@zerothreatai/vulnerability-registry 9.0.2 → 9.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/categories/authentication.d.ts +2 -2
- package/dist/categories/authentication.js +17 -17
- package/dist/categories/configuration.d.ts +2 -2
- package/dist/categories/configuration.js +42 -42
- package/dist/categories/injection.d.ts +2 -2
- package/dist/categories/injection.js +34 -34
- package/dist/categories/sensitive-paths.d.ts +2 -2
- package/dist/categories/sensitive-paths.js +533 -0
- package/dist/categories/ssrf.d.ts +2 -2
- package/dist/categories/ssrf.js +11 -11
- package/dist/categories/xss.d.ts +2 -2
- package/dist/categories/xss.js +15 -15
- package/dist/compliances/gdpr.d.ts +1 -1
- package/dist/compliances/gdpr.js +2 -2
- package/dist/compliances/hipaa.d.ts +1 -1
- package/dist/compliances/hipaa.js +2 -2
- package/dist/compliances/iso27001.d.ts +1 -1
- package/dist/compliances/iso27001.js +2 -2
- package/dist/compliances/owasp.d.ts +1 -1
- package/dist/compliances/owasp.js +2 -2
- package/dist/compliances/pci-dss.d.ts +1 -1
- package/dist/compliances/pci-dss.js +2 -2
- package/dist/compliances/sans-top-25.d.ts +1 -1
- package/dist/compliances/sans-top-25.js +2 -2
- package/dist/registry.d.ts +0 -4
- package/dist/registry.js +58 -2
- package/dist/types.d.ts +5 -0
- package/dist-cjs/categories/authentication.js +17 -17
- package/dist-cjs/categories/configuration.js +42 -42
- package/dist-cjs/categories/injection.js +34 -34
- package/dist-cjs/categories/sensitive-paths.js +533 -0
- package/dist-cjs/categories/ssrf.js +11 -11
- package/dist-cjs/categories/xss.js +15 -15
- package/dist-cjs/compliances/gdpr.js +74 -74
- package/dist-cjs/compliances/hipaa.js +53 -53
- package/dist-cjs/compliances/iso27001.js +20 -20
- package/dist-cjs/compliances/owasp.js +32 -32
- package/dist-cjs/compliances/pci-dss.js +77 -77
- package/dist-cjs/compliances/sans-top-25.js +77 -77
- package/dist-cjs/registry.js +58 -2
- package/package.json +6 -1
- package/src/categories/authentication.ts +19 -19
- package/src/categories/configuration.ts +44 -44
- package/src/categories/injection.ts +36 -36
- package/src/categories/sensitive-paths.ts +569 -12
- package/src/categories/ssrf.ts +13 -13
- package/src/categories/xss.ts +17 -17
- package/src/compliances/gdpr.ts +2 -2
- package/src/compliances/hipaa.ts +2 -2
- package/src/compliances/iso27001.ts +2 -2
- package/src/compliances/owasp.ts +2 -2
- package/src/compliances/pci-dss.ts +2 -2
- package/src/compliances/sans-top-25.ts +2 -2
- package/src/registry.ts +73 -8
- package/src/types.ts +11 -5
|
@@ -3,6 +3,6 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Definitions for JWT, Broken Access Control, and related issues
|
|
5
5
|
*/
|
|
6
|
-
import type {
|
|
7
|
-
export declare const AUTH_VULNERABILITIES: Record<string,
|
|
6
|
+
import type { VulnerabilityDefinitionInput } from '../types.js';
|
|
7
|
+
export declare const AUTH_VULNERABILITIES: Record<string, VulnerabilityDefinitionInput>;
|
|
8
8
|
export default AUTH_VULNERABILITIES;
|
|
@@ -11,7 +11,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
11
11
|
[VulnerabilityCode.JWT_NONE_ALGORITHM]: {
|
|
12
12
|
id: 100,
|
|
13
13
|
code: VulnerabilityCode.JWT_NONE_ALGORITHM,
|
|
14
|
-
title: 'JWT
|
|
14
|
+
title: 'JWT None Algorithm Attack',
|
|
15
15
|
description: 'Critical JWT vulnerability where the server accepts tokens with "alg": "none" in the header, allowing attackers to forge valid tokens without knowing the secret key by simply removing the signature and modifying claims to impersonate any user including administrators.',
|
|
16
16
|
severity: 'critical',
|
|
17
17
|
levelId: 1,
|
|
@@ -33,7 +33,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
33
33
|
[VulnerabilityCode.JWT_WEAK_SECRET]: {
|
|
34
34
|
id: 101,
|
|
35
35
|
code: VulnerabilityCode.JWT_WEAK_SECRET,
|
|
36
|
-
title: 'JWT
|
|
36
|
+
title: 'JWT Weak Secret Key',
|
|
37
37
|
description: 'JWT implementation using a weak or common secret key for HMAC signature verification that can be brute-forced or found in common secret dictionaries, allowing attackers to forge arbitrary valid tokens and bypass authentication to access any user account.',
|
|
38
38
|
severity: 'high',
|
|
39
39
|
levelId: 2,
|
|
@@ -55,7 +55,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
55
55
|
[VulnerabilityCode.JWT_KEY_CONFUSION]: {
|
|
56
56
|
id: 102,
|
|
57
57
|
code: VulnerabilityCode.JWT_KEY_CONFUSION,
|
|
58
|
-
title: 'JWT
|
|
58
|
+
title: 'JWT Algorithm Confusion Attack',
|
|
59
59
|
description: 'JWT key confusion vulnerability where the server public key can be used as an HMAC secret by switching the algorithm from RS256 to HS256, allowing attackers to forge valid tokens using the publicly available key to generate valid HMAC signatures.',
|
|
60
60
|
severity: 'critical',
|
|
61
61
|
levelId: 1,
|
|
@@ -80,7 +80,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
80
80
|
[VulnerabilityCode.BAC_ANONYMOUS_ACCESS]: {
|
|
81
81
|
id: 103,
|
|
82
82
|
code: VulnerabilityCode.BAC_ANONYMOUS_ACCESS,
|
|
83
|
-
