@zhuma4/cli 4.0.0-alpha.1 → 4.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +10 -3
- package/rules/common/zm-go-cwe1336-template-injection.yaml +38 -0
- package/rules/common/zm-go-cwe200-grpc-metadata.yaml +40 -0
- package/rules/common/zm-go-cwe319-grpc-notls.yaml +118 -0
- package/rules/common/zm-go-cwe338-weak-prng.yaml +117 -0
- package/rules/common/zm-go-cwe347-jwt.yaml +147 -0
- package/rules/common/zm-go-cwe693-gin-middleware.yaml +48 -0
- package/rules/common/zm-go-cwe693-security-headers.yaml +120 -0
- package/rules/common/zm-java-crypto-cwe327-001.yaml +103 -0
- package/rules/common/zm-java-deserial-cwe502-001.yaml +72 -0
- package/rules/common/zm-java-expression-cwe94-001.yaml +110 -0
- package/rules/common/zm-java-file-cwe22-001.yaml +73 -0
- package/rules/common/zm-java-hql-cwe89-001.yaml +72 -0
- package/rules/common/zm-java-jndi-cwe502-001.yaml +107 -0
- package/rules/common/zm-java-oauth-cwe287-001.yaml +136 -0
- package/rules/common/zm-java-rce-cwe78-001.yaml +98 -0
- package/rules/common/zm-java-springsec-cwe284-001.yaml +109 -0
- package/rules/common/zm-java-xstream-cwe502-001.yaml +73 -0
- package/rules/common/zm-java-xxe-cwe611-003.yaml +105 -0
- package/rules/common/zm-js-cwe20-nextjs-api-routes.yaml +141 -0
- package/rules/common/zm-js-cwe287-aws-lambda-config.yaml +107 -0
- package/rules/common/zm-js-cwe345-websocket-security.yaml +90 -0
- package/rules/common/zm-js-cwe501-graphql-injection.yaml +52 -0
- package/rules/common/zm-js-cwe502-deserialization-extended.yaml +107 -0
- package/rules/common/zm-js-cwe506-npm-supply-chain.yaml +19 -0
- package/rules/common/zm-js-cwe79-electron-security.yaml +35 -0
- package/rules/common/zm-js-cwe79-react-xss-deep.yaml +34 -0
- package/rules/common/zm-js-cwe89-prisma-typeorm.yaml +139 -0
- package/rules/common/zm-py-aiohttp-cwe295-cwe770-01.yaml +60 -0
- package/rules/common/zm-py-crypto-cwe327-01.yaml +33 -0
- package/rules/common/zm-py-deser-cwe502-01.yaml +66 -0
- package/rules/common/zm-py-django-cwe200-cwe798-cwe352-01.yaml +80 -0
- package/rules/common/zm-py-fastapi-cwe265-cwe284-01.yaml +48 -0
- package/rules/common/zm-py-flask-cwe200-cwe326-01.yaml +57 -0
- package/rules/common/zm-py-sqlalchemy-cwe89-01.yaml +65 -0
- package/rules/community-merged/cwe-1004/authtkt-cookie-httponly-unsafe-default.yaml +38 -0
- package/rules/community-merged/cwe-1004/authtkt-cookie-httponly-unsafe-value.yaml +41 -0
- package/rules/community-merged/cwe-1004/cookie-missing-httponly.yaml +42 -0
- package/rules/community-merged/cwe-1004/session-cookie-missing-httponly.yaml +41 -0
- package/rules/community-merged/cwe-1104/express-detect-notevil-usage.yaml +56 -0
- package/rules/community-merged/cwe-113/http-response-splitting.yaml +45 -0
- package/rules/community-merged/cwe-115/reverseproxy-director.yaml +34 -0
- package/rules/community-merged/cwe-116/autoescape-disabled-false.yaml +35 -0
- package/rules/community-merged/cwe-116/detect-disable-mustache-escape.yaml +28 -0
- package/rules/community-merged/cwe-116/incomplete-sanitization.yaml +33 -0
- package/rules/community-merged/cwe-116/missing-autoescape-disabled.yaml +34 -0
- package/rules/community-merged/cwe-116/no-scriptlets.yaml +32 -0
- package/rules/community-merged/cwe-116/use-escapexml.yaml +34 -0
- package/rules/community-merged/cwe-119/detect-buffer-noassert.yaml +33 -0
- package/rules/community-merged/cwe-1204/create-de-cipher-no-iv.yaml +32 -0
- package/rules/community-merged/cwe-1236/csv-writer-injection.yaml +56 -0
- package/rules/community-merged/cwe-1236/use-defusedcsv.yaml +38 -0
- package/rules/community-merged/cwe-1275/authtkt-cookie-samesite.yaml +36 -0
- package/rules/community-merged/cwe-1275/session-cookie-samesitenone.yaml +38 -0
- package/rules/community-merged/cwe-1275/set-cookie-samesite-unsafe-default.yaml +45 -0
- package/rules/community-merged/cwe-1333/detect-non-literal-regexp.yaml +46 -0
- package/rules/community-merged/cwe-1333/detect-redos.yaml +44 -0
- package/rules/community-merged/cwe-1333/java-pattern-from-string-parameter.yaml +38 -0
- package/rules/community-merged/cwe-1333/regex-dos.yaml +35 -0
- package/rules/community-merged/cwe-134/flask-api-method-string-format.yaml +37 -0
- package/rules/community-merged/cwe-134/unsafe-formatstring.yaml +52 -0
- package/rules/community-merged/cwe-150/autoescape-disabled.yaml +30 -0
- package/rules/community-merged/cwe-155/system-wildcard-detected.yaml +38 -0
- package/rules/community-merged/cwe-183/permissive-cors.yaml +78 -0
- package/rules/community-merged/cwe-20/django-using-request-post-after-is-valid.yaml +28 -0
- package/rules/community-merged/cwe-20/host-header-injection-python.yaml +46 -0
- package/rules/community-merged/cwe-200/bind.yaml +40 -0
- package/rules/community-merged/cwe-200/bind_all.yaml +32 -0
- package/rules/community-merged/cwe-200/spring-actuator-fully-enabled.yaml +33 -0
- package/rules/community-merged/cwe-200/url-rewriting.yaml +83 -0
- package/rules/community-merged/cwe-23/tainted-file-path.yaml +78 -0
- package/rules/community-merged/cwe-242/unsafe.yaml +25 -0
- package/rules/community-merged/cwe-250/docker-arbitrary-container-run.yaml +39 -0
- package/rules/community-merged/cwe-269/do-privileged-use.yaml +36 -0
- package/rules/community-merged/cwe-276/file_permission.yaml +32 -0
- package/rules/community-merged/cwe-276/insecure-file-permissions.yaml +64 -0
- package/rules/community-merged/cwe-276/overly-permissive-file-permission.yaml +50 -0
- package/rules/community-merged/cwe-287/unverified-jwt-decode.yaml +51 -0
- package/rules/community-merged/cwe-289/handler-assignment-from-multiple-sources.yaml +49 -0
- package/rules/community-merged/cwe-295/disabled-cert-validation.yaml +36 -0
- package/rules/community-merged/cwe-295/unverified-ssl-context.yaml +35 -0
- package/rules/community-merged/cwe-297/insecure-smtp-connection.yaml +35 -0
- package/rules/community-merged/cwe-300/grpc-client-insecure-connection.yaml +35 -0
- package/rules/community-merged/cwe-300/grpc-server-insecure-connection.yaml +45 -0
- package/rules/community-merged/cwe-310/aead-no-final.yaml +39 -0
- package/rules/community-merged/cwe-310/gcm-no-tag-length.yaml +35 -0
- package/rules/community-merged/cwe-319/cookie-issecure-false.yaml +38 -0
- package/rules/community-merged/cwe-319/detect-insecure-websocket.yaml +33 -0
- package/rules/community-merged/cwe-319/http-not-https-connection.yaml +29 -0
- package/rules/community-merged/cwe-319/security.yaml +36 -0
- package/rules/community-merged/cwe-319/sequelize-enforce-tls.yaml +61 -0
- package/rules/community-merged/cwe-319/unencrypted-socket.yaml +38 -0
- package/rules/community-merged/cwe-322/insecure_ssh.yaml +31 -0
- package/rules/community-merged/cwe-322/paramiko-implicit-trust-host-key.yaml +35 -0
- package/rules/community-merged/cwe-323/gcm-detection.yaml +39 -0
- package/rules/community-merged/cwe-323/gcm-nonce-reuse.yaml +30 -0
- package/rules/community-merged/cwe-326/insufficient-dsa-key-size.yaml +41 -0
- package/rules/community-merged/cwe-326/insufficient-ec-key-size.yaml +41 -0
- package/rules/community-merged/cwe-328/sha224-hash.yaml +46 -0
- package/rules/community-merged/cwe-328/use_of_weak_crypto.yaml +133 -0
- package/rules/community-merged/cwe-330/insecure-uuid-version.yaml +35 -0
- package/rules/community-merged/cwe-330/weak-random.yaml +32 -0
- package/rules/community-merged/cwe-338/detect-pseudoRandomBytes.yaml +33 -0
- package/rules/community-merged/cwe-345/jwt-decode-without-verify.yaml +39 -0
- package/rules/community-merged/cwe-345/jwt-parse-unverified.yaml +34 -0
- package/rules/community-merged/cwe-352/websocket-missing-origin-check.yaml +41 -0
- package/rules/community-merged/cwe-377/bad_tmp.yaml +30 -0
- package/rules/community-merged/cwe-400/ajv-allerrors-true.yaml +34 -0
- package/rules/community-merged/cwe-400/decompression_bomb.yaml +63 -0
- package/rules/community-merged/cwe-436/shared-url-struct-mutation.yaml +53 -0
- package/rules/community-merged/cwe-451/x-frame-options-misconfiguration.yaml +74 -0
- package/rules/community-merged/cwe-454/tainted-env-from-http-request.yaml +47 -0
- package/rules/community-merged/cwe-470/unsafe-reflect-by-name.yaml +44 -0
- package/rules/community-merged/cwe-470/unsafe-reflection.yaml +40 -0
- package/rules/community-merged/cwe-477/mongodb.yaml +27 -0
- package/rules/community-merged/cwe-489/debug-enabled.yaml +29 -0
- package/rules/community-merged/cwe-489/debug-template-tag.yaml +31 -0
- package/rules/community-merged/cwe-489/pprof.yaml +41 -0
- package/rules/community-merged/cwe-521/password-empty-string.yaml +40 -0
- package/rules/community-merged/cwe-521/use-none-for-password-default.yaml +43 -0
- package/rules/community-merged/cwe-522/express-cookie-settings.yaml +364 -0
- package/rules/community-merged/cwe-522/jwt-exposed-credentials.yaml +35 -0
- package/rules/community-merged/cwe-522/jwt-hardcode.yaml +31 -0
- package/rules/community-merged/cwe-522/remote-property-injection.yaml +76 -0
- package/rules/community-merged/cwe-523/no-auth-over-http.yaml +39 -0
- package/rules/community-merged/cwe-532/logger-credential-leak.yaml +38 -0
- package/rules/community-merged/cwe-548/express-check-directory-listing.yaml +55 -0
- package/rules/community-merged/cwe-548/fs-directory-listing.yaml +50 -0
- package/rules/community-merged/cwe-553/python-reverse-shell.yaml +33 -0
- package/rules/community-merged/cwe-601/express-open-redirect.yaml +115 -0
- package/rules/community-merged/cwe-601/open-redirect.yaml +96 -0
- package/rules/community-merged/cwe-614/cookie-missing-secure-flag.yaml +39 -0
- package/rules/community-merged/cwe-614/cookie-missing-secure.yaml +41 -0
- package/rules/community-merged/cwe-614/secure-cookies.yaml +60 -0
- package/rules/community-merged/cwe-614/secure-set-cookie.yaml +44 -0
- package/rules/community-merged/cwe-614/session-cookie-missing-secure.yaml +40 -0
- package/rules/community-merged/cwe-643/tainted-xpath-from-http-request.yaml +39 -0
- package/rules/community-merged/cwe-668/app-run-param-config.yaml +25 -0
- package/rules/community-merged/cwe-668/app-run-security-config.yaml +31 -0
- package/rules/community-merged/cwe-673/flask-url-for-external-true.yaml +35 -0
- package/rules/community-merged/cwe-704/bad-hexa-conversion.yaml +33 -0
- package/rules/community-merged/cwe-704/nan-injection.yaml +46 -0
- package/rules/community-merged/cwe-706/non-literal-import.yaml +31 -0
- package/rules/community-merged/cwe-706/require-request.yaml +67 -0
- package/rules/community-merged/cwe-706/res-render-injection.yaml +70 -0
- package/rules/community-merged/cwe-73/express-res-sendfile.yaml +77 -0
- package/rules/community-merged/cwe-73/secure-static-file-serve.yaml +30 -0
- package/rules/community-merged/cwe-74/xss-html-email-body.yaml +204 -0
- package/rules/community-merged/cwe-74/xss-send-mail-html-message.yaml +242 -0
- package/rules/community-merged/cwe-770/missing-throttle-config.yaml +38 -0
- package/rules/community-merged/cwe-776/use-defused-xmlrpc.yaml +32 -0
- package/rules/community-merged/cwe-798/express-jwt-hardcoded-secret.yaml +57 -0
- package/rules/community-merged/cwe-798/express-session-hardcoded-secret.yaml +58 -0
- package/rules/community-merged/cwe-798/jwt-hardcode.yaml +55 -0
- package/rules/community-merged/cwe-80/unsafe-serialize-javascript.yaml +33 -0
