED,
-        title: 'Mercurial Hgrc Exposed',
-        description: 'The application exposes mercurial hgrc exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_CVS_ROOT_EXPOSED]: {
-        id: 122,
-        code: VulnerabilityCode.SENS_MED_CVS_ROOT_EXPOSED,
-        title: 'CVS Root Exposed',
-        description: 'The application exposes cvs root exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_CVS_ENTRIES_EXPOSED]: {
-        id: 123,
-        code: VulnerabilityCode.SENS_MED_CVS_ENTRIES_EXPOSED,
-        title: 'CVS Entries Exposed',
-        description: 'The application exposes cvs entries exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_BAZAAR_REPO_EXPOSED]: {
-        id: 124,
-        code: VulnerabilityCode.SENS_MED_BAZAAR_REPO_EXPOSED,
-        title: 'Bazaar Repo Exposed',
-        description: 'The application exposes bazaar repo exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_SPRING_BOOT_THREAD_DUMP_EXPOSED]: {
-        id: 125,
-        code: VulnerabilityCode.SENS_HIGH_SPRING_BOOT_THREAD_DUMP_EXPOSED,
-        title: 'Spring Boot Thread Dump Exposed',
-        description: 'The application exposes spring boot thread dump exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_REDIS_RDB_DUMP_DETECTED]: {
-        id: 126,
-        code: VulnerabilityCode.SENS_HIGH_REDIS_RDB_DUMP_DETECTED,
-        title: 'Redis Rdb Dump Detected',
-        description: 'The application exposes redis rdb dump detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_ATLASSIAN_BITBUCKET_PIPELINES_CONFIGURATION_DETECTED]: {
-        id: 127,
-        code: VulnerabilityCode.SENS_LOW_ATLASSIAN_BITBUCKET_PIPELINES_CONFIGURATION_DETECTED,
-        title: 'Atlassian Bitbucket Pipelines Configuration Detected',
-        description: 'The application exposes atlassian bitbucket pipelines configuration detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_AZURE_PIPELINES_CONFIGURATION_DETECTED]: {
-        id: 128,
-        code: VulnerabilityCode.SENS_LOW_AZURE_PIPELINES_CONFIGURATION_DETECTED,
-        title: 'AZURE Pipelines Configuration Detected',
-        description: 'The application exposes azure pipelines configuration detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_AWS_CODE_BUILD_BUILDSPEC_DETECTED]: {
-        id: 129,
-        code: VulnerabilityCode.SENS_LOW_AWS_CODE_BUILD_BUILDSPEC_DETECTED,
-        title: 'AWS Code Build Buildspec Detected',
-        description: 'The application exposes aws code build buildspec detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_GITHUB_ACTIONS_WORKFLOW_DETECTED]: {
-        id: 130,
-        code: VulnerabilityCode.SENS_LOW_GITHUB_ACTIONS_WORKFLOW_DETECTED,
-        title: 'Github Actions Workflow Detected',
-        description: 'The application exposes github actions workflow detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_DOCKER_COMPOSE_CONFIGURATION_DETECTED]: {
-        id: 131,
-        code: VulnerabilityCode.SENS_MED_DOCKER_COMPOSE_CONFIGURATION_DETECTED,
-        title: 'Docker Compose Configuration Detected',
-        description: 'The application exposes docker compose configuration detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_TRACE_AXD]: {
-        id: 132,
-        code: VulnerabilityCode.SENS_HIGH_TRACE_AXD,
-        title: 'Trace Axd',
-        description: 'The application exposes trace axd in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_ELMAH_AXD_EXPOSED]: {
-        id: 133,
-        code: VulnerabilityCode.SENS_HIGH_ELMAH_AXD_EXPOSED,
-        title: 'Elmah Axd Exposed',
-        description: 'The application exposes elmah axd exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_LARAVEL_LOG_VIEWER_ENABLED]: {
-        id: 134,
-        code: VulnerabilityCode.SENS_MED_LARAVEL_LOG_VIEWER_ENABLED,
-        title: 'Laravel Log Viewer Enabled',