title: '
|
|
83
|
+
title: 'Anonymous Access',
|
|
84
84
|
description: 'Critical broken access control vulnerability where authenticated endpoints can be accessed without any authentication by simply removing auth headers or cookies, exposing sensitive functionality and data to unauthenticated attackers without any credential requirement.',
|
|
85
85
|
severity: 'high',
|
|
86
86
|
levelId: 2,
|
|
@@ -102,7 +102,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
102
102
|
[VulnerabilityCode.BAC_IDOR]: {
|
|
103
103
|
id: 104,
|
|
104
104
|
code: VulnerabilityCode.BAC_IDOR,
|
|
105
|
-
title: 'Broken Access
|
|
105
|
+
title: 'Broken Access Insecure Direct Object Reference',
|
|
106
106
|
description: 'IDOR vulnerability where users can access or modify resources belonging to other users by manipulating predictable identifiers like sequential IDs in URLs or request parameters, without proper authorization checks verifying resource ownership.',
|
|
107
107
|
severity: 'high',
|
|
108
108
|
levelId: 2,
|
|
@@ -124,7 +124,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
124
124
|
[VulnerabilityCode.BAC_VERTICAL_PRIVILEGE]: {
|
|
125
125
|
id: 105,
|
|
126
126
|
code: VulnerabilityCode.BAC_VERTICAL_PRIVILEGE,
|
|
127
|
-
title: 'Broken Access
|
|
127
|
+
title: 'Broken Access Vertical Privilege Escalation',
|
|
128
128
|
description: 'Vertical privilege escalation vulnerability allowing regular users to access or perform administrative functions by directly accessing admin endpoints or manipulating role/permission parameters, bypassing role-based access controls to gain elevated privileges.',
|
|
129
129
|
severity: 'critical',
|
|
130
130
|
levelId: 1,
|
|
@@ -149,7 +149,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
149
149
|
[VulnerabilityCode.MASSASSIGN_ROLE_ESCALATION]: {
|
|
150
150
|
id: 106,
|
|
151
151
|
code: VulnerabilityCode.MASSASSIGN_ROLE_ESCALATION,
|
|
152
|
-
title: 'Mass Assignment
|
|
152
|
+
title: 'Mass Assignment Role Escalation',
|
|
153
153
|
description: 'Mass assignment vulnerability allowing attackers to escalate privileges by including additional parameters like "role", "isAdmin", or "permissions" in requests that the application binds to user objects without proper allowlist filtering of settable fields.',
|
|
154
154
|
severity: 'high',
|
|
155
155
|
levelId: 2,
|
|
@@ -171,7 +171,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
171
171
|
[VulnerabilityCode.MASSASSIGN_PROTOTYPE_POLLUTION]: {
|
|
172
172
|
id: 107,
|
|
173
173
|
code: VulnerabilityCode.MASSASSIGN_PROTOTYPE_POLLUTION,
|
|
174
|
-
title: 'Mass Assignment
|
|
174
|
+
title: 'Mass Assignment Prototype Pollution',
|
|
175
175
|
description: 'JavaScript prototype pollution vulnerability through mass assignment where attackers inject __proto__ or constructor.prototype properties that modify the Object prototype globally, potentially leading to denial of service, security bypass, or remote code execution.',
|
|
176
176
|
severity: 'high',
|
|
177
177
|
levelId: 2,
|
|
@@ -193,7 +193,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
193
193
|
[VulnerabilityCode.JWT_EXPIRED_TOKEN]: {
|
|
194
194
|
id: 108,
|
|
195
195
|
code: VulnerabilityCode.JWT_EXPIRED_TOKEN,
|
|
196
|
-
title: 'JWT
|
|
196
|
+
title: 'JWT Expired Token Accepted',
|
|
197
197
|
description: 'JWT implementation does not properly validate token expiration (exp claim), accepting expired tokens that should be rejected. This allows attackers with previously captured tokens to reuse them indefinitely, maintaining unauthorized access without credential updates.',
|
|
198
198
|
severity: 'medium',
|
|
199
199
|
levelId: 3,
|
|
@@ -215,7 +215,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
215
215
|
[VulnerabilityCode.JWT_MISSING_CLAIMS]: {
|
|
216
216
|
id: 109,
|
|
217
217
|
code: VulnerabilityCode.JWT_MISSING_CLAIMS,
|
|
218
|
-
title: 'JWT
|
|
218
|
+
title: 'JWT Missing Required Claims',
|
|
219
219
|
description: 'JWT tokens are missing critical security claims like exp (expiration), iat (issued at), nbf (not before), or iss (issuer), reducing the security guarantees of the token system and potentially allowing token reuse, replay attacks, or cross-tenant access.',
|
|
220
220
|
severity: 'medium',
|
|
221
221
|
levelId: 3,
|
|
@@ -237,7 +237,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
237
237
|
[VulnerabilityCode.BAC_HORIZONTAL_PRIVILEGE]: {
|
|
238
238
|
id: 110,
|
|
239
239
|
code: VulnerabilityCode.BAC_HORIZONTAL_PRIVILEGE,
|
|
240
|
-
title: 'Broken Access
|
|
240
|
+
title: 'Broken Access Horizontal Privilege Escalation',
|
|
241
241
|
description: 'Horizontal privilege escalation vulnerability where authenticated users can access data or perform actions belonging to other users at the same privilege level by manipulating user identifiers, object references, or session parameters without ownership verification.',
|
|
242
242
|
severity: 'high',
|
|
243
243
|
levelId: 2,
|
|
@@ -259,7 +259,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
259
259
|
