From bf68486f6a17e992da7319b59efeb37d85f43793 Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 10:41:02 +0100
Subject: [PATCH 01/12] Queries severity and category change

---
 .../metadata.json                                |  4 ++--
 .../test/positive_expected_result.json           |  4 ++--
 .../metadata.json                                |  2 +-
 .../metadata.json                                |  2 +-
 .../test/positive_expected_result.json           |  2 +-
 .../aws/sqs_with_sse_disabled/metadata.json      |  2 +-
 .../test/positive_expected_result.json           |  8 ++++----
 .../metadata.json                                |  2 +-
 .../gcp/bigquery_dataset_is_public/metadata.json |  2 +-
 .../metadata.json                                |  4 ++--
 .../test/positive_expected_result.json           |  6 +++---
 .../metadata.json                                |  2 +-
 .../test/positive_expected_result.json           |  8 ++++----
 .../metadata.json                                |  4 ++--
 .../test/positive_expected_result.json           |  4 ++--
 .../metadata.json                                |  2 +-
 .../test/positive_expected_result.json           |  8 ++++----
 .../aws/sqs_with_sse_disabled/metadata.json      |  2 +-
 .../metadata.json                                |  2 +-
 .../test/positive_expected_result.json           |  8 ++++----
 .../shared_host_network_namespace/metadata.json  |  2 +-
 .../bigquery_database_is_public/metadata.json    |  2 +-
 .../metadata.json                                |  4 ++--
 .../test/positive_expected_result.json           | 12 ++++++------
 .../liveness_probe_is_not_defined/metadata.json  |  2 +-
 .../test/positive_expected_result.json           |  2 +-
 .../metadata.json                                |  4 ++--
 .../test/positive_expected_result.json           |  2 +-
 .../k8s/shared_host_ipc_namespace/metadata.json  |  4 ++--
 .../test/positive_expected_result.json           |  2 +-
 .../shared_host_network_namespace/metadata.json  |  4 ++--
 .../test/positive_expected_result.json           |  2 +-
 .../metadata.json                                |  4 ++--
 .../test/positive_expected_result.json           |  4 ++--
 .../metadata.json                                |  2 +-
 .../metadata.json                                |  2 +-
 .../metadata.json                                |  2 +-
 .../test/positive_expected_result.json           |  4 ++--
 .../public_lambda_via_api_gateway/metadata.json  |  2 +-
 .../aws/sqs_with_sse_disabled/metadata.json      |  4 ++--
 .../test/positive_expected_result.json           | 14 +++++++-------
 .../aws/vpc_flowlogs_disabled/metadata.json      |  2 +-
 .../test/positive_expected_result.json           |  8 ++++----
 .../metadata.json                                |  2 +-
 .../metadata.json                                |  2 +-
 .../test/positive_expected_result.json           |  6 +++---
 .../metadata.json                                |  2 +-
 .../container_host_ipc_is_true/metadata.json     |  4 ++--
 .../test/positive_expected_result.json           |  2 +-
 .../liveness_probe_is_not_defined/metadata.json  |  2 +-
 .../test/positive_expected_result.json           |  4 ++--
 .../metadata.json                                |  2 +-
 .../test/positive_expected_result.json           | 16 ++++++++--------
 .../shared_host_network_namespace/metadata.json  |  4 ++--
 .../test/positive_expected_result.json           |  2 +-
 55 files changed, 108 insertions(+), 108 deletions(-)

diff --git a/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/metadata.json b/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/metadata.json
index 5afdff5250e..a9874aab632 100644
--- a/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/metadata.json
+++ b/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "857f8808-e96a-4ba8-a9b7-f2d4ec6cad94",
   "queryName": "Automatic Minor Upgrades Disabled",
-  "severity": "HIGH",
-  "category": "Encryption",
+  "severity": "LOW",
+  "category": "Best Practices",
   "descriptionText": "RDS instance auto minor version upgrade feature must be true",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/rds_instance_module.html#parameter-auto_minor_version_upgrade",
   "platform": "Ansible",
diff --git a/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json b/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
index adfcd9bacb8..2cff287eee5 100644
--- a/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
+++ b/assets/queries/ansible/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
@@ -1,12 +1,12 @@
 [
   {
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "HIGH",
+    "severity": "LOW",
     "line": 10
   },
   {
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "HIGH",