-        description: 'The application exposes laravel log viewer enabled in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_APACHE_HTACCESS_FILE_DETECTED]: {
-        id: 135,
-        code: VulnerabilityCode.SENS_MED_APACHE_HTACCESS_FILE_DETECTED,
-        title: 'Apache Htaccess File Detected',
-        description: 'The application exposes apache htaccess file detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_APACHE_SERVER_INFO_EXPOSED]: {
-        id: 136,
-        code: VulnerabilityCode.SENS_MED_APACHE_SERVER_INFO_EXPOSED,
-        title: 'Apache Server Info Exposed',
-        description: 'The application exposes apache server info exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_SQLITE_DATABASE_DETECTED]: {
-        id: 137,
-        code: VulnerabilityCode.SENS_HIGH_SQLITE_DATABASE_DETECTED,
-        title: 'Sqlite Database Detected',
-        description: 'The application exposes sqlite database detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_PACKAGE_DEPENDENCIES_DETECTED]: {
-        id: 138,
-        code: VulnerabilityCode.SENS_MED_PACKAGE_DEPENDENCIES_DETECTED,
-        title: 'Package Dependencies Detected',
-        description: 'The application exposes package dependencies detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_PHP_COMPOSER_DEPENDENCIES_DETECTED]: {
-        id: 139,
-        code: VulnerabilityCode.SENS_MED_PHP_COMPOSER_DEPENDENCIES_DETECTED,
-        title: 'PHP Composer Dependencies Detected',
-        description: 'The application exposes php composer dependencies detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_PYTHON_REQUIREMENTS_DETECTED]: {
-        id: 140,
-        code: VulnerabilityCode.SENS_LOW_PYTHON_REQUIREMENTS_DETECTED,
-        title: 'Python Requirements Detected',
-        description: 'The application exposes python requirements detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_AWS_CONFIG_EXPOSED]: {
-        id: 141,
-        code: VulnerabilityCode.SENS_HIGH_AWS_CONFIG_EXPOSED,
-        title: 'AWS Config Exposed',
-        description: 'The application exposes aws config exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_AZURE_CREDENTIALS_EXPOSED]: {
-        id: 142,
-        code: VulnerabilityCode.SENS_HIGH_AZURE_CREDENTIALS_EXPOSED,
-        title: 'AZURE Credentials Exposed',
-        description: 'The application exposes azure credentials exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_HELM_VALUES_EXPOSED]: {
-        id: 143,
-        code: VulnerabilityCode.SENS_HIGH_HELM_VALUES_EXPOSED,
-        title: 'Helm Values Exposed',
-        description: 'The application exposes helm values exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_SSH_PUBLIC_KEY_EXPOSED]: {
-        id: 144,
-        code: VulnerabilityCode.SENS_MED_SSH_PUBLIC_KEY_EXPOSED,
-        title: 'SSH Public Key Exposed',
-        description: 'The application exposes ssh public key exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_SSL_CERTIFICATE_EXPOSED]: {
-        id: 145,
-        code: VulnerabilityCode.SENS_MED_SSL_CERTIFICATE_EXPOSED,
-        title: 'SSL Certificate Exposed',
-        description: 'The application exposes ssl certificate exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_GRAPH_QL_ENDPOINT_EXPOSED]: {
-        id: 146,
-        code: VulnerabilityCode.SENS_MED_GRAPH_QL_ENDPOINT_EXPOSED,
-        title: 'Graph Ql Endpoint Exposed',
-        description: 'The application exposes graph ql endpoint exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_GRAPHI_QL_EXPOSED]: {
-        id: 147,
-        code: VulnerabilityCode.SENS_MED_GRAPHI_QL_EXPOSED,
-        title: 'Graphi Ql Exposed',
-        description: 'The application exposes graphi ql exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_TERRAFORM_LOCK_EXPOSED]: {
-        id: 148,
-        code: VulnerabilityCode.SENS_MED_TERRAFORM_LOCK_EXPOSED,
-        title: 'Terraform Lock Exposed',