[VulnerabilityCode.MASSASSIGN_HIDDEN_FIELD]: {
|
|
260
260
|
id: 111,
|
|
261
261
|
code: VulnerabilityCode.MASSASSIGN_HIDDEN_FIELD,
|
|
262
|
-
title: 'Mass Assignment
|
|
262
|
+
title: 'Mass Assignment Hidden Field Manipulation',
|
|
263
263
|
description: 'Mass assignment vulnerability where attackers can modify hidden form fields or server-side computed values like price, discount, userId, or timestamp by including them in request bodies, bypassing UI restrictions to manipulate business logic or data integrity.',
|
|
264
264
|
severity: 'medium',
|
|
265
265
|
levelId: 3,
|
|
@@ -281,7 +281,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
281
281
|
[VulnerabilityCode.JWT_CLAIM_TAMPERING]: {
|
|
282
282
|
id: 112,
|
|
283
283
|
code: VulnerabilityCode.JWT_CLAIM_TAMPERING,
|
|
284
|
-
title: 'JWT
|
|
284
|
+
title: 'JWT Claim Tampering',
|
|
285
285
|
description: 'JWT claim tampering vulnerability where attackers can modify token claims such as roles, user IDs, or permissions and the server accepts the tampered token, enabling privilege escalation or unauthorized access.',
|
|
286
286
|
severity: 'high',
|
|
287
287
|
levelId: 2,
|
|
@@ -303,7 +303,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
303
303
|
[VulnerabilityCode.JWT_KID_INJECTION]: {
|
|
304
304
|
id: 113,
|
|
305
305
|
code: VulnerabilityCode.JWT_KID_INJECTION,
|
|
306
|
-
title: 'JWT
|
|
306
|
+
title: 'JWT KID Header Injection',
|
|
307
307
|
description: 'JWT key identifier (kid) injection vulnerability where attackers manipulate the kid header to influence key selection or file paths, potentially bypassing signature verification or loading attacker-controlled keys.',
|
|
308
308
|
severity: 'high',
|
|
309
309
|
levelId: 2,
|
|
@@ -325,7 +325,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
325
325
|
[VulnerabilityCode.JWT_JKU_INJECTION]: {
|
|
326
326
|
id: 114,
|
|
327
327
|
code: VulnerabilityCode.JWT_JKU_INJECTION,
|
|
328
|
-
title: 'JWT
|
|
328
|
+
title: 'JWT JKU Header Injection',
|
|
329
329
|
description: 'JWT JKU (JWK Set URL) header injection vulnerability where attackers can control the URL used to fetch signing keys, allowing them to supply their own keys and forge valid tokens.',
|
|
330
330
|
severity: 'high',
|
|
331
331
|
levelId: 2,
|
|
@@ -347,7 +347,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
347
347
|
[VulnerabilityCode.JWT_EMBEDDED_JWK]: {
|
|
348
348
|
id: 115,
|
|
349
349
|
code: VulnerabilityCode.JWT_EMBEDDED_JWK,
|
|
350
|
-
title: 'JWT
|
|
350
|
+
title: 'JWT Embedded JWK Injection',
|
|
351
351
|
description: 'JWT embedded JWK vulnerability where attackers include their own JWK in the token header and the server accepts it as a trusted signing key, enabling forged tokens and authentication bypass.',
|
|
352
352
|
severity: 'high',
|
|
353
353
|
levelId: 2,
|
|
@@ -369,7 +369,7 @@ export const AUTH_VULNERABILITIES = {
|
|
|
369
369
|
[VulnerabilityCode.JWT_X5C_INJECTION]: {
|
|
370
370
|
id: 116,
|
|
371
371
|
code: VulnerabilityCode.JWT_X5C_INJECTION,
|
|
372
|
-
title: 'JWT
|
|
372
|
+
title: 'JWT X5C Header Injection',
|
|
373
373
|
description: 'JWT x5c header injection vulnerability where attackers provide an untrusted certificate chain, allowing them to influence key selection or bypass signature validation if certificate trust is not strictly enforced.',
|
|
374
374
|
severity: 'high',
|
|
375
375
|
levelId: 2,
|
|
@@ -3,6 +3,6 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Definitions for Security Headers, Directory Browsing, and related issues
|
|
5
5
|
*/
|
|
6
|
-
import type {
|
|
7
|
-
export declare const CONFIG_VULNERABILITIES: Record<string,
|
|
6
|
+
import type { VulnerabilityDefinitionInput } from '../types.js';
|
|
7
|
+
export declare const CONFIG_VULNERABILITIES: Record<string, VulnerabilityDefinitionInput>;
|
|
8
8
|
export default CONFIG_VULNERABILITIES;
|
|
@@ -11,7 +11,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
11
11
|
[VulnerabilityCode.HEADER_MISSING_CSP]: {
|
|
12
12
|
id: 200,
|
|
13
13
|
code: VulnerabilityCode.HEADER_MISSING_CSP,
|
|
14
|
-
title: 'Missing Security Header
|
|
14
|
+
title: 'Missing Security Header Content-Security-Policy',
|
|
15
15
|
description: 'The application does not implement Content-Security-Policy header, leaving it vulnerable to cross-site scripting attacks that could be mitigated by restricting the sources from which scripts, styles, and other resources can be loaded into the page.',
|
|
16
16
|
severity: 'medium',
|
|
17
17
|
levelId: 3,
|
|
@@ -33,7 +33,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
33
33
|
[VulnerabilityCode.HEADER_MISSING_HSTS]: {
|
|
34
34
|
id: 201,
|
|
35
35
|
code: VulnerabilityCode.HEADER_MISSING_HSTS,
|
|
36
|
-
title: 'Missing Security Header
|
|
36
|
+
title: 'Missing Security Header Strict-Transport-Security',
|
|
37
37
|
description: 'The application does not implement HSTS (HTTP Strict Transport Security) header, leaving users vulnerable to SSL stripping attacks and man-in-the-middle downgrades from HTTPS to HTTP connections on initial visits or after cookie expiration.',