+    "severity": "LOW",
     "line": 12
   }
 ]
diff --git a/assets/queries/ansible/aws/iam_password_without_uppercase_letter/metadata.json b/assets/queries/ansible/aws/iam_password_without_uppercase_letter/metadata.json
index 682cab2b5d4..ccec590b3ee 100644
--- a/assets/queries/ansible/aws/iam_password_without_uppercase_letter/metadata.json
+++ b/assets/queries/ansible/aws/iam_password_without_uppercase_letter/metadata.json
@@ -2,7 +2,7 @@
   "id": "83957b81-39c1-4191-8e12-671d2ce14354",
   "queryName": "IAM Password Without Uppercase Letter",
   "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "category": "Best Practices",
   "descriptionText": "Check if IAM account password has at least one uppercase letter",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/iam_password_policy_module.html",
   "platform": "Ansible",
diff --git a/assets/queries/ansible/aws/iam_policy_grants_full_permissions/metadata.json b/assets/queries/ansible/aws/iam_policy_grants_full_permissions/metadata.json
index 553a741e719..154394c965a 100644
--- a/assets/queries/ansible/aws/iam_policy_grants_full_permissions/metadata.json
+++ b/assets/queries/ansible/aws/iam_policy_grants_full_permissions/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "b5ed026d-a772-4f07-97f9-664ba0b116f8",
   "queryName": "IAM Policy Grants Full Permissions",
-  "severity": "MEDIUM",
+  "severity": "HIGH",
   "category": "Access Control",
   "descriptionText": "IAM policies allow all ('*') in a statement action",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html",
diff --git a/assets/queries/ansible/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json b/assets/queries/ansible/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
index 79bb8b5a451..6b957568732 100644
--- a/assets/queries/ansible/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
+++ b/assets/queries/ansible/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
   {
     "queryName": "IAM Policy Grants Full Permissions",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 4,
     "fileName": "positive.yaml"
   }
diff --git a/assets/queries/ansible/aws/sqs_with_sse_disabled/metadata.json b/assets/queries/ansible/aws/sqs_with_sse_disabled/metadata.json
index bb45244cf25..050c166f447 100644
--- a/assets/queries/ansible/aws/sqs_with_sse_disabled/metadata.json
+++ b/assets/queries/ansible/aws/sqs_with_sse_disabled/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "e1e7b278-2a8b-49bd-a26e-66a7f70b17eb",
   "queryName": "SQS with SSE disabled",
-  "severity": "LOW",
+  "severity": "MEDIUM",
   "category": "Encryption",
   "descriptionText": " SQS Queue should be protected with CMK encryption",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/sqs_queue_module.html#ansible-collections-community-aws-sqs-queue-module",
diff --git a/assets/queries/ansible/aws/sqs_with_sse_disabled/test/positive_expected_result.json b/assets/queries/ansible/aws/sqs_with_sse_disabled/test/positive_expected_result.json
index 57d614f2f66..824d600f4dc 100644
--- a/assets/queries/ansible/aws/sqs_with_sse_disabled/test/positive_expected_result.json
+++ b/assets/queries/ansible/aws/sqs_with_sse_disabled/test/positive_expected_result.json
@@ -1,22 +1,22 @@
 [
   {
     "queryName": "SQS with SSE disabled",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 2
   },
   {
     "queryName": "SQS with SSE disabled",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 16
   },
   {
     "queryName": "SQS with SSE disabled",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 22
   },
   {
     "queryName": "SQS with SSE disabled",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 29
   }
 ]
diff --git a/assets/queries/ansible/azure/trusted_microsoft_services_not_enabled/metadata.json b/assets/queries/ansible/azure/trusted_microsoft_services_not_enabled/metadata.json
index 630185dbff3..362374011ec 100644
--- a/assets/queries/ansible/azure/trusted_microsoft_services_not_enabled/metadata.json
+++ b/assets/queries/ansible/azure/trusted_microsoft_services_not_enabled/metadata.json
@@ -2,7 +2,7 @@
   "id": "1bc398a8-d274-47de-a4c8-6ac867b353de",
   "queryName": "Trusted Microsoft Services Not Enabled",
   "severity": "HIGH",
-  "category": "Access Control",
+  "category": "Networking and Firewall",
   "descriptionText": "Ensure Trusted Microsoft Services have Storage Account access.",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_storageaccount_module.html#parameter-network_acls/bypass",
   "platform": "Ansible",
diff --git a/assets/queries/ansible/gcp/bigquery_dataset_is_public/metadata.json b/assets/queries/ansible/gcp/bigquery_dataset_is_public/metadata.json
index 339efbb4320..193bf23956c 100644
--- a/assets/queries/ansible/gcp/bigquery_dataset_is_public/metadata.json