-        description: 'The application exposes terraform lock exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_TERRAFORM_VARS_EXPOSED]: {
-        id: 149,
-        code: VulnerabilityCode.SENS_HIGH_TERRAFORM_VARS_EXPOSED,
-        title: 'Terraform Vars Exposed',
-        description: 'The application exposes terraform vars exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_ERROR_LOG_EXPOSED]: {
-        id: 150,
-        code: VulnerabilityCode.SENS_MED_ERROR_LOG_EXPOSED,
-        title: 'Error Log Exposed',
-        description: 'The application exposes error log exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_ACCESS_LOG_EXPOSED]: {
-        id: 151,
-        code: VulnerabilityCode.SENS_MED_ACCESS_LOG_EXPOSED,
-        title: 'Access Log Exposed',
-        description: 'The application exposes access log exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_DEBUG_LOG_EXPOSED]: {
-        id: 152,
-        code: VulnerabilityCode.SENS_MED_DEBUG_LOG_EXPOSED,
-        title: 'Debug Log Exposed',
-        description: 'The application exposes debug log exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_APPLICATION_LOG_EXPOSED]: {
-        id: 153,
-        code: VulnerabilityCode.SENS_MED_APPLICATION_LOG_EXPOSED,
-        title: 'Application Log Exposed',
-        description: 'The application exposes application log exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_LARAVEL_LOG_EXPOSED]: {
-        id: 154,
-        code: VulnerabilityCode.SENS_HIGH_LARAVEL_LOG_EXPOSED,
-        title: 'Laravel Log Exposed',
-        description: 'The application exposes laravel log exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_WORD_PRESS_DEBUG_LOG_EXPOSED]: {
-        id: 155,
-        code: VulnerabilityCode.SENS_HIGH_WORD_PRESS_DEBUG_LOG_EXPOSED,
-        title: 'Word Press Debug Log Exposed',
-        description: 'The application exposes word press debug log exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_ADMINER_EXPOSED]: {
-        id: 156,
-        code: VulnerabilityCode.SENS_HIGH_ADMINER_EXPOSED,
-        title: 'Adminer Exposed',
-        description: 'The application exposes adminer exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_WSDL_EXPOSED]: {
-        id: 157,
-        code: VulnerabilityCode.SENS_MED_WSDL_EXPOSED,
-        title: 'WSDL Exposed',
-        description: 'The application exposes wsdl exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_DEBUG_ENDPOINT_EXPOSED]: {
-        id: 158,
-        code: VulnerabilityCode.SENS_HIGH_DEBUG_ENDPOINT_EXPOSED,
-        title: 'Debug Endpoint Exposed',
-        description: 'The application exposes debug endpoint exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_GO_DEBUG_VARS_EXPOSED]: {
-        id: 159,
-        code: VulnerabilityCode.SENS_HIGH_GO_DEBUG_VARS_EXPOSED,
-        title: 'Go Debug Vars Exposed',
-        description: 'The application exposes go debug vars exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_GO_PPROF_EXPOSED]: {
-        id: 160,
-        code: VulnerabilityCode.SENS_HIGH_GO_PPROF_EXPOSED,
-        title: 'Go Pprof Exposed',
-        description: 'The application exposes go pprof exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_MED_WORD_PRESS_XML_RPC_EXPOSED]: {
-        id: 161,
-        code: VulnerabilityCode.SENS_MED_WORD_PRESS_XML_RPC_EXPOSED,
-        title: 'Word Press XML Rpc Exposed',
-        description: 'The application exposes word press xml rpc exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'medium',
-        levelId: 3,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 5.3,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'MEDIUM',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_TEST_ENDPOINT_EXPOSED]: {
-        id: 162,
-        code: VulnerabilityCode.SENS_LOW_TEST_ENDPOINT_EXPOSED,
-        title: 'Test Endpoint Exposed',