|
|
38
38
|
severity: 'medium',
|
|
39
39
|
levelId: 3,
|
|
@@ -55,7 +55,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
55
55
|
[VulnerabilityCode.HEADER_HSTS_BAD_MAX_AGE]: {
|
|
56
56
|
id: 202,
|
|
57
57
|
code: VulnerabilityCode.HEADER_HSTS_BAD_MAX_AGE,
|
|
58
|
-
title: 'HSTS Misconfiguration
|
|
58
|
+
title: 'HSTS Misconfiguration Invalid Max-Age',
|
|
59
59
|
description: 'The Strict-Transport-Security header uses an invalid or malformed max-age value, preventing reliable HTTPS enforcement.',
|
|
60
60
|
severity: 'medium',
|
|
61
61
|
levelId: 3,
|
|
@@ -77,7 +77,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
77
77
|
[VulnerabilityCode.HEADER_HSTS_SHORT_MAX_AGE]: {
|
|
78
78
|
id: 203,
|
|
79
79
|
code: VulnerabilityCode.HEADER_HSTS_SHORT_MAX_AGE,
|
|
80
|
-
title: 'HSTS Misconfiguration
|
|
80
|
+
title: 'HSTS Misconfiguration Short Max-Age',
|
|
81
81
|
description: 'The Strict-Transport-Security header uses a short max-age value that weakens HTTPS enforcement and allows downgrade risk to return quickly.',
|
|
82
82
|
severity: 'medium',
|
|
83
83
|
levelId: 3,
|
|
@@ -99,7 +99,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
99
99
|
[VulnerabilityCode.HEADER_HSTS_NO_INCLUDESUBDOMAINS]: {
|
|
100
100
|
id: 204,
|
|
101
101
|
code: VulnerabilityCode.HEADER_HSTS_NO_INCLUDESUBDOMAINS,
|
|
102
|
-
title: 'HSTS Misconfiguration
|
|
102
|
+
title: 'HSTS Misconfiguration Missing includeSubDomains',
|
|
103
103
|
description: 'The Strict-Transport-Security header is missing includeSubDomains, leaving subdomains unprotected from downgrade and stripping attacks.',
|
|
104
104
|
severity: 'medium',
|
|
105
105
|
levelId: 3,
|
|
@@ -143,7 +143,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
143
143
|
[VulnerabilityCode.HEADER_MISSING_XFRAME]: {
|
|
144
144
|
id: 206,
|
|
145
145
|
code: VulnerabilityCode.HEADER_MISSING_XFRAME,
|
|
146
|
-
title: 'Missing Security Header
|
|
146
|
+
title: 'Missing Security Header X-Frame-Options',
|
|
147
147
|
description: 'The application does not set X-Frame-Options header, making it vulnerable to clickjacking attacks where malicious websites can embed the application in invisible iframes and trick users into performing unintended actions through deceptive UI overlays.',
|
|
148
148
|
severity: 'medium',
|
|
149
149
|
levelId: 3,
|
|
@@ -964,7 +964,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
964
964
|
[VulnerabilityCode.CLICK_FRAMEABLE]: {
|
|
965
965
|
id: 243,
|
|
966
966
|
code: VulnerabilityCode.CLICK_FRAMEABLE,
|
|
967
|
-
title: 'Clickjacking
|
|
967
|
+
title: 'Clickjacking Page Frameable',
|
|
968
968
|
description: 'The application pages can be embedded in iframes on malicious websites, enabling clickjacking attacks where attackers overlay transparent frames over deceptive UI elements to trick users into clicking hidden buttons or links that perform unintended actions.',
|
|
969
969
|
severity: 'medium',
|
|
970
970
|
levelId: 3,
|
|
@@ -989,7 +989,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
989
989
|
[VulnerabilityCode.DESER_JAVA]: {
|
|
990
990
|
id: 244,
|
|
991
991
|
code: VulnerabilityCode.DESER_JAVA,
|
|
992
|
-
title: 'Insecure Deserialization
|
|
992
|
+
title: 'Insecure Deserialization Java',
|
|
993
993
|
description: 'Critical Java deserialization vulnerability where untrusted serialized objects are processed, allowing attackers to achieve remote code execution through gadget chains in common libraries like Apache Commons Collections, Spring Framework, or other classpath dependencies.',
|
|
994
994
|
severity: 'critical',
|
|
995
995
|
levelId: 1,
|
|
@@ -1011,7 +1011,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1011
1011
|
[VulnerabilityCode.DESER_PHP]: {
|
|
1012
1012
|
id: 245,
|
|
1013
1013
|
code: VulnerabilityCode.DESER_PHP,
|
|
1014
|
-
title: 'Insecure Deserialization
|
|
1014
|
+
title: 'Insecure Deserialization PHP',
|
|
1015
1015
|
description: 'Critical PHP deserialization vulnerability where unserialize() processes attacker-controlled data, enabling object injection attacks through magic methods like __wakeup(), __destruct(), or __toString() in application or framework classes for remote code execution.',
|
|
1016
1016
|
severity: 'critical',
|
|
1017
1017
|
levelId: 1,
|
|
@@ -1033,7 +1033,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1033
1033
|
[VulnerabilityCode.DESER_PYTHON]: {
|
|
1034
1034
|
id: 246,
|
|
1035
1035
|
code: VulnerabilityCode.DESER_PYTHON,
|
|
1036
|
-
title: 'Insecure Deserialization
|
|
1036
|
+
title: 'Insecure Deserialization Python',
|
|
1037
1037
|
description: 'Critical Python deserialization vulnerability through pickle/cPickle processing of untrusted data, enabling remote code execution via __reduce__ method exploitation. Python pickle is inherently unsafe and should never process untrusted input.',
|
|
1038
1038
|
severity: 'critical',
|
|
1039
1039
|
levelId: 1,
|
|
@@ -1055,7 +1055,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1055
1055
|
[VulnerabilityCode.DESER_DOTNET]: {