+++ b/assets/queries/ansible/gcp/bigquery_dataset_is_public/metadata.json
@@ -2,7 +2,7 @@
   "id": "2263b286-2fe9-4747-a0ae-8b4768a2bbd2",
   "queryName": "BigQuery Dataset Is Public",
   "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "category": "Access Control",
   "descriptionText": "BigQuery dataset is anonymously or publicly accessible",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_bigquery_dataset_module.html#parameter-access/special_group",
   "platform": "Ansible",
diff --git a/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json b/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json
index 2b983f5136b..3badc55532d 100644
--- a/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json
+++ b/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "086031e1-9d4a-4249-acb3-5bfe4c363db2",
   "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-  "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "severity": "HIGH",
+  "category": "Access Control",
   "descriptionText": "Cloud Storage Buckets must not be anonymously or publicly accessible, which means the attribute 'entity' must not be 'allUsers' or 'allAuthenticatedUsers'",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html",
   "platform": "Ansible",
diff --git a/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json b/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
index c0a7ee92cdd..5f83e4313c4 100644
--- a/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
+++ b/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
@@ -1,17 +1,17 @@
 [
 	{
 		"queryName": "Cloud Storage Anonymous or Publicly Accessible",
-		"severity": "MEDIUM",
+		"severity": "HIGH",
 		"line": 11
 	},
 	{
 		"queryName": "Cloud Storage Anonymous or Publicly Accessible",
-		"severity": "MEDIUM",
+		"severity": "HIGH",
 		"line": 22
 	},
 	{
 		"queryName": "Cloud Storage Anonymous or Publicly Accessible",
-		"severity": "MEDIUM",
+		"severity": "HIGH",
 		"line": 28
 	}
 ]
diff --git a/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json b/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json
index 98aebe7e9a7..5900be918cb 100644
--- a/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json
+++ b/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "f0104061-8bfc-4b45-8a7d-630eb502f281",
   "queryName": "Automatic Minor Upgrades Disabled",
-  "severity": "MEDIUM",
+  "severity": "LOW",
   "category": "Best Practices",
   "descriptionText": "AWS RDS should have automatic minor upgrades enabled, which means the attribute 'AutoMinorVersionUpgrade' must be set to true.",
   "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html",
diff --git a/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
index fda325244ea..213647b0431 100644
--- a/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
+++ b/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
@@ -1,19 +1,19 @@
 [
   {
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 58,
     "fileName": "positive1.yaml"
   },
   {
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 82,
     "fileName": "positive1.yaml"
   },
   {
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 58,
     "fileName": "positive2.json"
   },
@@ -21,6 +21,6 @@
     "line": 85,
     "fileName": "positive2.json",
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "MEDIUM"
+    "severity": "LOW"
   }
 ]
diff --git a/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/metadata.json b/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/metadata.json
index 12620f6536d..c15ea4e4409 100644
--- a/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/metadata.json
+++ b/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "b3de4e4c-14be-4159-b99d-9ad194365e4c",
   "queryName": "EC2 Instance Has Public IP",
-  "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "severity": "HIGH",
+  "category": "Networking and Firewall",
   "descriptionText": "EC2 Subnet should not have MapPublicIpOnLaunch set to true",
   "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-subnet.html#cfn-ec2-subnet-mappubliciponlaunch",
   "platform": "CloudFormation",
diff --git a/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/test/positive_expected_result.json
index da08f1fbd18..f24025f4a97 100644
--- a/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/test/positive_expected_result.json
+++ b/assets/queries/cloudFormation/aws/ec2_subnet_mapping_public_ip_on_launch/test/positive_expected_result.json
@@ -1,13 +1,13 @@
 [
   {
     "queryName": "EC2 Instance Has Public IP",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 7,
     "fileName": "positive1.yaml"
   },
   {
     "queryName": "EC2 Instance Has Public IP",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 8,
     "fileName": "positive2.json"
   }
