Skip to content

Commit

Permalink
chore: bulk update cwe and desc (#227)
Browse files Browse the repository at this point in the history
  • Loading branch information
@gotbadger
gotbadger authored Feb 5, 2024
1 parent 60daef7 commit 36f67a7
Show file tree
Hide file tree
Showing 557 changed files with 2,025 additions and 2,402 deletions.
4 changes: 2 additions & 2 deletions rules/go/gosec/blocklist/cgi.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ patterns:
languages:
- go
metadata:
description: "Use of a Broken or Risky Cryptographic Algorithm"
description: "Usage of vulnerable 'net/http/cgi' package"
remediation_message: |
## Description
Expand Down Expand Up @@ -54,6 +54,6 @@ metadata:
- [Httpoxy.org](https://httpoxy.org/)
cwe_id:
- 327
- 1395
id: go_gosec_blocklist_cgi
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_blocklist_cgi
2 changes: 1 addition & 1 deletion rules/go/gosec/blocklist/des.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ patterns:
languages:
- go
metadata:
description: "Use of a Broken or Risky Cryptographic Algorithm"
description: "Import of weak encryption algorithm (DES)"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/blocklist/md5.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ patterns:
languages:
- go
metadata:
description: "Use of a Broken or Risky Cryptographic Algorithm"
description: "Import of weak hashing library (MD5)"
remediation_message: |
## Description
Expand Down Expand Up @@ -42,6 +42,6 @@ metadata:
- [OWASP Password Storage Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)
cwe_id:
- 327
- 328
id: go_gosec_blocklist_md5
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_blocklist_md5
2 changes: 1 addition & 1 deletion rules/go/gosec/blocklist/rc4.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ patterns:
languages:
- go
metadata:
description: "Use of a Broken or Risky Cryptographic Algorithm"
description: "Import of weak encryption algorithm (RCA)"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/blocklist/sha1.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ patterns:
languages:
- go
metadata:
description: "Use of a Broken or Risky Cryptographic Algorithm"
description: "Import of weak hashing library (MD5)"
remediation_message: |
## Description
Expand Down Expand Up @@ -38,6 +38,6 @@ metadata:
- [NIST Policy on Hash Functions](https://csrc.nist.gov/projects/hash-functions)
cwe_id:
- 327
- 328
id: go_gosec_blocklist_sha1
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_blocklist_sha1
2 changes: 1 addition & 1 deletion rules/go/gosec/crypto/bad_tls_settings.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ patterns:
languages:
- go
metadata:
description: "Use of a broken or risky cryptographic algorithm"
description: "Usage of insecure cipher"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/crypto/insecure_ignore_host_key.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ patterns:
languages:
- go
metadata:
description: "Key exchange without entity authentication"
description: "Missing verification of host keys"
remediation_message: |
## Description
Expand Down Expand Up @@ -33,6 +33,6 @@ metadata:
- [Secure use of SSH - OpenSSH](https://www.openssh.com/)
cwe_id:
- 322
- 327
id: go_gosec_crypto_insecure_ignore_host_key
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_crypto_insecure_ignore_host_key
2 changes: 1 addition & 1 deletion rules/go/gosec/crypto/weak_crypto.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ patterns:
languages:
- go
metadata:
description: "Use of a Broken or Risky Cryptographic Algorithm"
description: "Usage of weak hashing library"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/crypto/weak_key_strength.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ patterns:
languages:
- go
metadata:
description: "Inadequate encryption strength"
description: "Usage of inadequate encryption strength"
remediation_message: |
## Description
Expand Down Expand Up @@ -50,6 +50,6 @@ metadata:
- [NIST Special Publication 800-57 Part 1](https://csrc.nist.gov/publications/detail/sp/800-57-part-1/rev-5/final)
cwe_id:
- 326
- 327
id: go_gosec_crypto_weak_key_strength
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_crypto_weak_key_strength
4 changes: 2 additions & 2 deletions rules/go/gosec/crypto/weak_random.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ auxiliary:
languages:
- go
metadata:
description: "Use of cryptographically weak Pseudo-Random Number Generator (PRNG)"
description: "Usage of weak Pseudo-Random Number Generator (PRNG)"
remediation_message: |
## Description
Expand Down Expand Up @@ -87,6 +87,6 @@ metadata:
- [crypto/rand package documentation](https://pkg.go.dev/crypto/rand)
cwe_id:
- 338
- 327
id: go_gosec_crypto_weak_random
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_crypto_weak_random
4 changes: 2 additions & 2 deletions rules/go/gosec/crypto/weak_tls_version.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ patterns:
languages:
- go
metadata:
description: "Use of deprecated TLS version"
description: "Usage of deprecated TLS version"
remediation_message: |
## Description
Expand Down Expand Up @@ -72,6 +72,6 @@ metadata:
- [Go `crypto/tls` package documentation](https://pkg.go.dev/crypto/tls)
cwe_id:
- 310
- 327
id: go_gosec_crypto_weak_tls_version
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_crypto_weak_tls_version
4 changes: 2 additions & 2 deletions rules/go/gosec/file_permissions/file_perm.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ auxiliary:
languages:
- go
metadata:
description: "Incorrect permission assignment for critical resource"
description: "Permissive file assignment"
remediation_message: |
## Description
Expand Down Expand Up @@ -80,6 +80,6 @@ metadata:
Regularly audit file permissions to ensure they adhere to the principle of least privilege.
cwe_id:
- 732
- 276
id: go_gosec_file_permissions_file_perm
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_file_permissions_file_perm
4 changes: 2 additions & 2 deletions rules/go/gosec/file_permissions/mkdir.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ auxiliary:
languages:
- go
metadata:
description: "Incorrect permission assignment for critical resource"
description: "Permissive folder creation"
remediation_message: |
## Description
Expand Down Expand Up @@ -72,6 +72,6 @@ metadata:
Implement regular checks of directory permissions as part of your security auditing procedures to identify and correct any permissions that are too broad.
cwe_id:
- 732
- 276
id: go_gosec_file_permissions_mkdir
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_file_permissions_mkdir
2 changes: 1 addition & 1 deletion rules/go/gosec/filesystem/decompression_bomb.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ auxiliary:
languages:
- go
metadata:
description: "Use of a Broken or Risky Cryptographic Algorithm"
description: "Missing configuration against decompression bomb"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/filesystem/dirtraversal.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ auxiliary:
languages:
- go
metadata:
description: "Relative path traversal"
description: "Usage of Root directory mounting"
remediation_message: |
## Description
Expand Down Expand Up @@ -76,6 +76,6 @@ metadata:
- [Linux man page for chmod (file permissions)](https://linux.die.net/man/1/chmod)
cwe_id:
- 327
- 22
id: go_gosec_filesystem_dirtraversal
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_filesystem_dirtraversal
4 changes: 2 additions & 2 deletions rules/go/gosec/filesystem/filereadtaint.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ auxiliary:
languages:
- go
metadata:
description: "Improper limitation of a pathname to a restricted directory ('Path Traversal')"
description: "Unsanitized user input in file path"
remediation_message: |
## Description
Expand Down Expand Up @@ -124,6 +124,6 @@ metadata:
- [OWASP Guide to Preventing Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal)
cwe_id:
- 327
- 73
id: go_gosec_filesystem_filereadtaint
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_filesystem_filereadtaint
2 changes: 1 addition & 1 deletion rules/go/gosec/filesystem/poor_write_permissions.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ auxiliary:
languages:
- go
metadata:
description: "Incorrect default permissions"
description: "Permissive file creation"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/filesystem/tempfile.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ auxiliary:
languages:
- go
metadata:
description: "Incorrect default permissions"
description: "Permissive temporary file creation"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/filesystem/ziparchive.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ auxiliary:
languages:
- go
metadata:
description: "Improper limitation of a pathname to a restricted directory ('Path Traversal')"
description: "Missing protection against 'Zip Slip' path traversal"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/http/http_serve.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ auxiliary:
languages:
- go
metadata:
description: "Uncontrolled resource consumption"