|
|
1056
1056
|
id: 247,
|
|
1057
1057
|
code: VulnerabilityCode.DESER_DOTNET,
|
|
1058
|
-
title: 'Insecure Deserialization
|
|
1058
|
+
title: 'Insecure Deserialization .NET',
|
|
1059
1059
|
description: 'Critical .NET deserialization vulnerability through BinaryFormatter, ObjectStateFormatter, LosFormatter, or other dangerous formatters processing untrusted data, enabling remote code execution through gadget chains in the .NET runtime or third-party libraries.',
|
|
1060
1060
|
severity: 'critical',
|
|
1061
1061
|
levelId: 1,
|
|
@@ -1077,7 +1077,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1077
1077
|
[VulnerabilityCode.DESER_RUBY]: {
|
|
1078
1078
|
id: 248,
|
|
1079
1079
|
code: VulnerabilityCode.DESER_RUBY,
|
|
1080
|
-
title: 'Insecure Deserialization
|
|
1080
|
+
title: 'Insecure Deserialization Ruby',
|
|
1081
1081
|
description: 'Critical Ruby deserialization vulnerability through Marshal.load or YAML.load processing untrusted data, enabling remote code execution through Ruby object instantiation gadgets that execute arbitrary code during object reconstruction.',
|
|
1082
1082
|
severity: 'critical',
|
|
1083
1083
|
levelId: 1,
|
|
@@ -1099,7 +1099,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1099
1099
|
[VulnerabilityCode.DESER_NODE]: {
|
|
1100
1100
|
id: 249,
|
|
1101
1101
|
code: VulnerabilityCode.DESER_NODE,
|
|
1102
|
-
title: 'Insecure Deserialization
|
|
1102
|
+
title: 'Insecure Deserialization Node.js',
|
|
1103
1103
|
description: 'Critical Node.js deserialization vulnerability through node-serialize, funcster, or similar libraries that execute JavaScript during deserialization, enabling remote code execution when attacker-controlled serialized data containing functions or IIFE is processed.',
|
|
1104
1104
|
severity: 'critical',
|
|
1105
1105
|
levelId: 1,
|
|
@@ -1121,7 +1121,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1121
1121
|
[VulnerabilityCode.CLICK_PARTIAL_PROTECTION]: {
|
|
1122
1122
|
id: 250,
|
|
1123
1123
|
code: VulnerabilityCode.CLICK_PARTIAL_PROTECTION,
|
|
1124
|
-
title: 'Clickjacking
|
|
1124
|
+
title: 'Clickjacking Partial Protection',
|
|
1125
1125
|
description: 'Incomplete clickjacking protection where X-Frame-Options or frame-ancestors CSP is only applied on some pages, uses weak values like ALLOW-FROM with bypassable origins, or has inconsistent implementation allowing certain pages to be framed.',
|
|
1126
1126
|
severity: 'low',
|
|
1127
1127
|
levelId: 4,
|
|
@@ -1143,7 +1143,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1143
1143
|
[VulnerabilityCode.HEADER_MISSING_XCONTENT_TYPE]: {
|
|
1144
1144
|
id: 251,
|
|
1145
1145
|
code: VulnerabilityCode.HEADER_MISSING_XCONTENT_TYPE,
|
|
1146
|
-
title: 'Missing Security Header
|
|
1146
|
+
title: 'Missing Security Header X-Content-Type-Options',
|
|
1147
1147
|
description: 'The application does not set X-Content-Type-Options: nosniff header, allowing browsers to perform MIME-type sniffing that can lead to XSS attacks when user-uploaded content is served with incorrect Content-Type and browsers execute it as script.',
|
|
1148
1148
|
severity: 'low',
|
|
1149
1149
|
levelId: 4,
|
|
@@ -1165,7 +1165,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1165
1165
|
[VulnerabilityCode.HEADER_XCONTENT_TYPE_INVALID]: {
|
|
1166
1166
|
id: 252,
|
|
1167
1167
|
code: VulnerabilityCode.HEADER_XCONTENT_TYPE_INVALID,
|
|
1168
|
-
title: 'Invalid Security Header
|
|
1168
|
+
title: 'Invalid Security Header X-Content-Type-Options',
|
|
1169
1169
|
description: 'The X-Content-Type-Options header is present but misconfigured (not set to nosniff), which can allow MIME sniffing and reduce protection against content-type confusion.',
|
|
1170
1170
|
severity: 'low',
|
|
1171
1171
|
levelId: 4,
|
|
@@ -1187,7 +1187,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1187
1187
|
[VulnerabilityCode.HEADER_MISSING_REFERRER_POLICY]: {
|
|
1188
1188
|
id: 253,
|
|
1189
1189
|
code: VulnerabilityCode.HEADER_MISSING_REFERRER_POLICY,
|
|
1190
|
-
title: 'Missing Security Header
|
|
1190
|
+
title: 'Missing Security Header Referrer-Policy',
|
|
1191
1191
|
description: 'The application does not implement Referrer-Policy header, potentially leaking sensitive URL information including session tokens, user IDs, or query parameters to external sites when users click links or resources are loaded from third-party domains.',
|
|
1192
1192
|
severity: 'low',
|
|
1193
1193
|
levelId: 4,
|
|
@@ -1231,7 +1231,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1231
1231
|
[VulnerabilityCode.HEADER_MISSING_PERMISSIONS_POLICY]: {
|
|
1232
1232
|
id: 255,
|
|
1233
1233
|
code: VulnerabilityCode.HEADER_MISSING_PERMISSIONS_POLICY,
|
|
1234
|
-
title: 'Missing Security Header
|
|
1234
|
+
title: 'Missing Security Header Permissions-Policy',
|
|
1235
1235
|
description: 'The application does not implement Permissions-Policy (formerly Feature-Policy) header, allowing embedded frames or malicious scripts to access sensitive browser features like camera, microphone, geolocation, or payment APIs without explicit permission.',