- package/rules/community-merged/cwe-863/security-constraint-http-method.yaml +32 -0
- package/rules/community-merged/cwe-90/ldap-entry-poisoning.yaml +42 -0
- package/rules/community-merged/cwe-90/ldap-injection.yaml +83 -0
- package/rules/community-merged/cwe-91/twiml-injection.yaml +51 -0
- package/rules/community-merged/cwe-913/dynamic-httptrace-clienttrace.yaml +40 -0
- package/rules/community-merged/cwe-913/reflect-makefunc.yaml +28 -0
- package/rules/community-merged/cwe-915/mass-assignment.yaml +33 -0
- package/rules/community-merged/cwe-915/tainted-sql-string.yaml +48 -0
- package/rules/community-merged/cwe-916/unsafe-argon2-config.yaml +48 -0
- package/rules/community-merged/cwe-926/exported_activity.yaml +39 -0
- package/rules/community-merged/cwe-93/crlf-injection-logs.yaml +87 -0
- package/rules/community-merged/cwe-93/request-data-write.yaml +200 -0
- package/rules/community-merged/cwe-939/dynamic-urllib-use-detected.yaml +58 -0
- package/rules/community-merged/cwe-94/dangerous-exec-cmd.yaml +87 -0
- package/rules/community-merged/cwe-94/dangerous-exec-command.yaml +63 -0
- package/rules/community-merged/cwe-942/wildcard-cors.yaml +39 -0
- package/rules/community-merged/cwe-95/seam-log-injection.yaml +41 -0
- package/rules/community-merged/cwe-95/spring-jsp-eval.yaml +30 -0
- package/rules/community-merged/cwe-95/user-eval.yaml +67 -0
- package/rules/community-merged/cwe-95/user-exec.yaml +67 -0
- package/rules/community-merged/cwe-96/globals-as-template-context.yaml +41 -0
- package/rules/community-merged/cwe-96/locals-as-template-context.yaml +41 -0
- package/rules/iac/ansible/zm-ansible-cwe269-privilege-escalation.yaml +12 -0
- package/rules/iac/ansible/zm-ansible-cwe532-no-log.yaml +42 -0
- package/rules/iac/ansible/zm-ansible-cwe78-unsafe-module.yaml +75 -0
- package/rules/iac/ansible/zm-ansible-cwe798-mysql-lineinfile.yaml +86 -0
- package/rules/iac/terraform/zm-tf-cwe284-gcp-firewall-eks.yaml +78 -0
- package/rules/iac/terraform/zm-tf-cwe284-sg-world-ingress.yaml +70 -0
- package/rules/iac/terraform/zm-tf-cwe285-iam-wildcard.yaml +46 -0
- package/rules/iac/terraform/zm-tf-cwe312-state-secrets.yaml +46 -0
- package/rules/iac/terraform/zm-tf-cwe319-azure-storage-mysql.yaml +69 -0
- package/rules/iac/terraform/zm-tf-cwe798-ecs-lambda-secrets.yaml +85 -0
- package/rules/iac/zm-docker-cwe1104-add-instead-of-copy.yaml +37 -0
- package/rules/iac/zm-docker-cwe1104-base-image.yaml +61 -0
- package/rules/iac/zm-docker-cwe1104-cleanup-dockerignore.yaml +67 -0
- package/rules/iac/zm-docker-cwe1104-multistage.yaml +33 -0
- package/rules/iac/zm-docker-cwe1104-package-cache.yaml +72 -0
- package/rules/iac/zm-docker-cwe250-docker-sock.yaml +31 -0
- package/rules/iac/zm-docker-cwe250-suid.yaml +33 -0
- package/rules/iac/zm-docker-cwe311-secrets-in-build-arg.yaml +64 -0
- package/rules/iac/zm-docker-cwe400-resource-limit.yaml +18 -6
- package/rules/iac/zm-docker-cwe668-workdir.yaml +36 -0
- package/rules/iac/zm-docker-cwe754-healthcheck.yaml +38 -0
- package/rules/iac/zm-docker-cwe78-curl-pipe.yaml +42 -0
- package/rules/iac/zm-docker-cwe798-arg-defaults.yaml +43 -0
- package/rules/iac/zm-docker-cwe798-env-secrets.yaml +48 -0
- package/rules/iac/zm-k8s-cwe200-configmap-creds.yaml +31 -0
- package/rules/iac/zm-k8s-cwe200-networkpolicy.yaml +62 -0
- package/rules/iac/zm-k8s-cwe200-sa-automount.yaml +38 -0
- package/rules/iac/zm-k8s-cwe200-service-exposure.yaml +50 -0
- package/rules/iac/zm-k8s-cwe200-verbosity-high.yaml +80 -0
- package/rules/iac/zm-k8s-cwe250-capabilities.yaml +84 -0
- package/rules/iac/zm-k8s-cwe250-hostpath.yaml +66 -0
- package/rules/iac/zm-k8s-cwe285-rbac.yaml +130 -0
- package/rules/iac/zm-k8s-cwe312-secret.yaml +60 -0
- package/rules/iac/zm-k8s-cwe319-ingress-tls.yaml +75 -0
- package/rules/iac/zm-k8s-cwe400-replicas.yaml +38 -0
- package/rules/iac/zm-k8s-psp-missing.yaml +59 -0
- package/rules/iac/zm-k8s-securitycontext-hardening.yaml +116 -0
- package/rules/iac/zm-tf-cwe200-ecr-public.yaml +18 -0
- package/rules/iac/zm-tf-cwe284-sg-egress-any.yaml +32 -0
- package/rules/iac/zm-tf-cwe319-rds-public-snapshot.yaml +46 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-go-207.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-java-194.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-java-195.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-java-196.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-java-197.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-java-198.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-javascript-199.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-javascript-200.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-javascript-201.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-javascript-202.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-javascript-203.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-php-208.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-php-209.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-python-204.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-python-205.yaml +43 -0
- package/rules/nvd-generated/cwe_1336/cl-1336-python-206.yaml +43 -0
- package/rules/nvd-generated/cwe_20/cl-20-all-233.yaml +43 -0
- package/rules/nvd-generated/cwe_20/cl-20-java-227.yaml +43 -0
- package/rules/nvd-generated/cwe_20/cl-20-java-228.yaml +43 -0
- package/rules/nvd-generated/cwe_20/cl-20-javascript-229.yaml +43 -0
- package/rules/nvd-generated/cwe_20/cl-20-python-231.yaml +44 -0
- package/rules/nvd-generated/cwe_20/cl-20-python-232.yaml +43 -0
- package/rules/nvd-generated/cwe_200/cl-200-all-189.yaml +46 -0
- package/rules/nvd-generated/cwe_200/cl-200-all-190.yaml +45 -0
- package/rules/nvd-generated/cwe_200/cl-200-all-191.yaml +43 -0
- package/rules/nvd-generated/cwe_200/cl-200-all-192.yaml +43 -0
- package/rules/nvd-generated/cwe_200/cl-200-all-193.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-go-074.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-go-075.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-go-076.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-java-060.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-java-061.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-java-062.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-java-063.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-javascript-067.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-javascript-068.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-javascript-069.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-php-064.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-php-065.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-php-066.yaml +44 -0
- package/rules/nvd-generated/cwe_22/cl-22-python-071.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-python-072.yaml +43 -0
- package/rules/nvd-generated/cwe_22/cl-22-python-073.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-go-187.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-go-188.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-java-180.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-java-181.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-java-182.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-javascript-183.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-javascript-184.yaml +43 -0
- package/rules/nvd-generated/cwe_287/cl-287-python-185.yaml +44 -0
- package/rules/nvd-generated/cwe_287/cl-287-python-186.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-go-169.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-go-170.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-java-161.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-java-162.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-java-163.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-java-164.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-javascript-165.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-javascript-166.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-php-171.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-php-172.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-python-167.yaml +43 -0
- package/rules/nvd-generated/cwe_327/cl-327-python-168.yaml +43 -0
- package/rules/nvd-generated/cwe_346/cl-346-all-213.yaml +43 -0
- package/rules/nvd-generated/cwe_346/cl-346-all-214.yaml +43 -0
- package/rules/nvd-generated/cwe_346/cl-346-all-215.yaml +43 -0
- package/rules/nvd-generated/cwe_352/cl-352-java-153.yaml +43 -0
- package/rules/nvd-generated/cwe_352/cl-352-java-154.yaml +43 -0
- package/rules/nvd-generated/cwe_352/cl-352-javascript-156.yaml +44 -0
- package/rules/nvd-generated/cwe_352/cl-352-php-155.yaml +44 -0
- package/rules/nvd-generated/cwe_352/cl-352-python-157.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-go-140.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-java-130.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-java-131.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-java-132.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-javascript-138.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-javascript-139.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-php-133.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-php-134.yaml +44 -0
- package/rules/nvd-generated/cwe_434/cl-434-php-135.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-python-136.yaml +43 -0
- package/rules/nvd-generated/cwe_434/cl-434-python-137.yaml +43 -0
- package/rules/nvd-generated/cwe_501/cl-501-all-239.yaml +43 -0
- package/rules/nvd-generated/cwe_501/cl-501-all-240.yaml +43 -0
- package/rules/nvd-generated/cwe_501/cl-501-all-241.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-go-109.yaml +44 -0
- package/rules/nvd-generated/cwe_502/cl-502-go-110.yaml +44 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-092.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-093.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-094.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-095.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-096.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-097.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-098.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-java-099.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-javascript-106.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-javascript-107.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-javascript-108.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-php-100.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-php-101.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-php-102.yaml +44 -0
- package/rules/nvd-generated/cwe_502/cl-502-python-103.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-python-104.yaml +43 -0
- package/rules/nvd-generated/cwe_502/cl-502-python-105.yaml +43 -0
- package/rules/nvd-generated/cwe_532/cl-532-all-158.yaml +46 -0
- package/rules/nvd-generated/cwe_532/cl-532-all-159.yaml +45 -0
- package/rules/nvd-generated/cwe_532/cl-532-all-160.yaml +45 -0
- package/rules/nvd-generated/cwe_601/cl-601-go-178.yaml +43 -0
- package/rules/nvd-generated/cwe_601/cl-601-java-173.yaml +43 -0
- package/rules/nvd-generated/cwe_601/cl-601-javascript-174.yaml +43 -0