diff --git a/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json b/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json
index 4ba7fb72d93..2160d46fe37 100644
--- a/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json
+++ b/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "f62aa827-4ade-4dc4-89e4-1433d384a368",
   "queryName": "IAM Policy Grants Full Permissions",
-  "severity": "LOW",
+  "severity": "HIGH",
   "category": "Access Control",
   "descriptionText": "Check if an IAM policy is granting full permissions to resources from the get-go, instead of granting permissions gradually as necessary.",
   "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html",
diff --git a/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
index 61416a2d500..6a9932378db 100644
--- a/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
+++ b/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
@@ -1,25 +1,25 @@
 [
   {
     "queryName": "IAM Policy Grants Full Permissions",
-    "severity": "LOW",
+    "severity": "HIGH",
     "line": 8,
     "fileName": "positive1.yaml"
   },
   {
     "queryName": "IAM Policy Grants Full Permissions",
-    "severity": "LOW",
+    "severity": "HIGH",
     "line": 21,
     "fileName": "positive1.yaml"
   },
   {
     "queryName": "IAM Policy Grants Full Permissions",
-    "severity": "LOW",
+    "severity": "HIGH",
     "line": 29,
     "fileName": "positive2.json"
   },
   {
     "queryName": "IAM Policy Grants Full Permissions",
-    "severity": "LOW",
+    "severity": "HIGH",
     "line": 9,
     "fileName": "positive2.json"
   }
diff --git a/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json b/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json
index 775ee0262aa..da6063d38eb 100644
--- a/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json
+++ b/assets/queries/cloudFormation/aws/sqs_with_sse_disabled/metadata.json
@@ -2,7 +2,7 @@
   "id": "12726829-93ed-4d51-9cbe-13423f4299e1",
   "queryName": "SQS with SSE disabled",
   "severity": "MEDIUM",
-  "category": "Secret Management",
+  "category": "Encryption",
   "descriptionText": "AWS SQS Queue should have a KMS Master Key defined",
   "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html#aws-sqs-queue-kmsmasterkeyid",
   "platform": "CloudFormation",
diff --git a/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json b/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json
index 76279352165..ceea247899c 100644
--- a/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json
+++ b/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "4a1e6b34-1008-4e61-a5f2-1f7c276f8d14",
   "queryName": "Unrestricted Security Group Ingress",
-  "severity": "MEDIUM",
+  "severity": "HIGH",
   "category": "Networking and Firewall",
   "descriptionText": "AWS Security Group Ingress CIDR should not be open to the world",
   "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html",
diff --git a/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/test/positive_expected_result.json
index dbb65cfb40d..21ab80d3e15 100644
--- a/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/test/positive_expected_result.json
+++ b/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress/test/positive_expected_result.json
@@ -1,25 +1,25 @@
 [
   {
     "queryName": "Unrestricted Security Group Ingress",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 8,
     "fileName": "positive1.yaml"
   },
   {
     "queryName": "Unrestricted Security Group Ingress",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 43,
     "fileName": "positive1.yaml"
   },
   {
     "queryName": "Unrestricted Security Group Ingress",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 30,
     "fileName": "positive2.json"
   },
   {
     "queryName": "Unrestricted Security Group Ingress",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 53,
     "fileName": "positive2.json"
   }
diff --git a/assets/queries/dockerCompose/shared_host_network_namespace/metadata.json b/assets/queries/dockerCompose/shared_host_network_namespace/metadata.json
index 6af198029f8..ba01b9c9ed6 100644
--- a/assets/queries/dockerCompose/shared_host_network_namespace/metadata.json
+++ b/assets/queries/dockerCompose/shared_host_network_namespace/metadata.json
@@ -2,7 +2,7 @@
     "id": "071a71ff-f868-47a4-ac0b-3c59e4ab5443",
     "queryName": "Shared Host Network Namespace",
     "severity": "MEDIUM",
-    "category": "Networking and Firewall",
+    "category": "Resource Management",
     "descriptionText": "Container should not share the host network namespace",
     "descriptionUrl": "https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode",
     "platform": "DockerCompose",