|
|
1236
1236
|
severity: 'info',
|
|
1237
1237
|
levelId: 5,
|
|
@@ -1253,7 +1253,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1253
1253
|
[VulnerabilityCode.HEADER_MISSING_XSS_PROTECTION]: {
|
|
1254
1254
|
id: 256,
|
|
1255
1255
|
code: VulnerabilityCode.HEADER_MISSING_XSS_PROTECTION,
|
|
1256
|
-
title: 'Missing Security Header
|
|
1256
|
+
title: 'Missing Security Header X-XSS-Protection',
|
|
1257
1257
|
description: 'The legacy X-XSS-Protection header is not set. While deprecated in modern browsers, it can provide defense-in-depth for older browsers that still honor this header for their built-in XSS auditor feature.',
|
|
1258
1258
|
severity: 'info',
|
|
1259
1259
|
levelId: 5,
|
|
@@ -1275,7 +1275,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1275
1275
|
[VulnerabilityCode.HEADER_COEP_WITHOUT_COOP]: {
|
|
1276
1276
|
id: 257,
|
|
1277
1277
|
code: VulnerabilityCode.HEADER_COEP_WITHOUT_COOP,
|
|
1278
|
-
title: 'Header Misconfiguration
|
|
1278
|
+
title: 'Header Misconfiguration COEP Without COOP',
|
|
1279
1279
|
description: 'Cross-Origin-Embedder-Policy (COEP) is set without Cross-Origin-Opener-Policy (COOP), which can create inconsistent cross-origin isolation behavior and indicate incomplete or misapplied security header strategy for isolation-sensitive applications.',
|
|
1280
1280
|
severity: 'info',
|
|
1281
1281
|
levelId: 5,
|
|
@@ -1297,7 +1297,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1297
1297
|
[VulnerabilityCode.HEADER_CORP_UNUSUAL]: {
|
|
1298
1298
|
id: 258,
|
|
1299
1299
|
code: VulnerabilityCode.HEADER_CORP_UNUSUAL,
|
|
1300
|
-
title: 'Header Misconfiguration
|
|
1300
|
+
title: 'Header Misconfiguration Unusual CORP Value',
|
|
1301
1301
|
description: 'Cross-Origin-Resource-Policy (CORP) is set to a non-standard value, which may indicate a misconfiguration that provides no effective protection or creates unpredictable resource loading behavior across origins.',
|
|
1302
1302
|
severity: 'info',
|
|
1303
1303
|
levelId: 5,
|
|
@@ -1319,7 +1319,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1319
1319
|
[VulnerabilityCode.HEADER_EXPECT_CT_PRESENT]: {
|
|
1320
1320
|
id: 259,
|
|
1321
1321
|
code: VulnerabilityCode.HEADER_EXPECT_CT_PRESENT,
|
|
1322
|
-
title: 'Deprecated Header
|
|
1322
|
+
title: 'Deprecated Header Expect-CT Present',
|
|
1323
1323
|
description: 'The Expect-CT header is present even though the feature is deprecated and no longer enforced by major browsers, adding unnecessary configuration surface without meaningful security benefit.',
|
|
1324
1324
|
severity: 'info',
|
|
1325
1325
|
levelId: 5,
|
|
@@ -1341,7 +1341,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1341
1341
|
[VulnerabilityCode.HEADER_SERVER_HEADER_PRESENT]: {
|
|
1342
1342
|
id: 260,
|
|
1343
1343
|
code: VulnerabilityCode.HEADER_SERVER_HEADER_PRESENT,
|
|
1344
|
-
title: 'Information Exposure
|
|
1344
|
+
title: 'Information Exposure Server Header Present',
|
|
1345
1345
|
description: 'The Server header reveals technology or version details that can assist attackers with fingerprinting and targeted exploitation, increasing the likelihood of tailored attacks against known software weaknesses.',
|
|
1346
1346
|
severity: 'info',
|
|
1347
1347
|
levelId: 5,
|
|
@@ -1363,7 +1363,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1363
1363
|
[VulnerabilityCode.HEADER_X_POWERED_BY_PRESENT]: {
|
|
1364
1364
|
id: 261,
|
|
1365
1365
|
code: VulnerabilityCode.HEADER_X_POWERED_BY_PRESENT,
|
|
1366
|
-
title: 'Information Exposure
|
|
1366
|
+
title: 'Information Exposure X-Powered-By Present',
|
|
1367
1367
|
description: 'The X-Powered-By header discloses framework or runtime information that can be used to fingerprint the application stack and target known vulnerabilities in specific platforms or versions.',
|
|
1368
1368
|
severity: 'info',
|
|
1369
1369
|
levelId: 5,
|
|
@@ -1385,7 +1385,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1385
1385
|
[VulnerabilityCode.HEADER_X_XSS_PROTECTION_ENABLED]: {
|
|
1386
1386
|
id: 262,
|
|
1387
1387
|
code: VulnerabilityCode.HEADER_X_XSS_PROTECTION_ENABLED,
|
|
1388
|
-
title: 'Deprecated Header
|
|
1388
|
+
title: 'Deprecated Header X-XSS-Protection Enabled',
|
|
1389
1389
|
description: 'The X-XSS-Protection header is enabled, which is deprecated and can introduce security risks or inconsistent behavior in legacy browsers due to the removed XSS auditor feature.',
|
|
1390
1390
|
severity: 'low',
|
|
1391
1391
|
levelId: 4,
|
|
@@ -1407,7 +1407,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1407
1407
|
[VulnerabilityCode.COOKIE_SAMESITE_NONE_WITHOUT_SECURE]: {
|
|
1408
1408
|
id: 263,
|
|
1409
1409
|
code: VulnerabilityCode.COOKIE_SAMESITE_NONE_WITHOUT_SECURE,
|
|
1410
|
-
title: 'Cookie Misconfiguration
|
|
1410
|
+
title: 'Cookie Misconfiguration SameSite=None Without Secure',
|
|
1411
1411
|
description: 'A cookie is configured with SameSite=None but lacks the Secure attribute, enabling cross-site transmission over unencrypted connections and undermining cookie integrity and confidentiality controls.',