- package/rules/nvd-generated/cwe_601/cl-601-javascript-175.yaml +43 -0
- package/rules/nvd-generated/cwe_601/cl-601-php-179.yaml +43 -0
- package/rules/nvd-generated/cwe_601/cl-601-python-176.yaml +43 -0
- package/rules/nvd-generated/cwe_601/cl-601-python-177.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-go-123.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-java-111.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-java-112.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-java-113.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-java-114.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-java-115.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-javascript-121.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-javascript-122.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-php-116.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-php-117.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-python-118.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-python-119.yaml +43 -0
- package/rules/nvd-generated/cwe_611/cl-611-python-120.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-go-040.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-go-041.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-java-026.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-java-027.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-java-028.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-java-029.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-javascript-037.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-javascript-038.yaml +44 -0
- package/rules/nvd-generated/cwe_78/cl-78-javascript-039.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-php-030.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-php-031.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-php-032.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-php-033.yaml +44 -0
- package/rules/nvd-generated/cwe_78/cl-78-python-034.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-python-035.yaml +43 -0
- package/rules/nvd-generated/cwe_78/cl-78-python-036.yaml +46 -0
- package/rules/nvd-generated/cwe_79/cl-79-go-058.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-go-059.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-java-042.yaml +43 -0
- package/rules/nvd-generated/cwe_79/cl-79-java-043.yaml +43 -0
- package/rules/nvd-generated/cwe_79/cl-79-java-044.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-java-045.yaml +43 -0
- package/rules/nvd-generated/cwe_79/cl-79-javascript-049.yaml +45 -0
- package/rules/nvd-generated/cwe_79/cl-79-javascript-050.yaml +45 -0
- package/rules/nvd-generated/cwe_79/cl-79-javascript-051.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-javascript-052.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-javascript-053.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-javascript-054.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-javascript-055.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-php-046.yaml +43 -0
- package/rules/nvd-generated/cwe_79/cl-79-php-047.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-php-048.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-python-056.yaml +44 -0
- package/rules/nvd-generated/cwe_79/cl-79-python-057.yaml +44 -0
- package/rules/nvd-generated/cwe_798/cl-798-all-124.yaml +45 -0
- package/rules/nvd-generated/cwe_798/cl-798-all-125.yaml +43 -0
- package/rules/nvd-generated/cwe_798/cl-798-all-126.yaml +43 -0
- package/rules/nvd-generated/cwe_798/cl-798-all-127.yaml +43 -0
- package/rules/nvd-generated/cwe_798/cl-798-all-128.yaml +43 -0
- package/rules/nvd-generated/cwe_798/cl-798-all-129.yaml +43 -0
- package/rules/nvd-generated/cwe_862/cl-862-go-150.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-go-151.yaml +43 -0
- package/rules/nvd-generated/cwe_862/cl-862-java-141.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-java-142.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-java-143.yaml +43 -0
- package/rules/nvd-generated/cwe_862/cl-862-javascript-144.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-javascript-145.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-javascript-146.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-php-152.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-python-148.yaml +44 -0
- package/rules/nvd-generated/cwe_862/cl-862-python-149.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-go-023.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-go-024.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-go-025.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-001.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-002.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-003.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-004.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-005.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-006.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-007.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-java-008.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-javascript-018.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-javascript-019.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-javascript-020.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-javascript-021.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-javascript-022.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-php-009.yaml +44 -0
- package/rules/nvd-generated/cwe_89/cl-89-php-010.yaml +44 -0
- package/rules/nvd-generated/cwe_89/cl-89-php-011.yaml +44 -0
- package/rules/nvd-generated/cwe_89/cl-89-php-012.yaml +44 -0
- package/rules/nvd-generated/cwe_89/cl-89-php-013.yaml +44 -0
- package/rules/nvd-generated/cwe_89/cl-89-python-014.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-python-015.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-python-016.yaml +43 -0
- package/rules/nvd-generated/cwe_89/cl-89-python-017.yaml +43 -0
- package/rules/nvd-generated/cwe_915/cl-915-javascript-216.yaml +43 -0
- package/rules/nvd-generated/cwe_915/cl-915-javascript-217.yaml +43 -0
- package/rules/nvd-generated/cwe_915/cl-915-javascript-218.yaml +43 -0
- package/rules/nvd-generated/cwe_915/cl-915-javascript-219.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-go-088.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-go-089.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-java-077.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-java-078.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-java-079.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-java-080.yaml +44 -0
- package/rules/nvd-generated/cwe_918/cl-918-javascript-081.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-javascript-082.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-javascript-083.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-php-090.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-php-091.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-python-084.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-python-085.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-python-086.yaml +43 -0
- package/rules/nvd-generated/cwe_918/cl-918-python-087.yaml +43 -0
- package/rules/nvd-generated/cwe_943/cl-943-java-238.yaml +36 -0
- package/rules/nvd-generated/cwe_943/cl-943-javascript-234.yaml +36 -0
- package/rules/nvd-generated/cwe_943/cl-943-javascript-235.yaml +36 -0
- package/rules/nvd-generated/cwe_943/cl-943-javascript-236.yaml +36 -0
- package/rules/nvd-generated/cwe_943/cl-943-python-237.yaml +36 -0
- package/rules/quarantined/cwe-20/cl-20-all-233.yaml +43 -0
- package/rules/quarantined/cwe-20/cl-20-java-227.yaml +43 -0
- package/rules/quarantined/cwe-20/cl-20-java-228.yaml +43 -0
- package/rules/quarantined/cwe-20/cl-20-javascript-229.yaml +43 -0
- package/rules/quarantined/cwe-20/cl-20-python-231.yaml +44 -0
- package/rules/quarantined/cwe-20/cl-20-python-232.yaml +43 -0
- package/rules/quarantined/cwe-20/zm-js-cwe20-nextjs-api-routes.yaml +142 -0
- package/rules/quarantined/cwe-200/cl-200-all-189.yaml +46 -0
- package/rules/quarantined/cwe-200/cl-200-all-190.yaml +45 -0
- package/rules/quarantined/cwe-200/cl-200-all-191.yaml +43 -0
- package/rules/quarantined/cwe-200/cl-200-all-192.yaml +43 -0
- package/rules/quarantined/cwe-200/cl-200-all-193.yaml +43 -0
- package/rules/quarantined/cwe-200/cwe-200-sensitive-data-exposure.yaml +62 -0
- package/rules/quarantined/cwe-200/zm-go-cwe200-grpc-metadata.yaml +41 -0
- package/rules/quarantined/cwe-200/zm-java-cwe200-actuator-exposure.yaml +9 -0
- package/rules/quarantined/cwe-200/zm-java-cwe200-info-disclosure.yaml +92 -0
- package/rules/quarantined/cwe-200/zm-js-cwe200-info-disclosure.yaml +96 -0
- package/rules/quarantined/cwe-200/zm-k8s-cwe200-service-account.yaml +84 -0
- package/rules/quarantined/cwe-200/zm-k8s-cwe200-verbosity-high.yaml +81 -0
- package/rules/quarantined/cwe-200/zm-py-django-cwe200-cwe798-cwe352-01.yaml +81 -0
- package/rules/quarantined/cwe-200/zm-py-flask-cwe200-cwe326-01.yaml +58 -0
- package/rules/quarantined/cwe-200/zm-tf-cwe200-ecr-public.yaml +19 -0
- package/rules/quarantined/cwe-200/zm-tf-cwe200-s3-bucket-public.yaml +101 -0
- package/rules/quarantined/cwe-532/cl-532-all-158.yaml +46 -0
- package/rules/quarantined/cwe-532/cl-532-all-159.yaml +45 -0
- package/rules/quarantined/cwe-532/cl-532-all-160.yaml +45 -0
- package/rules/quarantined/cwe-862/cl-862-go-150.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-go-151.yaml +43 -0
- package/rules/quarantined/cwe-862/cl-862-java-141.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-java-142.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-java-143.yaml +43 -0
- package/rules/quarantined/cwe-862/cl-862-javascript-144.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-javascript-145.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-javascript-146.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-php-152.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-python-148.yaml +44 -0
- package/rules/quarantined/cwe-862/cl-862-python-149.yaml +43 -0
- package/rules/quarantined/cwe-862/cwe-862-missing-authorization.yaml +41 -0
- package/rules/quarantined/cwe-862/zm-java-cwe862-authz-depth.yaml +128 -0
- package/rules/quarantined/high-fp/cwe-22/zm-js-cwe22-path-traversal-fs.yaml +114 -0
- package/rules/quarantined/high-fp/cwe-22/zm-js-cwe22-pathtraversal.yaml +112 -0
- package/rules/quarantined/high-fp/cwe-287/zm-js-cwe287-aws-lambda-config.yaml +105 -0
- package/rules/quarantined/high-fp/cwe-501/zm-js-cwe501-graphql-injection.yaml +53 -0
- package/rules/quarantined/high-fp/cwe-502/zm-js-cwe502-deserialization-extended.yaml +98 -0