-        description: 'The application exposes test endpoint exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_STAGING_ENDPOINT_EXPOSED]: {
-        id: 163,
-        code: VulnerabilityCode.SENS_LOW_STAGING_ENDPOINT_EXPOSED,
-        title: 'Staging Endpoint Exposed',
-        description: 'The application exposes staging endpoint exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_EDITOR_BACKUP_FILE_DETECTED]: {
-        id: 164,
-        code: VulnerabilityCode.SENS_LOW_EDITOR_BACKUP_FILE_DETECTED,
-        title: 'Editor Backup File Detected',
-        description: 'The application exposes editor backup file detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_VIM_SWAP_FILE_DETECTED]: {
-        id: 165,
-        code: VulnerabilityCode.SENS_LOW_VIM_SWAP_FILE_DETECTED,
-        title: 'VIM Swap File Detected',
-        description: 'The application exposes vim swap file detected in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_DIRECTORY_LISTING_ENABLED]: {
-        id: 166,
-        code: VulnerabilityCode.SENS_LOW_DIRECTORY_LISTING_ENABLED,
-        title: 'Directory Listing Enabled',
-        description: 'The application exposes directory listing enabled in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_AZURE_STORAGE_CONFIG_EXPOSED]: {
-        id: 167,
-        code: VulnerabilityCode.SENS_HIGH_AZURE_STORAGE_CONFIG_EXPOSED,
-        title: 'AZURE Storage Config Exposed',
-        description: 'The application exposes azure storage config exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_HIGH_MONGO_RC_EXPOSED]: {
-        id: 168,
-        code: VulnerabilityCode.SENS_HIGH_MONGO_RC_EXPOSED,
-        title: 'Mongo Rc Exposed',
-        description: 'The application exposes mongo rc exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'high',
-        levelId: 2,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 7.5,
-            vector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
-            severity: 'HIGH',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_AWSSAM_TEMPLATE_EXPOSED]: {
-        id: 169,
-        code: VulnerabilityCode.SENS_LOW_AWSSAM_TEMPLATE_EXPOSED,
-        title: 'Awssam Template Exposed',
-        description: 'The application exposes awssam template exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_SERVERLESS_CONFIG_EXPOSED]: {
-        id: 170,
-        code: VulnerabilityCode.SENS_LOW_SERVERLESS_CONFIG_EXPOSED,
-        title: 'Serverless Config Exposed',
-        description: 'The application exposes serverless config exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-    [VulnerabilityCode.SENS_LOW_CLOUD_FORMATION_TEMPLATE_EXPOSED]: {
-        id: 171,
-        code: VulnerabilityCode.SENS_LOW_CLOUD_FORMATION_TEMPLATE_EXPOSED,
-        title: 'Cloud Formation Template Exposed',
-        description: 'The application exposes cloud formation template exposed in a web-accessible location, which can reveal sensitive configuration, credentials, or operational details and enable attackers to further compromise the system or pivot to other assets.',
-        severity: 'low',
-        levelId: 4,
-        category: 'information_disclosure',
-        scanner: 'sensitive-path-scout',
-        cvss: {
-            score: 3.7,
-            vector: 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N',
-            severity: 'LOW',
-        },
-        cwe: [
-            { id: 'CWE-200', name: 'Information Exposure', url: 'https://cwe.mitre.org/data/definitions/200.html' },
-        ],
-        owasp: [
-            { id: 'A05:2021', name: 'Security Misconfiguration', url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/' },
-        ],
-        remediation: 'Remove or restrict access to the exposed resource. Store sensitive data outside public web roots, enforce authentication/allowlists, and review deployment pipelines for accidental exposure.',
-    },
-};
-export default SENSITIVE_PATH_VULNERABILITIES;