|
|
1412
1412
|
severity: 'medium',
|
|
1413
1413
|
levelId: 3,
|
|
@@ -1429,7 +1429,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1429
1429
|
[VulnerabilityCode.COOKIE_SESSION_MISSING_SECURE]: {
|
|
1430
1430
|
id: 264,
|
|
1431
1431
|
code: VulnerabilityCode.COOKIE_SESSION_MISSING_SECURE,
|
|
1432
|
-
title: 'Cookie Misconfiguration
|
|
1432
|
+
title: 'Cookie Misconfiguration Session Cookie Missing Secure',
|
|
1433
1433
|
description: 'Session or authentication cookies are missing the Secure attribute, allowing them to be transmitted over unencrypted connections and increasing the risk of session hijacking or credential theft.',
|
|
1434
1434
|
severity: 'high',
|
|
1435
1435
|
levelId: 2,
|
|
@@ -1451,7 +1451,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1451
1451
|
[VulnerabilityCode.COOKIE_MISSING_SECURE]: {
|
|
1452
1452
|
id: 265,
|
|
1453
1453
|
code: VulnerabilityCode.COOKIE_MISSING_SECURE,
|
|
1454
|
-
title: 'Cookie Misconfiguration
|
|
1454
|
+
title: 'Cookie Misconfiguration Missing Secure Attribute',
|
|
1455
1455
|
description: 'Cookies are set without the Secure attribute, permitting transmission over plaintext HTTP and exposing cookie contents to network interception or manipulation.',
|
|
1456
1456
|
severity: 'medium',
|
|
1457
1457
|
levelId: 3,
|
|
@@ -1473,7 +1473,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1473
1473
|
[VulnerabilityCode.COOKIE_SESSION_MISSING_HTTPONLY]: {
|
|
1474
1474
|
id: 266,
|
|
1475
1475
|
code: VulnerabilityCode.COOKIE_SESSION_MISSING_HTTPONLY,
|
|
1476
|
-
title: 'Cookie Misconfiguration
|
|
1476
|
+
title: 'Cookie Misconfiguration Session Cookie Missing HttpOnly',
|
|
1477
1477
|
description: 'Session or authentication cookies are missing the HttpOnly attribute, allowing client-side scripts to access sensitive cookie values and increasing the impact of XSS attacks.',
|
|
1478
1478
|
severity: 'high',
|
|
1479
1479
|
levelId: 2,
|
|
@@ -1495,7 +1495,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1495
1495
|
[VulnerabilityCode.COOKIE_MISSING_HTTPONLY]: {
|
|
1496
1496
|
id: 267,
|
|
1497
1497
|
code: VulnerabilityCode.COOKIE_MISSING_HTTPONLY,
|
|
1498
|
-
title: 'Cookie Misconfiguration
|
|
1498
|
+
title: 'Cookie Misconfiguration Missing HttpOnly Attribute',
|
|
1499
1499
|
description: 'Cookies are missing the HttpOnly attribute, allowing JavaScript access to cookie values and increasing the potential impact of client-side script injection.',
|
|
1500
1500
|
severity: 'medium',
|
|
1501
1501
|
levelId: 3,
|
|
@@ -1517,7 +1517,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1517
1517
|
[VulnerabilityCode.COOKIE_MISSING_SAMESITE]: {
|
|
1518
1518
|
id: 268,
|
|
1519
1519
|
code: VulnerabilityCode.COOKIE_MISSING_SAMESITE,
|
|
1520
|
-
title: 'Cookie Misconfiguration
|
|
1520
|
+
title: 'Cookie Misconfiguration Missing SameSite Attribute',
|
|
1521
1521
|
description: 'Cookies do not specify SameSite, which can allow cross-site requests to include cookies by default and increase exposure to CSRF-style attacks or cross-site leakage.',
|
|
1522
1522
|
severity: 'medium',
|
|
1523
1523
|
levelId: 3,
|
|
@@ -1539,7 +1539,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1539
1539
|
[VulnerabilityCode.COOKIE_HOST_PREFIX_INVALID]: {
|
|
1540
1540
|
id: 269,
|
|
1541
1541
|
code: VulnerabilityCode.COOKIE_HOST_PREFIX_INVALID,
|
|
1542
|
-
title: 'Cookie Misconfiguration
|
|
1542
|
+
title: 'Cookie Misconfiguration __Host- Prefix Violations',
|
|
1543
1543
|
description: 'Cookies with the __Host- prefix do not meet required attributes (Secure, Path=/, no Domain), weakening the protections provided by host-only cookie semantics.',
|
|
1544
1544
|
severity: 'medium',
|
|
1545
1545
|
levelId: 3,
|
|
@@ -1561,7 +1561,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1561
1561
|
[VulnerabilityCode.COOKIE_SECURE_PREFIX_INVALID]: {
|
|
1562
1562
|
id: 270,
|
|
1563
1563
|
code: VulnerabilityCode.COOKIE_SECURE_PREFIX_INVALID,
|
|
1564
|
-
title: 'Cookie Misconfiguration
|
|
1564
|
+
title: 'Cookie Misconfiguration __Secure- Prefix Violations',
|
|
1565
1565
|
description: 'Cookies with the __Secure- prefix are missing the Secure attribute, which defeats the prefix requirement and weakens transport security protections.',
|
|
1566
1566
|
severity: 'medium',
|
|
1567
1567
|
levelId: 3,
|
|
@@ -1583,7 +1583,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1583
1583
|
[VulnerabilityCode.HEADER_DRIFT_CSP]: {
|
|
1584
1584
|
id: 271,
|
|
1585
1585
|
code: VulnerabilityCode.HEADER_DRIFT_CSP,
|
|
1586
|
-
title: 'Header Drift
|
|
1586
|
+
title: 'Header Drift Content-Security-Policy Inconsistent',
|
|
1587
1587
|
description: 'Content-Security-Policy is present on some paths but missing on others, creating uneven defenses and potentially exposing unprotected routes to script injection or content loading risks.',
|
|
1588
1588
|
severity: 'low',
|
|
1589
1589
|
levelId: 4,
|
|
@@ -1605,7 +1605,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1605