- package/rules/quarantined/high-fp/cwe-798/zm-ansible-cwe798-hardcoded-creds.yaml +94 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-go-207.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-java-194.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-java-195.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-java-196.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-java-197.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-java-198.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-javascript-199.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-javascript-200.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-javascript-201.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-javascript-202.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-javascript-203.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-php-208.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-php-209.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-python-204.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-python-205.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-1336/cl-1336-python-206.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-go-074.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-go-075.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-go-076.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-java-060.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-java-061.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-java-062.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-java-063.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-javascript-067.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-javascript-068.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-javascript-069.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-php-064.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-php-065.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-php-066.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-python-071.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-python-072.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-22/cl-22-python-073.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-go-187.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-go-188.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-java-180.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-java-181.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-java-182.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-javascript-183.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-javascript-184.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-python-185.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-287/cl-287-python-186.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-go-169.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-go-170.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-java-161.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-java-162.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-java-163.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-java-164.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-javascript-165.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-javascript-166.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-php-171.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-php-172.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-python-167.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-327/cl-327-python-168.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-346/cl-346-all-213.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-346/cl-346-all-214.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-346/cl-346-all-215.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-352/cl-352-java-153.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-352/cl-352-java-154.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-352/cl-352-javascript-156.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-352/cl-352-php-155.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-352/cl-352-python-157.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-go-140.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-java-130.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-java-131.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-java-132.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-javascript-138.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-javascript-139.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-php-133.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-php-134.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-php-135.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-python-136.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-434/cl-434-python-137.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-501/cl-501-all-239.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-501/cl-501-all-240.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-501/cl-501-all-241.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-go-109.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-go-110.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-092.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-093.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-094.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-095.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-096.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-097.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-098.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-java-099.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-javascript-106.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-javascript-107.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-javascript-108.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-php-100.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-php-101.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-php-102.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-python-103.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-python-104.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-502/cl-502-python-105.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-601/cl-601-go-178.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-601/cl-601-java-173.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-601/cl-601-javascript-174.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-601/cl-601-javascript-175.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-601/cl-601-php-179.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-601/cl-601-python-176.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-601/cl-601-python-177.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-go-123.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-java-111.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-java-112.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-java-113.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-java-114.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-java-115.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-javascript-121.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-javascript-122.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-php-116.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-php-117.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-python-118.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-python-119.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-611/cl-611-python-120.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-go-040.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-go-041.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-java-026.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-java-027.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-java-028.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-java-029.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-javascript-037.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-javascript-038.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-javascript-039.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-php-030.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-php-031.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-php-032.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-php-033.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-python-034.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-python-035.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-78/cl-78-python-036.yaml +53 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-go-058.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-go-059.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-java-042.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-java-043.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-java-044.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-java-045.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-javascript-049.yaml +52 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-javascript-050.yaml +52 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-javascript-051.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-javascript-052.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-javascript-053.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-javascript-054.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-javascript-055.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-php-046.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-php-047.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-php-048.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-python-056.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-79/cl-79-python-057.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-798/cl-798-all-124.yaml +52 -0
- package/rules/quarantined/nvd-generated/cwe-798/cl-798-all-125.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-798/cl-798-all-126.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-798/cl-798-all-127.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-798/cl-798-all-128.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-798/cl-798-all-129.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-go-023.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-go-024.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-go-025.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-001.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-002.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-003.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-004.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-005.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-006.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-007.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-java-008.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-javascript-018.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-javascript-019.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-javascript-020.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-javascript-021.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-javascript-022.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-php-009.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-php-010.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-php-011.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-php-012.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-php-013.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-python-014.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-python-015.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-python-016.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-89/cl-89-python-017.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-915/cl-915-javascript-216.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-915/cl-915-javascript-217.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-915/cl-915-javascript-218.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-915/cl-915-javascript-219.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-go-088.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-go-089.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-java-077.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-java-078.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-java-079.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-java-080.yaml +51 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-javascript-081.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-javascript-082.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-javascript-083.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-php-090.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-php-091.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-python-084.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-python-085.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-python-086.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-918/cl-918-python-087.yaml +50 -0