description: "Usage of vulnerable 'serve' function"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/http/http_slowloris.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ auxiliary:
languages:
- go
metadata:
description: "Uncontrolled resource consumption (Slowloris)"
description: "Missing protection against 'Slowloris' attack"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/injection/ssrf_injection.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ patterns:
languages:
- go
metadata:
description: "Server Side Request Forgery (SSRF)"
description: "Unsanitized user input in HTTP request (SSRF)"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/injection/subproc_injection.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ patterns:
languages:
- go
metadata:
description: "Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"
description: "Unsanitized dynamic input in OS command"
remediation_message: |
## Description
Expand Down Expand Up @@ -72,6 +72,6 @@ metadata:
- [OWASP OS Command Injection Defense Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html)
cwe_id:
- 95
- 94
id: go_gosec_injection_subproc_injection
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_injection_subproc_injection
2 changes: 1 addition & 1 deletion rules/go/gosec/injection/template_injection.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ patterns:
languages:
- go
metadata:
description: "Improper neutralization of input during web page generation ('Cross-site Scripting')"
description: "Unsanitized user input in web page generation (XSS)"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/leak/pprof_endpoint.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ patterns:
languages:
- go
metadata:
description: "Active debug code (pprof enabled)"
description: "Usage of active debug code (pprof enabled)"
remediation_message: |
## Description
Expand Down Expand Up @@ -57,6 +57,6 @@ metadata:
- [Go Build Constraints Documentation](https://pkg.go.dev/go/build#hdr-Build_Constraints)
- [OWASP Security by Design Principles](https://owasp.org/www-project-security-by-design/)
cwe_id:
- 918
- 200
id: go_gosec_leak_pprof_endpoint
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_leak_pprof_endpoint
2 changes: 1 addition & 1 deletion rules/go/gosec/memory/integer_overflow.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ auxiliary:
languages:
- go
metadata:
description: "Integer overflow or wraparound"
description: "Possible integer overflow"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/memory/math_big_rat.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ auxiliary:
languages:
- go
metadata:
description: "Integer Overflow or Wraparound"
description: "Possible integer overflow when converting strings"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/memory/memory_aliasing.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ auxiliary:
languages:
- go
metadata:
description: "Incorrect access of indexable resource ('Range Error')"
description: "Incorrect access of indexable resource (Range Error)"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/network/bind_to_all_interfaces.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ patterns:
languages:
- go
metadata:
description: "Exposure of sensitive information to an unauthorized actor"
description: "Permissive server network interface configuration"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/secrets/secrets.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ languages:
- go
severity: high
metadata:
description: "Use of hard-coded password"
description: "Usage of hard-coded password"
remediation_message: |
## Description
Expand Down
2 changes: 1 addition & 1 deletion rules/go/gosec/sql/concat_sqli.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ languages:
- go
severity: high
metadata:
description: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
description: "Unsanitized user input in SQL query"
remediation_message: |
## Description
Expand Down
4 changes: 2 additions & 2 deletions rules/go/gosec/subproc/subproc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ languages:
- go
severity: high
metadata:
description: "Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')"
description: "Unsanitized user input in OS command"
remediation_message: |
## Description
Expand Down Expand Up @@ -95,6 +95,6 @@ metadata:
- [OWASP OS Command Injection Defense Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html)
cwe_id:
- 95
- 94
id: go_gosec_subproc_subproc
documentation_url: https://docs.bearer.com/reference/rules/go_gosec_subproc_subproc
Loading

0 comments on commit 36f67a7

Please sign in to comment.