1605
|
[VulnerabilityCode.HEADER_DRIFT_HSTS]: {
|
|
1606
1606
|
id: 272,
|
|
1607
1607
|
code: VulnerabilityCode.HEADER_DRIFT_HSTS,
|
|
1608
|
-
title: 'Header Drift
|
|
1608
|
+
title: 'Header Drift Strict-Transport-Security Inconsistent',
|
|
1609
1609
|
description: 'Strict-Transport-Security is present on some paths but missing on others, reducing the effectiveness of HTTPS enforcement and creating mixed transport behavior across the site.',
|
|
1610
1610
|
severity: 'low',
|
|
1611
1611
|
levelId: 4,
|
|
@@ -1627,7 +1627,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1627
1627
|
[VulnerabilityCode.HEADER_DRIFT_XCONTENT_TYPE]: {
|
|
1628
1628
|
id: 273,
|
|
1629
1629
|
code: VulnerabilityCode.HEADER_DRIFT_XCONTENT_TYPE,
|
|
1630
|
-
title: 'Header Drift
|
|
1630
|
+
title: 'Header Drift X-Content-Type-Options Inconsistent',
|
|
1631
1631
|
description: 'X-Content-Type-Options is present on some paths but missing on others, allowing inconsistent MIME sniffing behavior that could expose unprotected routes to content-type confusion.',
|
|
1632
1632
|
severity: 'low',
|
|
1633
1633
|
levelId: 4,
|
|
@@ -1649,7 +1649,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1649
1649
|
[VulnerabilityCode.HEADER_DRIFT_REFERRER_POLICY]: {
|
|
1650
1650
|
id: 274,
|
|
1651
1651
|
code: VulnerabilityCode.HEADER_DRIFT_REFERRER_POLICY,
|
|
1652
|
-
title: 'Header Drift
|
|
1652
|
+
title: 'Header Drift Referrer-Policy Inconsistent',
|
|
1653
1653
|
description: 'Referrer-Policy is present on some paths but missing on others, leading to inconsistent referrer leakage controls and potential exposure of sensitive URL data.',
|
|
1654
1654
|
severity: 'low',
|
|
1655
1655
|
levelId: 4,
|
|
@@ -1671,7 +1671,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1671
1671
|
[VulnerabilityCode.HEADER_DRIFT_XFRAME]: {
|
|
1672
1672
|
id: 275,
|
|
1673
1673
|
code: VulnerabilityCode.HEADER_DRIFT_XFRAME,
|
|
1674
|
-
title: 'Header Drift
|
|
1674
|
+
title: 'Header Drift X-Frame-Options Inconsistent',
|
|
1675
1675
|
description: 'X-Frame-Options or equivalent framing controls are present on some paths but missing on others, creating uneven clickjacking protection across the site.',
|
|
1676
1676
|
severity: 'low',
|
|
1677
1677
|
levelId: 4,
|
|
@@ -1693,7 +1693,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1693
1693
|
[VulnerabilityCode.HEADER_DRIFT_PERMISSIONS_POLICY]: {
|
|
1694
1694
|
id: 276,
|
|
1695
1695
|
code: VulnerabilityCode.HEADER_DRIFT_PERMISSIONS_POLICY,
|
|
1696
|
-
title: 'Header Drift
|
|
1696
|
+
title: 'Header Drift Permissions-Policy Inconsistent',
|
|
1697
1697
|
description: 'Permissions-Policy is present on some paths but missing on others, leading to inconsistent controls over browser features such as geolocation, camera, or microphone.',
|
|
1698
1698
|
severity: 'low',
|
|
1699
1699
|
levelId: 4,
|
|
@@ -1715,7 +1715,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1715
1715
|
[VulnerabilityCode.HEADER_DRIFT_COOP]: {
|
|
1716
1716
|
id: 277,
|
|
1717
1717
|
code: VulnerabilityCode.HEADER_DRIFT_COOP,
|
|
1718
|
-
title: 'Header Drift
|
|
1718
|
+
title: 'Header Drift COOP Inconsistent',
|
|
1719
1719
|
description: 'Cross-Origin-Opener-Policy is present on some paths but missing on others, which can lead to uneven cross-origin isolation guarantees and inconsistent window isolation behavior.',
|
|
1720
1720
|
severity: 'low',
|
|
1721
1721
|
levelId: 4,
|
|
@@ -1737,7 +1737,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1737
1737
|
[VulnerabilityCode.HEADER_DRIFT_COEP]: {
|
|
1738
1738
|
id: 278,
|
|
1739
1739
|
code: VulnerabilityCode.HEADER_DRIFT_COEP,
|
|
1740
|
-
title: 'Header Drift
|
|
1740
|
+
title: 'Header Drift COEP Inconsistent',
|
|
1741
1741
|
description: 'Cross-Origin-Embedder-Policy is present on some paths but missing on others, resulting in inconsistent embedding restrictions and cross-origin isolation posture.',
|
|
1742
1742
|
severity: 'low',
|
|
1743
1743
|
levelId: 4,
|
|
@@ -1759,7 +1759,7 @@ export const CONFIG_VULNERABILITIES = {
|
|
|
1759
1759
|
[VulnerabilityCode.HEADER_DRIFT_CORP]: {
|
|
1760
1760
|
id: 279,
|
|
1761
1761
|
code: VulnerabilityCode.HEADER_DRIFT_CORP,
|
|
1762
|
-
title: 'Header Drift
|
|
1762
|
+
title: 'Header Drift CORP Inconsistent',
|
|
1763
1763
|
description: 'Cross-Origin-Resource-Policy is present on some paths but missing on others, which can leave inconsistent controls on resource sharing and embedding across the application.',
|
|
1764
1764
|
severity: 'low',
|
|
1765
1765
|
levelId: 4,
|
|
@@ -3,6 +3,6 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Definitions for SQL Injection, Command Injection, SSTI, XXE, LFI
|
|
5
5
|
*/
|
|
6
|
-
import type {
|
|
7
|
-
export declare const INJECTION_VULNERABILITIES: Record<string,
|
|
6
|
+
import type { VulnerabilityDefinitionInput } from '../types.js';
|
|
7
|
+
export declare const INJECTION_VULNERABILITIES: Record<string, VulnerabilityDefinitionInput>;
|
|
8
8
|
export default INJECTION_VULNERABILITIES;
|