- package/rules/quarantined/nvd-generated/cwe-943/cl-943-java-238.yaml +43 -0
- package/rules/quarantined/nvd-generated/cwe-943/cl-943-javascript-234.yaml +43 -0
- package/rules/quarantined/nvd-generated/cwe-943/cl-943-javascript-235.yaml +43 -0
- package/rules/quarantined/nvd-generated/cwe-943/cl-943-javascript-236.yaml +43 -0
- package/rules/quarantined/nvd-generated/cwe-943/cl-943-python-237.yaml +43 -0
- package/rules/taint-upgraded/cwe-1336/zm-taint-1336-1336-java-196.yaml +35 -0
- package/rules/taint-upgraded/cwe-1336/zm-taint-1336-1336-java-197.yaml +35 -0
- package/rules/taint-upgraded/cwe-1336/zm-taint-1336-1336-javascript-201.yaml +34 -0
- package/rules/taint-upgraded/cwe-1336/zm-taint-1336-1336-javascript-202.yaml +34 -0
- package/rules/taint-upgraded/cwe-1336/zm-taint-1336-1336-javascript-203.yaml +34 -0
- package/rules/taint-upgraded/cwe-22/zm-taint-22-22-go-076.yaml +36 -0
- package/rules/taint-upgraded/cwe-22/zm-taint-22-22-java-061.yaml +40 -0
- package/rules/taint-upgraded/cwe-22/zm-taint-22-22-javascript-068.yaml +38 -0
- package/rules/taint-upgraded/cwe-22/zm-taint-22-22-javascript-069.yaml +38 -0
- package/rules/taint-upgraded/cwe-22/zm-taint-22-22-python-073.yaml +38 -0
- package/rules/taint-upgraded/cwe-287/zm-taint-287-287-go-188.yaml +30 -0
- package/rules/taint-upgraded/cwe-287/zm-taint-287-287-javascript-184.yaml +31 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-go-169.yaml +30 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-go-170.yaml +31 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-java-161.yaml +45 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-java-162.yaml +45 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-java-163.yaml +39 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-java-164.yaml +31 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-javascript-165.yaml +34 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-javascript-166.yaml +32 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-php-171.yaml +31 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-php-172.yaml +31 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-python-167.yaml +32 -0
- package/rules/taint-upgraded/cwe-327/zm-taint-327-327-python-168.yaml +34 -0
- package/rules/taint-upgraded/cwe-434/zm-taint-434-434-java-130.yaml +37 -0
- package/rules/taint-upgraded/cwe-434/zm-taint-434-434-java-131.yaml +37 -0
- package/rules/taint-upgraded/cwe-434/zm-taint-434-434-javascript-139.yaml +38 -0
- package/rules/taint-upgraded/cwe-434/zm-taint-434-434-python-136.yaml +35 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-go-109.yaml +32 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-go-110.yaml +32 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-java-092.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-java-093.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-java-094.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-java-095.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-java-097.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-java-098.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-java-099.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-javascript-107.yaml +33 -0
- package/rules/taint-upgraded/cwe-502/zm-taint-502-502-python-105.yaml +40 -0
- package/rules/taint-upgraded/cwe-601/zm-taint-601-601-go-178.yaml +34 -0
- package/rules/taint-upgraded/cwe-601/zm-taint-601-601-python-177.yaml +35 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-go-123.yaml +31 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-java-111.yaml +38 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-java-112.yaml +38 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-java-113.yaml +38 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-java-114.yaml +38 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-java-115.yaml +38 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-javascript-121.yaml +32 -0
- package/rules/taint-upgraded/cwe-611/zm-taint-611-611-javascript-122.yaml +32 -0
- package/rules/taint-upgraded/cwe-78/zm-taint-78-78-go-040.yaml +31 -0
- package/rules/taint-upgraded/cwe-78/zm-taint-78-78-go-041.yaml +31 -0
- package/rules/taint-upgraded/cwe-78/zm-taint-78-78-java-027.yaml +37 -0
- package/rules/taint-upgraded/cwe-78/zm-taint-78-78-java-028.yaml +37 -0
- package/rules/taint-upgraded/cwe-78/zm-taint-78-78-java-029.yaml +37 -0
- package/rules/taint-upgraded/cwe-78/zm-taint-78-78-python-034.yaml +40 -0
- package/rules/taint-upgraded/cwe-79/zm-taint-79-79-javascript-050.yaml +38 -0
- package/rules/taint-upgraded/cwe-79/zm-taint-79-79-javascript-054.yaml +38 -0
- package/rules/taint-upgraded/cwe-79/zm-taint-79-79-python-056.yaml +37 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-go-023.yaml +33 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-go-024.yaml +33 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-go-025.yaml +33 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-java-001.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-java-006.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-java-008.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-javascript-018.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-javascript-019.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-javascript-022.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-python-014.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-python-015.yaml +41 -0
- package/rules/taint-upgraded/cwe-89/zm-taint-89-89-python-017.yaml +41 -0
- package/rules/taint-upgraded/cwe-915/zm-taint-915-915-javascript-216.yaml +32 -0
- package/rules/taint-upgraded/cwe-915/zm-taint-915-915-javascript-217.yaml +33 -0
- package/rules/taint-upgraded/cwe-915/zm-taint-915-915-javascript-218.yaml +32 -0
- package/rules/taint-upgraded/cwe-915/zm-taint-915-915-javascript-219.yaml +35 -0
- package/rules/taint-upgraded/cwe-918/zm-taint-918-918-java-078.yaml +38 -0
- package/rules/taint-upgraded/cwe-918/zm-taint-918-918-java-079.yaml +38 -0
- package/rules/taint-upgraded/cwe-918/zm-taint-918-918-python-085.yaml +39 -0
- package/rules/taint-upgraded/cwe-943/zm-taint-943-943-java-238.yaml +31 -0
- package/rules/taint-upgraded/cwe-943/zm-taint-943-943-javascript-234.yaml +34 -0
- package/rules/taint-upgraded/cwe-943/zm-taint-943-943-javascript-235.yaml +34 -0
- package/rules/taint-upgraded/cwe-943/zm-taint-943-943-javascript-236.yaml +33 -0
- package/rules/taint-upgraded/cwe-943/zm-taint-943-943-python-237.yaml +32 -0
- package/rules/unified/cwe-117/zm-go-cwe117-log-injection.yaml +76 -0
- package/rules/unified/cwe-117/zm-java-cwe117-log-injection.yaml +84 -0
- package/rules/unified/cwe-117/zm-java-cwe117-logforging.yaml +154 -0
- package/rules/unified/cwe-117/zm-java-cwe117-smtp-header-injection.yaml +59 -0
- package/rules/unified/cwe-121/zm-cpp-cwe121-buffer-overflow.yaml +137 -0
- package/rules/unified/cwe-1321/zm-js-cwe1321-prototype-pollution.yaml +62 -0
- package/rules/unified/cwe-1336/zm-go-cwe1336-template-injection.yaml +39 -0
- package/rules/unified/cwe-1336/zm-taint-1336-1336-java-196.yaml +42 -0
- package/rules/unified/cwe-1336/zm-taint-1336-1336-java-197.yaml +42 -0
- package/rules/unified/cwe-1336/zm-taint-1336-1336-javascript-201.yaml +41 -0
- package/rules/unified/cwe-1336/zm-taint-1336-1336-javascript-202.yaml +41 -0
- package/rules/unified/cwe-1336/zm-taint-1336-1336-javascript-203.yaml +41 -0
- package/rules/unified/cwe-134/zm-cpp-cwe134-format-string.yaml +106 -0
- package/rules/unified/cwe-190/zm-cpp-cwe190-integer-overflow.yaml +93 -0
- package/rules/unified/cwe-20/zm-cpp-cwe20-input-validation.yaml +92 -0
- package/rules/unified/cwe-20/zm-js-cwe20-websocket-validation.yaml +25 -0
- package/rules/unified/cwe-20/zm-rust-cwe20-input-validation.yaml +124 -0
- package/rules/unified/cwe-200/zm-js-cwe200-nestjs-env.yaml +22 -0
- package/rules/unified/cwe-200/zm-py-cwe200-info-leak-redirect.yaml +77 -0
- package/rules/unified/cwe-22/cwe-22-path-traversal.yaml +48 -0
- package/rules/unified/cwe-22/zm-cs-cwe22-path-traversal.yaml +92 -0
- package/rules/unified/cwe-22/zm-go-cwe22-path-traversal-framework.yaml +48 -0
- package/rules/unified/cwe-22/zm-go-cwe22-path-traversal-fs.yaml +118 -0
- package/rules/unified/cwe-22/zm-go-cwe22-path-traversal.yaml +104 -0
- package/rules/unified/cwe-22/zm-java-cwe22-file-depth.yaml +136 -0
- package/rules/unified/cwe-22/zm-java-cwe22-file-unnormalized.yaml +58 -0
- package/rules/unified/cwe-22/zm-java-cwe22-path-traversal-spring.yaml +82 -0
- package/rules/unified/cwe-22/zm-java-file-cwe22-001.yaml +74 -0
- package/rules/unified/cwe-22/zm-js-cwe22-express-path-traversal.yaml +26 -0
- package/rules/unified/cwe-22/zm-js-cwe22-fs-path-traversal.yaml +28 -0
- package/rules/unified/cwe-22/zm-py-cwe22-flask-sendfile.yaml +45 -0
- package/rules/unified/cwe-22/zm-py-cwe22-path-traversal.yaml +87 -0
- package/rules/unified/cwe-22/zm-rust-cwe22-path-traversal.yaml +134 -0
- package/rules/unified/cwe-22/zm-taint-22-22-go-076.yaml +43 -0
- package/rules/unified/cwe-22/zm-taint-22-22-java-061.yaml +47 -0
- package/rules/unified/cwe-22/zm-taint-22-22-javascript-068.yaml +45 -0
- package/rules/unified/cwe-22/zm-taint-22-22-javascript-069.yaml +45 -0
- package/rules/unified/cwe-22/zm-taint-22-22-python-073.yaml +45 -0
- package/rules/unified/cwe-250/zm-docker-cwe250-root-user.yaml +51 -0
- package/rules/unified/cwe-250/zm-java-cwe250-preauth-missing.yaml +69 -0
- package/rules/unified/cwe-250/zm-k8s-cwe250-privileged.yaml +57 -0
- package/rules/unified/cwe-265/zm-py-fastapi-cwe265-cwe284-01.yaml +49 -0
- package/rules/unified/cwe-269/zm-ansible-cwe269-privilege-escalation.yaml +76 -0
- package/rules/unified/cwe-269/zm-java-cwe269-requestdumper-valve.yaml +55 -0
- package/rules/unified/cwe-284/zm-java-cwe284-missing-auth-spring.yaml +132 -0
- package/rules/unified/cwe-284/zm-java-cwe284-permitall-overauth.yaml +57 -0
- package/rules/unified/cwe-284/zm-java-cwe284-tomcat-ajp.yaml +57 -0
- package/rules/unified/cwe-284/zm-java-springsec-cwe284-001.yaml +110 -0
- package/rules/unified/cwe-284/zm-tf-cwe284-sg-egress-any.yaml +33 -0
- package/rules/unified/cwe-284/zm-tf-cwe284-sg-wide-open.yaml +89 -0
- package/rules/unified/cwe-287/zm-java-oauth-cwe287-001.yaml +137 -0
- package/rules/unified/cwe-287/zm-js-cwe287-jwt-no-algorithms.yaml +26 -0
- package/rules/unified/cwe-287/zm-taint-287-287-go-188.yaml +37 -0
- package/rules/unified/cwe-287/zm-taint-287-287-javascript-184.yaml +38 -0
- package/rules/unified/cwe-295/cwe-295-ssl-bypass.yaml +218 -0
- package/rules/unified/cwe-295/cwe-295-ssl-verification-disabled.yaml +65 -0
- package/rules/unified/cwe-295/zm-cs-cwe295-cert-validation.yaml +67 -0
- package/rules/unified/cwe-295/zm-py-aiohttp-cwe295-cwe770-01.yaml +61 -0
- package/rules/unified/cwe-306/cwe-306-missing-authentication.yaml +45 -0
- package/rules/unified/cwe-306/zm-java-cwe306-actuator-exposure.yaml +53 -0
- package/rules/unified/cwe-306/zm-java-cwe306-cloud-config-server.yaml +56 -0
- package/rules/unified/cwe-306/zm-java-cwe306-rabbitmq-no-auth.yaml +58 -0
- package/rules/unified/cwe-306/zm-py-cwe306-flask-login.yaml +38 -0
- package/rules/unified/cwe-307/zm-go-cwe307-brute-force.yaml +130 -0
- package/rules/unified/cwe-307/zm-js-cwe307-brute-force.yaml +137 -0
- package/rules/unified/cwe-311/zm-docker-cwe311-secrets-in-build-arg.yaml +65 -0
- package/rules/unified/cwe-311/zm-java-cwe311-cookie-flags.yaml +94 -0
- package/rules/unified/cwe-311/zm-tf-cwe311-iam-wildcard.yaml +84 -0
- package/rules/unified/cwe-312/zm-js-cwe312-localstorage-jwt.yaml +32 -0
- package/rules/unified/cwe-319/zm-go-cwe319-grpc-notls.yaml +119 -0
- package/rules/unified/cwe-319/zm-tf-cwe319-rds-public-snapshot.yaml +47 -0
- package/rules/unified/cwe-319/zm-tf-cwe319-rds-public.yaml +73 -0
- package/rules/unified/cwe-326/cwe-326-weak-key-size.yaml +108 -0
- package/rules/unified/cwe-326/zm-go-cwe326-hmac-iv-nonce.yaml +73 -0
- package/rules/unified/cwe-326/zm-go-cwe326-weak-crypto.yaml +125 -0
- package/rules/unified/cwe-327/cwe-327-weak-crypto.yaml +178 -0
- package/rules/unified/cwe-327/zm-cpp-cwe327-weak-crypto.yaml +106 -0
- package/rules/unified/cwe-327/zm-cs-cwe327-weak-crypto.yaml +89 -0
- package/rules/unified/cwe-327/zm-go-cwe327-weak-cipher.yaml +153 -0
- package/rules/unified/cwe-327/zm-java-crypto-cwe327-001.yaml +104 -0
- package/rules/unified/cwe-327/zm-java-cwe327-ecb-weak-key-iv.yaml +87 -0
- package/rules/unified/cwe-327/zm-java-cwe327-weakcrypto.yaml +198 -0
- package/rules/unified/cwe-327/zm-js-cwe327-weak-cipher-des.yaml +30 -0
- package/rules/unified/cwe-327/zm-js-cwe327-weak-hash-md5.yaml +23 -0
- package/rules/unified/cwe-327/zm-php-cwe327-weak-hash.yaml +89 -0
- package/rules/unified/cwe-327/zm-py-crypto-cwe327-01.yaml +34 -0
- package/rules/unified/cwe-327/zm-py-cwe327-weak-crypto.yaml +104 -0
- package/rules/unified/cwe-327/zm-rust-cwe327-weak-crypto.yaml +124 -0
- package/rules/unified/cwe-327/zm-taint-327-327-go-169.yaml +37 -0
- package/rules/unified/cwe-327/zm-taint-327-327-go-170.yaml +38 -0
- package/rules/unified/cwe-327/zm-taint-327-327-java-161.yaml +52 -0
- package/rules/unified/cwe-327/zm-taint-327-327-java-162.yaml +52 -0
- package/rules/unified/cwe-327/zm-taint-327-327-java-163.yaml +46 -0
- package/rules/unified/cwe-327/zm-taint-327-327-java-164.yaml +38 -0
- package/rules/unified/cwe-327/zm-taint-327-327-javascript-165.yaml +41 -0
- package/rules/unified/cwe-327/zm-taint-327-327-javascript-166.yaml +39 -0
- package/rules/unified/cwe-327/zm-taint-327-327-php-171.yaml +38 -0
- package/rules/unified/cwe-327/zm-taint-327-327-php-172.yaml +38 -0
- package/rules/unified/cwe-327/zm-taint-327-327-python-167.yaml +39 -0
- package/rules/unified/cwe-327/zm-taint-327-327-python-168.yaml +41 -0
- package/rules/unified/cwe-328/cwe-328-weak-hash.yaml +97 -0
- package/rules/unified/cwe-329/cwe-329-cbc-mode.yaml +27 -0
- package/rules/unified/cwe-338/zm-go-cwe338-weak-prng.yaml +118 -0
- package/rules/unified/cwe-338/zm-java-cwe338-weakrandom.yaml +60 -0
- package/rules/unified/cwe-345/zm-js-cwe345-postmessage.yaml +76 -0
- package/rules/unified/cwe-345/zm-js-cwe345-websocket-security.yaml +91 -0
- package/rules/unified/cwe-347/zm-go-cwe347-jwt.yaml +148 -0
- package/rules/unified/cwe-347/zm-java-cwe347-jwt-deep.yaml +83 -0
- package/rules/unified/cwe-347/zm-java-cwe347-jwt.yaml +31 -0
- package/rules/unified/cwe-347/zm-js-cwe347-jwt-weak.yaml +101 -0
- package/rules/unified/cwe-352/cwe-352-csrf.yaml +27 -0
- package/rules/unified/cwe-352/zm-cs-cwe352-csrf.yaml +86 -0
- package/rules/unified/cwe-352/zm-java-cwe352-csrf-deep.yaml +52 -0
- package/rules/unified/cwe-352/zm-java-cwe352-csrf-depth.yaml +122 -0
- package/rules/unified/cwe-352/zm-java-cwe352-csrf-disabled.yaml +24 -0
- package/rules/unified/cwe-352/zm-js-cwe352-csrf.yaml +56 -0
- package/rules/unified/cwe-352/zm-py-cwe352-django-csrf.yaml +74 -0
- package/rules/unified/cwe-362/zm-java-cwe362-simpledateformat.yaml +57 -0
- package/rules/unified/cwe-377/zm-py-cwe377-race-condition.yaml +58 -0
- package/rules/unified/cwe-384/zm-go-cwe384-session-fixation.yaml +129 -0
- package/rules/unified/cwe-384/zm-java-cwe384-session-fixation.yaml +88 -0
- package/rules/unified/cwe-384/zm-js-cwe384-session-fixation.yaml +133 -0
- package/rules/unified/cwe-400/zm-docker-cwe400-resource-limit.yaml +105 -0
- package/rules/unified/cwe-400/zm-py-cwe400-multipart-dos.yaml +65 -0
- package/rules/unified/cwe-415/zm-cpp-cwe415-double-free.yaml +92 -0
- package/rules/unified/cwe-416/zm-cpp-cwe416-use-after-free.yaml +81 -0
- package/rules/unified/cwe-416/zm-rust-cwe416-unsafe.yaml +150 -0
- package/rules/unified/cwe-434/cwe-434-unrestricted-file-upload.yaml +42 -0
- package/rules/unified/cwe-434/zm-php-cwe434-file-upload.yaml +99 -0
- package/rules/unified/cwe-434/zm-py-cwe434-django-fileupload.yaml +100 -0
- package/rules/unified/cwe-434/zm-taint-434-434-java-130.yaml +44 -0
- package/rules/unified/cwe-434/zm-taint-434-434-java-131.yaml +44 -0
- package/rules/unified/cwe-434/zm-taint-434-434-javascript-139.yaml +45 -0
- package/rules/unified/cwe-434/zm-taint-434-434-python-136.yaml +42 -0
- package/rules/unified/cwe-470/zm-java-cwe470-reflection.yaml +79 -0
- package/rules/unified/cwe-476/zm-cpp-cwe476-null-dereference.yaml +89 -0
- package/rules/unified/cwe-501/zm-java-cwe501-trust-boundary.yaml +125 -0
- package/rules/unified/cwe-502/cwe-502-insecure-deserialization.yaml +45 -0
- package/rules/unified/cwe-502/zm-cs-cwe502-deserialization.yaml +92 -0
- package/rules/unified/cwe-502/zm-go-cwe502-deserialization.yaml +121 -0
- package/rules/unified/cwe-502/zm-java-cwe502-deserial-depth.yaml +129 -0
- package/rules/unified/cwe-502/zm-java-cwe502-dubbo-deserial.yaml +59 -0
- package/rules/unified/cwe-502/zm-java-cwe502-fastjson.yaml +138 -0
- package/rules/unified/cwe-502/zm-java-cwe502-gadget.yaml +159 -0
- package/rules/unified/cwe-502/zm-java-cwe502-hessian-deep.yaml +68 -0
- package/rules/unified/cwe-502/zm-java-cwe502-jackson-defaulttyping.yaml +60 -0
- package/rules/unified/cwe-502/zm-java-cwe502-jndi-injection.yaml +92 -0
- package/rules/unified/cwe-502/zm-java-cwe502-kryo-deep.yaml +65 -0
- package/rules/unified/cwe-502/zm-java-cwe502-log4j-jndi.yaml +67 -0
- package/rules/unified/cwe-502/zm-java-cwe502-shiro.yaml +109 -0
- package/rules/unified/cwe-502/zm-java-cwe502-snakeyaml-load.yaml +56 -0
- package/rules/unified/cwe-502/zm-java-cwe502-xstream-nosecurity.yaml +65 -0
- package/rules/unified/cwe-502/zm-java-deserial-cwe502-001.yaml +73 -0
- package/rules/unified/cwe-502/zm-java-jndi-cwe502-001.yaml +108 -0
- package/rules/unified/cwe-502/zm-java-xstream-cwe502-001.yaml +74 -0
- package/rules/unified/cwe-502/zm-js-cwe502-deserialization.yaml +120 -0
- package/rules/unified/cwe-502/zm-php-cwe502-unserialize.yaml +94 -0
- package/rules/unified/cwe-502/zm-py-cwe502-deser-advanced.yaml +130 -0
- package/rules/unified/cwe-502/zm-py-cwe502-pickle.yaml +93 -0
- package/rules/unified/cwe-502/zm-py-deser-cwe502-01.yaml +67 -0
- package/rules/unified/cwe-502/zm-taint-502-502-go-109.yaml +39 -0
- package/rules/unified/cwe-502/zm-taint-502-502-go-110.yaml +39 -0
- package/rules/unified/cwe-502/zm-taint-502-502-java-092.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-java-093.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-java-094.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-java-095.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-java-097.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-java-098.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-java-099.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-javascript-107.yaml +40 -0
- package/rules/unified/cwe-502/zm-taint-502-502-python-105.yaml +47 -0
- package/rules/unified/cwe-506/zm-js-cwe506-npm-supply-chain.yaml +20 -0
- package/rules/unified/cwe-532/zm-java-cwe532-printstack-info-leak.yaml +56 -0
- package/rules/unified/cwe-601/cwe-601-url-redirect.yaml +111 -0
- package/rules/unified/cwe-601/zm-cs-cwe601-url-redirect.yaml +61 -0
- package/rules/unified/cwe-601/zm-go-cwe601-open-redirect.yaml +40 -0
- package/rules/unified/cwe-601/zm-java-cwe601-modelandview-redirect.yaml +70 -0
- package/rules/unified/cwe-601/zm-js-cwe601-express-redirect.yaml +28 -0
- package/rules/unified/cwe-601/zm-js-cwe601-fastify-redirect.yaml +25 -0
- package/rules/unified/cwe-601/zm-php-cwe601-open-redirect.yaml +107 -0
- package/rules/unified/cwe-601/zm-taint-601-601-go-178.yaml +41 -0
- package/rules/unified/cwe-601/zm-taint-601-601-python-177.yaml +42 -0
- package/rules/unified/cwe-611/cwe-611-xxe.yaml +71 -0
- package/rules/unified/cwe-611/zm-cs-cwe611-xxe.yaml +87 -0
- package/rules/unified/cwe-611/zm-java-cwe611-xxe-enhanced.yaml +81 -0
- package/rules/unified/cwe-611/zm-java-cwe611-xxe-transformer.yaml +86 -0
- package/rules/unified/cwe-611/zm-java-xxe-cwe611-003.yaml +106 -0
- package/rules/unified/cwe-611/zm-js-cwe611-xxe.yaml +109 -0
- package/rules/unified/cwe-611/zm-py-cwe611-xxe-advanced.yaml +70 -0
- package/rules/unified/cwe-611/zm-py-cwe611-xxe.yaml +101 -0
- package/rules/unified/cwe-611/zm-taint-611-611-go-123.yaml +38 -0
- package/rules/unified/cwe-611/zm-taint-611-611-java-111.yaml +45 -0
- package/rules/unified/cwe-611/zm-taint-611-611-java-112.yaml +45 -0
- package/rules/unified/cwe-611/zm-taint-611-611-java-113.yaml +45 -0
- package/rules/unified/cwe-611/zm-taint-611-611-java-114.yaml +45 -0
- package/rules/unified/cwe-611/zm-taint-611-611-java-115.yaml +45 -0
- package/rules/unified/cwe-611/zm-taint-611-611-javascript-121.yaml +39 -0
- package/rules/unified/cwe-611/zm-taint-611-611-javascript-122.yaml +39 -0
- package/rules/unified/cwe-639/zm-java-cwe639-idor.yaml +124 -0
- package/rules/unified/cwe-639/zm-js-cwe639-idor.yaml +123 -0
- package/rules/unified/cwe-643/zm-java-cwe643-xpath-injection.yaml +56 -0
- package/rules/unified/cwe-676/zm-cpp-cwe676-dangerous-function.yaml +86 -0
- package/rules/unified/cwe-693/zm-go-cwe693-gin-middleware.yaml +49 -0
- package/rules/unified/cwe-693/zm-go-cwe693-security-headers.yaml +133 -0
- package/rules/unified/cwe-693/zm-js-cwe693-helmet-missing.yaml +57 -0
- package/rules/unified/cwe-732/cwe-732-incorrect-permission.yaml +50 -0
- package/rules/unified/cwe-74/zm-java-cwe74-host-header-injection.yaml +64 -0
- package/rules/unified/cwe-770/cwe-770-resource-exhaustion.yaml +45 -0
- package/rules/unified/cwe-770/zm-go-cwe770-redos.yaml +79 -0
- package/rules/unified/cwe-770/zm-js-cwe770-nestjs-validator.yaml +27 -0
- package/rules/unified/cwe-78/cwe-78-os-command-injection.yaml +44 -0
- package/rules/unified/cwe-78/zm-ansible-cwe78-command-injection.yaml +68 -0
- package/rules/unified/cwe-78/zm-cpp-cwe78-command-injection.yaml +86 -0
- package/rules/unified/cwe-78/zm-cs-cwe78-command-injection.yaml +94 -0
- package/rules/unified/cwe-78/zm-go-cwe78-command-injection.yaml +96 -0
- package/rules/unified/cwe-78/zm-go-cwe78-osci-advanced.yaml +39 -0
- package/rules/unified/cwe-78/zm-java-rce-cwe78-001.yaml +99 -0
- package/rules/unified/cwe-78/zm-js-cwe78-exec.yaml +38 -0
- package/rules/unified/cwe-78/zm-js-cwe78-execsync-injection.yaml +26 -0
- package/rules/unified/cwe-78/zm-js-cwe78-spawn.yaml +38 -0
- package/rules/unified/cwe-78/zm-php-cwe78-cmdinj.yaml +222 -0
- package/rules/unified/cwe-78/zm-py-cwe78-command-injection.yaml +122 -0
- package/rules/unified/cwe-78/zm-py-cwe78-osci-advanced.yaml +77 -0
- package/rules/unified/cwe-78/zm-rust-cwe78-cmdinj.yaml +103 -0
- package/rules/unified/cwe-78/zm-taint-78-78-go-040.yaml +38 -0
- package/rules/unified/cwe-78/zm-taint-78-78-go-041.yaml +38 -0
- package/rules/unified/cwe-78/zm-taint-78-78-java-027.yaml +44 -0
- package/rules/unified/cwe-78/zm-taint-78-78-java-028.yaml +44 -0
- package/rules/unified/cwe-78/zm-taint-78-78-java-029.yaml +44 -0
- package/rules/unified/cwe-78/zm-taint-78-78-python-034.yaml +47 -0
- package/rules/unified/cwe-787/cwe-787-out-of-bounds-write.yaml +38 -0
- package/rules/unified/cwe-79/cwe-79-xss.yaml +52 -0
- package/rules/unified/cwe-79/zm-cs-cwe79-xss.yaml +84 -0
- package/rules/unified/cwe-79/zm-go-cwe79-framework-xss.yaml +134 -0
- package/rules/unified/cwe-79/zm-go-cwe79-mail-injection.yaml +68 -0
- package/rules/unified/cwe-79/zm-go-cwe79-xss.yaml +105 -0
- package/rules/unified/cwe-79/zm-java-cwe79-xss-depth.yaml +99 -0
- package/rules/unified/cwe-79/zm-js-cwe79-angular-bypass.yaml +24 -0
- package/rules/unified/cwe-79/zm-js-cwe79-domxss.yaml +85 -0
- package/rules/unified/cwe-79/zm-js-cwe79-electron-security.yaml +36 -0
- package/rules/unified/cwe-79/zm-js-cwe79-react-dangerously.yaml +23 -0
- package/rules/unified/cwe-79/zm-js-cwe79-react-xss-deep.yaml +35 -0
- package/rules/unified/cwe-79/zm-js-cwe79-react-xss.yaml +19 -0
- package/rules/unified/cwe-79/zm-js-cwe79-vue-vhtml.yaml +25 -0
- package/rules/unified/cwe-79/zm-js-cwe79-xss-ejs.yaml +71 -0
- package/rules/unified/cwe-79/zm-php-cwe79-xss.yaml +222 -0
- package/rules/unified/cwe-79/zm-py-cwe79-django-flask-xss.yaml +97 -0
- package/rules/unified/cwe-79/zm-py-cwe79-host-header-injection.yaml +43 -0
- package/rules/unified/cwe-79/zm-py-cwe79-xss.yaml +124 -0
- package/rules/unified/cwe-79/zm-taint-79-79-javascript-050.yaml +45 -0
- package/rules/unified/cwe-79/zm-taint-79-79-javascript-054.yaml +45 -0
- package/rules/unified/cwe-79/zm-taint-79-79-python-056.yaml +44 -0
- package/rules/unified/cwe-798/zm-cs-cwe798-hardcoded-creds.yaml +107 -0
- package/rules/unified/cwe-798/zm-go-cwe798-hardcoded-creds.yaml +154 -0
- package/rules/unified/cwe-798/zm-py-cwe798-framework-creds.yaml +160 -0
- package/rules/unified/cwe-798/zm-py-cwe798-hardcoded-creds.yaml +87 -0
- package/rules/unified/cwe-798/zm-rust-cwe798-hardcoded-creds.yaml +128 -0
- package/rules/unified/cwe-798/zm-tf-cwe798-hardcoded-creds.yaml +103 -0
- package/rules/unified/cwe-862/zm-js-cwe862-nestjs-skip-auth.yaml +24 -0
- package/rules/unified/cwe-89/cwe-89-sqli.yaml +90 -0
- package/rules/unified/cwe-89/zm-cs-cwe89-sql-injection.yaml +95 -0
- package/rules/unified/cwe-89/zm-go-cwe89-framework-sqli.yaml +154 -0
- package/rules/unified/cwe-89/zm-go-cwe89-gorm-sqli.yaml +105 -0
- package/rules/unified/cwe-89/zm-go-cwe89-sqli.yaml +90 -0
- package/rules/unified/cwe-89/zm-java-cwe89-jpa-query-concat.yaml +56 -0
- package/rules/unified/cwe-89/zm-java-hql-cwe89-001.yaml +73 -0
- package/rules/unified/cwe-89/zm-js-cwe89-koa-sqli.yaml +29 -0
- package/rules/unified/cwe-89/zm-js-cwe89-nestjs-typeorm.yaml +34 -0
- package/rules/unified/cwe-89/zm-js-cwe89-prisma-typeorm.yaml +140 -0
- package/rules/unified/cwe-89/zm-js-cwe89-prisma-unsafe.yaml +24 -0
- package/rules/unified/cwe-89/zm-js-cwe89-sequelize-literal.yaml +26 -0
- package/rules/unified/cwe-89/zm-js-cwe89-sqli.yaml +154 -0
- package/rules/unified/cwe-89/zm-php-cwe89-sqli.yaml +185 -0
- package/rules/unified/cwe-89/zm-py-cwe89-django-sqli.yaml +75 -0
- package/rules/unified/cwe-89/zm-py-cwe89-injection-misc.yaml +94 -0
- package/rules/unified/cwe-89/zm-py-cwe89-sqli.yaml +60 -0
- package/rules/unified/cwe-89/zm-py-sqlalchemy-cwe89-01.yaml +66 -0
- package/rules/unified/cwe-89/zm-rust-cwe89-sqli.yaml +149 -0
- package/rules/unified/cwe-89/zm-taint-89-89-go-023.yaml +40 -0
- package/rules/unified/cwe-89/zm-taint-89-89-go-024.yaml +40 -0
- package/rules/unified/cwe-89/zm-taint-89-89-go-025.yaml +40 -0
- package/rules/unified/cwe-89/zm-taint-89-89-java-001.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-java-006.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-java-008.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-javascript-018.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-javascript-019.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-javascript-022.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-python-014.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-python-015.yaml +48 -0
- package/rules/unified/cwe-89/zm-taint-89-89-python-017.yaml +48 -0
- package/rules/unified/cwe-90/zm-java-cwe90-ldap-injection.yaml +54 -0
- package/rules/unified/cwe-915/zm-go-cwe915-reflect-injection.yaml +70 -0
- package/rules/unified/cwe-915/zm-java-cwe915-mass-assignment.yaml +17 -0
- package/rules/unified/cwe-915/zm-js-cwe915-mass-assignment.yaml +112 -0
- package/rules/unified/cwe-915/zm-js-cwe915-prototype-pollution.yaml +31 -0
- package/rules/unified/cwe-915/zm-php-cwe915-mass-assignment.yaml +127 -0
- package/rules/unified/cwe-915/zm-taint-915-915-javascript-216.yaml +39 -0
- package/rules/unified/cwe-915/zm-taint-915-915-javascript-217.yaml +40 -0
- package/rules/unified/cwe-915/zm-taint-915-915-javascript-218.yaml +39 -0
- package/rules/unified/cwe-915/zm-taint-915-915-javascript-219.yaml +42 -0
- package/rules/unified/cwe-917/zm-java-cwe917-expression-injection.yaml +121 -0
- package/rules/unified/cwe-918/cwe-918-ssrf.yaml +46 -0
- package/rules/unified/cwe-918/zm-cs-cwe918-ssrf.yaml +96 -0
- package/rules/unified/cwe-918/zm-go-cwe918-ssrf.yaml +118 -0
- package/rules/unified/cwe-918/zm-java-cwe918-jsoup-ssrf.yaml +56 -0
- package/rules/unified/cwe-918/zm-java-cwe918-okhttp-full.yaml +63 -0
- package/rules/unified/cwe-918/zm-java-cwe918-resttemplate.yaml +68 -0
- package/rules/unified/cwe-918/zm-java-cwe918-rt-getforentity.yaml +49 -0
- package/rules/unified/cwe-918/zm-java-cwe918-ssrf-depth.yaml +104 -0
- package/rules/unified/cwe-918/zm-java-cwe918-ssrf-resttemplate.yaml +78 -0
- package/rules/unified/cwe-918/zm-java-cwe918-url-openconnection.yaml +58 -0
- package/rules/unified/cwe-918/zm-java-cwe918-webclient-ssrf.yaml +60 -0
- package/rules/unified/cwe-918/zm-java-cwe918-webclient.yaml +45 -0
- package/rules/unified/cwe-918/zm-js-cwe918-http-ssrf-concat.yaml +28 -0
- package/rules/unified/cwe-918/zm-js-cwe918-nextjs-ssrf.yaml +46 -0
- package/rules/unified/cwe-918/zm-js-cwe918-ssrf-fetch.yaml +135 -0
- package/rules/unified/cwe-918/zm-js-cwe918-ssrf.yaml +133 -0
- package/rules/unified/cwe-918/zm-php-cwe918-ssrf.yaml +144 -0
- package/rules/unified/cwe-918/zm-py-cwe918-flask-ssrf.yaml +40 -0
- package/rules/unified/cwe-918/zm-py-cwe918-ssrf-advanced.yaml +105 -0
- package/rules/unified/cwe-918/zm-py-cwe918-ssrf.yaml +124 -0
- package/rules/unified/cwe-918/zm-taint-918-918-java-078.yaml +45 -0
- package/rules/unified/cwe-918/zm-taint-918-918-java-079.yaml +45 -0
- package/rules/unified/cwe-918/zm-taint-918-918-python-085.yaml +46 -0
- package/rules/unified/cwe-94/cwe-94-code-injection.yaml +60 -0
- package/rules/unified/cwe-94/zm-java-cwe94-ognl.yaml +67 -0
- package/rules/unified/cwe-94/zm-java-cwe94-spel-injection.yaml +86 -0
- package/rules/unified/cwe-94/zm-java-cwe94-spel.yaml +113 -0
- package/rules/unified/cwe-94/zm-java-cwe94-ssti.yaml +23 -0
- package/rules/unified/cwe-94/zm-java-cwe94-value-spel.yaml +56 -0
- package/rules/unified/cwe-94/zm-java-expression-cwe94-001.yaml +111 -0
- package/rules/unified/cwe-94/zm-js-cwe94-template-injection.yaml +131 -0
- package/rules/unified/cwe-94/zm-php-cwe94-code-injection.yaml +129 -0
- package/rules/unified/cwe-94/zm-py-cwe94-ssti.yaml +88 -0
- package/rules/unified/cwe-942/zm-java-cwe942-cors-wildcard.yaml +63 -0
- package/rules/unified/cwe-942/zm-java-cwe942-cors.yaml +16 -0
- package/rules/unified/cwe-942/zm-js-cwe942-cors.yaml +50 -0
- package/rules/unified/cwe-942/zm-js-cwe942-express-cors.yaml +25 -0
- package/rules/unified/cwe-943/zm-go-cwe943-nosql-injection.yaml +89 -0
- package/rules/unified/cwe-943/zm-js-cwe943-mongoose-nosqli.yaml +29 -0
- package/rules/unified/cwe-943/zm-js-cwe943-nosql-injection.yaml +53 -0
- package/rules/unified/cwe-943/zm-py-cwe943-nosql-injection.yaml +124 -0
- package/rules/unified/cwe-943/zm-taint-943-943-java-238.yaml +38 -0
- package/rules/unified/cwe-943/zm-taint-943-943-javascript-234.yaml +41 -0
- package/rules/unified/cwe-943/zm-taint-943-943-javascript-235.yaml +41 -0
- package/rules/unified/cwe-943/zm-taint-943-943-javascript-236.yaml +40 -0
- package/rules/unified/cwe-943/zm-taint-943-943-python-237.yaml +39 -0
- package/rules/unified/cwe-95/zm-js-cwe95-eval.yaml +60 -0
- package/rules/unified/cwe-95/zm-js-cwe95-function-ctor.yaml +32 -0
- package/rules/unified/cwe-98/zm-php-cwe98-file-include.yaml +142 -0
- package/rules/unified/cwe-unknown/zm-docker-security.yaml +105 -0
- package/rules/unified/cwe-unknown/zm-go-cwe-unknown-misc.yaml +152 -0
- package/rules/unified/cwe-unknown/zm-k8s-security.yaml +80 -0
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-22-22-python-071.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.258Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-22-PYTHON-071 | CWE: CWE-22 | Lang: python
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 3507 | KEV: 25 | Exploit: 116
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-22-22-python-071
|
|
10
|
+
metadata:
|
|
11
|
+
category: A01:2021-Broken Access Control
|
|
12
|
+
cwe: "CWE-22: Path Traversal"
|
|
13
|
+
cve: "CVE-2019-16278, CVE-2019-5418, CVE-2024-32113, CVE-2024-23897, CVE-2021-41277, CVE-2021-20124, CVE-2021-20123, CVE-2026-34909"
|
|
14
|
+
likelihood: MEDIUM
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-16278
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-5418
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2024-32113
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2024-23897
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-41277
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/22.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到路径遍历风险。用户输入被用于文件路径构造,可能访问任意文件。
|
|
29
|
+
修复: 对用户输入做路径规范化和白名单校验,禁止..和绝对路径。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- python
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern: send_from_directory(...)
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-22-PYTHON-071
|
|
41
|
+
# cwe: CWE-22 | language: python
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 7 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-22-22-python-072.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.258Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-22-PYTHON-072 | CWE: CWE-22 | Lang: python
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 3507 | KEV: 25 | Exploit: 116
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-22-22-python-072
|
|
10
|
+
metadata:
|
|
11
|
+
category: A01:2021-Broken Access Control
|
|
12
|
+
cwe: "CWE-22: Path Traversal"
|
|
13
|
+
cve: "CVE-2019-16278, CVE-2019-5418, CVE-2024-32113, CVE-2024-23897, CVE-2021-41277, CVE-2021-20124, CVE-2021-20123, CVE-2026-34909"
|
|
14
|
+
likelihood: MEDIUM
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-16278
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-5418
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2024-32113
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2024-23897
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-41277
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/22.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到路径遍历风险。用户输入被用于文件路径构造,可能访问任意文件。
|
|
29
|
+
修复: 对用户输入做路径规范化和白名单校验,禁止..和绝对路径。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- python
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern: FileResponse(...)
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-22-PYTHON-072
|
|
41
|
+
# cwe: CWE-22 | language: python
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 7 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-22-22-python-073.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.258Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-22-PYTHON-073 | CWE: CWE-22 | Lang: python
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 3507 | KEV: 25 | Exploit: 116
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-22-22-python-073
|
|
10
|
+
metadata:
|
|
11
|
+
category: A01:2021-Broken Access Control
|
|
12
|
+
cwe: "CWE-22: Path Traversal"
|
|
13
|
+
cve: "CVE-2019-16278, CVE-2019-5418, CVE-2024-32113, CVE-2024-23897, CVE-2021-41277, CVE-2021-20124, CVE-2021-20123, CVE-2026-34909"
|
|
14
|
+
likelihood: MEDIUM
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-16278
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-5418
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2024-32113
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2024-23897
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-41277
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/22.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到路径遍历风险。用户输入被用于文件路径构造,可能访问任意文件。
|
|
29
|
+
修复: 对用户输入做路径规范化和白名单校验,禁止..和绝对路径。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- python
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern: $OBJ.extractall(...)
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-22-PYTHON-073
|
|
41
|
+
# cwe: CWE-22 | language: python
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 7 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-go-187.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.289Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-GO-187 | CWE: CWE-287 | Lang: go
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-go-187
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- go
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'jwt.Parse|jwt.ParseWithClaims'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-GO-187
|
|
41
|
+
# cwe: CWE-287 | language: go
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-go-188.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.289Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-GO-188 | CWE: CWE-287 | Lang: go
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-go-188
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- go
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern: $OBJ.BasicAuth(...)
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-GO-188
|
|
41
|
+
# cwe: CWE-287 | language: go
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-java-180.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.286Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-JAVA-180 | CWE: CWE-287 | Lang: java
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-java-180
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- java
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'RememberMeAuthenticationToken|rememberMeServices'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-JAVA-180
|
|
41
|
+
# cwe: CWE-287 | language: java
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-java-181.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.287Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-JAVA-181 | CWE: CWE-287 | Lang: java
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-java-181
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- java
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'Jwts.parser\(\).parseClaimsJws'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-JAVA-181
|
|
41
|
+
# cwe: CWE-287 | language: java
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-java-182.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.287Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-JAVA-182 | CWE: CWE-287 | Lang: java
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-java-182
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- java
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'permitAll\(\)'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-JAVA-182
|
|
41
|
+
# cwe: CWE-287 | language: java
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-javascript-183.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.288Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-JAVASCRIPT-183 | CWE: CWE-287 | Lang: javascript
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-javascript-183
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- javascript
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'jwt.decode \(no verify\)'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-JAVASCRIPT-183
|
|
41
|
+
# cwe: CWE-287 | language: javascript
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-javascript-184.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.288Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-JAVASCRIPT-184 | CWE: CWE-287 | Lang: javascript
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-javascript-184
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- javascript
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern: $OBJ.authenticate(...)
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-JAVASCRIPT-184
|
|
41
|
+
# cwe: CWE-287 | language: javascript
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-python-185.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.288Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-PYTHON-185 | CWE: CWE-287 | Lang: python
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-python-185
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- python
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: '@app.route \(no @login_required\)'
|
|
37
|
+
# CONSTRAINT: pattern-not: whitelist known-public paths (/login, /register, /health, /static)
|
|
38
|
+
# CONSTRAINT: Reduce severity to INFO — public endpoints may be intentional
|
|
39
|
+
|
|
40
|
+
# --- P2 METADATA ---
|
|
41
|
+
# cluster_id: CL-287-PYTHON-185
|
|
42
|
+
# cwe: CWE-287 | language: python
|
|
43
|
+
# sink_patterns: [object Object]
|
|
44
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-287-287-python-186.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.288Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-287-PYTHON-186 | CWE: CWE-287 | Lang: python
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 1683 | KEV: 12 | Exploit: 33
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-287-287-python-186
|
|
10
|
+
metadata:
|
|
11
|
+
category: A07:2021-Identification and Authentication Failures
|
|
12
|
+
cwe: "CWE-287: Improper Authentication"
|
|
13
|
+
cve: "CVE-2021-33045, CVE-2021-33044, CVE-2021-32030, CVE-2019-19006, CVE-2025-32975, CVE-2025-61882, CVE-2024-7593, CVE-2023-28461"
|
|
14
|
+
likelihood: HIGH
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33045
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-33044
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-32030
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2019-19006
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2025-32975
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/287.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到认证绕过风险。身份验证逻辑存在缺陷。
|
|
29
|
+
修复: 确保关键操作前完成身份验证,使用框架认证中间件。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- python
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern: rest_framework_jwt(...)
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-287-PYTHON-186
|
|
41
|
+
# cwe: CWE-287 | language: python
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-327-327-go-169.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.306Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-327-GO-169 | CWE: CWE-327 | Lang: go
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 204 | KEV: 0 | Exploit: 1
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-327-327-go-169
|
|
10
|
+
metadata:
|
|
11
|
+
category: A02:2021-Cryptographic Failures
|
|
12
|
+
cwe: "CWE-327: Weak Cryptography"
|
|
13
|
+
cve: "CVE-2022-35513, CVE-2021-45696, CVE-2020-36363, CVE-2021-22738, CVE-2020-14517, CVE-2020-3681, CVE-2019-13022, CVE-2020-10377"
|
|
14
|
+
likelihood: MEDIUM
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2022-35513
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-45696
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2020-36363
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-22738
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2020-14517
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/327.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到弱加密算法风险。使用了已知不安全的加密算法/哈希函数。
|
|
29
|
+
修复: 使用AES-GCM/ChaCha20替代DES/RC4,使用SHA-256/Argon2替代MD5/SHA-1。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- go
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'md5.New|md5.Sum'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-327-GO-169
|
|
41
|
+
# cwe: CWE-327 | language: go
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-327-327-go-170.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.306Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-327-GO-170 | CWE: CWE-327 | Lang: go
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 204 | KEV: 0 | Exploit: 1
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-327-327-go-170
|
|
10
|
+
metadata:
|
|
11
|
+
category: A02:2021-Cryptographic Failures
|
|
12
|
+
cwe: "CWE-327: Weak Cryptography"
|
|
13
|
+
cve: "CVE-2022-35513, CVE-2021-45696, CVE-2020-36363, CVE-2021-22738, CVE-2020-14517, CVE-2020-3681, CVE-2019-13022, CVE-2020-10377"
|
|
14
|
+
likelihood: MEDIUM
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2022-35513
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-45696
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2020-36363
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-22738
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2020-14517
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/327.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到弱加密算法风险。使用了已知不安全的加密算法/哈希函数。
|
|
29
|
+
修复: 使用AES-GCM/ChaCha20替代DES/RC4,使用SHA-256/Argon2替代MD5/SHA-1。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- go
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'rand.Int|rand.Intn'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-327-GO-170
|
|
41
|
+
# cwe: CWE-327 | language: go
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# zhuma-nvd-327-327-java-161.yaml
|
|
2
|
+
# Generated: 2026-06-28T10:37:40.303Z
|
|
3
|
+
# Source: P2 auto-generation (fixed) from P1.5 classified clusters
|
|
4
|
+
# Cluster: CL-327-JAVA-161 | CWE: CWE-327 | Lang: java
|
|
5
|
+
# Precision: MEDIUM | Noise: MEDIUM
|
|
6
|
+
# CVEs: 204 | KEV: 0 | Exploit: 1
|
|
7
|
+
|
|
8
|
+
rules:
|
|
9
|
+
- id: zhuma-nvd-327-327-java-161
|
|
10
|
+
metadata:
|
|
11
|
+
category: A02:2021-Cryptographic Failures
|
|
12
|
+
cwe: "CWE-327: Weak Cryptography"
|
|
13
|
+
cve: "CVE-2022-35513, CVE-2021-45696, CVE-2020-36363, CVE-2021-22738, CVE-2020-14517, CVE-2020-3681, CVE-2019-13022, CVE-2020-10377"
|
|
14
|
+
likelihood: MEDIUM
|
|
15
|
+
precision: MEDIUM
|
|
16
|
+
impact: MEDIUM
|
|
17
|
+
confidence: MEDIUM
|
|
18
|
+
source: nvd+wooyun
|
|
19
|
+
references:
|
|
20
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2022-35513
|
|
21
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-45696
|
|
22
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2020-36363
|
|
23
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2021-22738
|
|
24
|
+
- https://nvd.nist.gov/vuln/detail/CVE-2020-14517
|
|
25
|
+
- https://cwe.mitre.org/data/definitions/327.html
|
|
26
|
+
|
|
27
|
+
message: |
|
|
28
|
+
检测到弱加密算法风险。使用了已知不安全的加密算法/哈希函数。
|
|
29
|
+
修复: 使用AES-GCM/ChaCha20替代DES/RC4,使用SHA-256/Argon2替代MD5/SHA-1。
|
|
30
|
+
|
|
31
|
+
severity: WARNING
|
|
32
|
+
languages:
|
|
33
|
+
- java
|
|
34
|
+
|
|
35
|
+
patterns:
|
|
36
|
+
- pattern-regex: 'MessageDigest.getInstance\("MD5"|"SHA-1"|"SHA1"\)'
|
|
37
|
+
# CONSTRAINT: pattern: verify sink is in security-sensitive context
|
|
38
|
+
|
|
39
|
+
# --- P2 METADATA ---
|
|
40
|
+
# cluster_id: CL-327-JAVA-161
|
|
41
|
+
# cwe: CWE-327 | language: java
|
|
42
|
+
# sink_patterns: [object Object]
|
|
43
|
+
# wooyun_cases: 0 | tier: N/A
|