diff --git a/assets/queries/googleDeploymentManager/bigquery_database_is_public/metadata.json b/assets/queries/googleDeploymentManager/bigquery_database_is_public/metadata.json
index 797018a47d6..7a7f00c5541 100644
--- a/assets/queries/googleDeploymentManager/bigquery_database_is_public/metadata.json
+++ b/assets/queries/googleDeploymentManager/bigquery_database_is_public/metadata.json
@@ -2,7 +2,7 @@
   "id": "83103dff-d57f-42a8-bd81-40abab64c1a7",
   "queryName": "BigQuery Dataset Is Public",
   "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "category": "Access Control",
   "descriptionText": "BigQuery dataset is anonymously or publicly accessible. Attribute access.specialGroup should not contain 'allAuthenticatedUsers'",
   "descriptionUrl": "https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets",
   "platform": "GoogleDeploymentManager",
diff --git a/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/metadata.json b/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/metadata.json
index 9775197a7c7..b7b5d4f3795 100644
--- a/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/metadata.json
+++ b/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "63ae3638-a38c-4ff4-b616-6e1f72a31a6a",
   "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-  "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "severity": "HIGH",
+  "category": "Access Control",
   "descriptionText": "Cloud Storage Buckets must not be anonymously or publicly accessible, which means the subattribute 'entity' from attributes 'acl' and 'defaultObjectAcl' must not be 'allUsers' or 'allAuthenticatedUsers'",
   "descriptionUrl": "https://cloud.google.com/storage/docs/json_api/v1/buckets",
   "platform": "GoogleDeploymentManager",
diff --git a/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json b/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
index 0bd4a750ac9..d19507f14cb 100644
--- a/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
+++ b/assets/queries/googleDeploymentManager/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
@@ -1,37 +1,37 @@
 [
   {
     "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 4,
     "filename": "positive1.yaml"
   },
   {
     "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 4,
     "filename": "positive1.yaml"
   },
   {
     "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 7,
     "filename": "positive2.yaml"
   },
   {
     "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 4,
     "filename": "positive2.yaml"
   },
   {
     "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 7,
     "filename": "positive3.yaml"
   },
   {
     "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 10,
     "filename": "positive3.yaml"
   }
diff --git a/assets/queries/k8s/liveness_probe_is_not_defined/metadata.json b/assets/queries/k8s/liveness_probe_is_not_defined/metadata.json
index 0265a5145da..6128452f7f6 100644
--- a/assets/queries/k8s/liveness_probe_is_not_defined/metadata.json
+++ b/assets/queries/k8s/liveness_probe_is_not_defined/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "ade74944-a674-4e00-859e-c6eab5bde441",
   "queryName": "Liveness Probe Is Not Defined",
-  "severity": "INFO",
+  "severity": "LOW",
   "category": "Availability",
   "descriptionText": "In case of an unresponsive container, a Liveness Probe can help your application become more available since it restarts the container. However, it can lead to cascading failures. Define one if you really need it",
   "descriptionUrl": "https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#when-should-you-use-a-liveness-probe",
diff --git a/assets/queries/k8s/liveness_probe_is_not_defined/test/positive_expected_result.json b/assets/queries/k8s/liveness_probe_is_not_defined/test/positive_expected_result.json
index e8ea0253581..dfa40882289 100644
--- a/assets/queries/k8s/liveness_probe_is_not_defined/test/positive_expected_result.json
+++ b/assets/queries/k8s/liveness_probe_is_not_defined/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
 	{
 		"queryName": "Liveness Probe Is Not Defined",
-		"severity": "INFO",
+		"severity": "LOW",
 		"line": 9,
 		"fileName": "positive.yaml"
 	}
diff --git a/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/metadata.json b/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/metadata.json
index 285e40a9037..d315ad1396e 100644
--- a/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/metadata.json
+++ b/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "caa93370-791f-4fc6-814b-ba6ce0cb4032",
   "queryName": "Not Limited Capabilities For Pod Security Policy",
-  "severity": "MEDIUM",
-  "category": "Build Process",
+  "severity": "HIGH",
+  "category": "Insecure Configurations",
   "descriptionText": "Limit capabilities for a Pod Security Policy",
   "descriptionUrl": "https://kubernetes.io/docs/concepts/policy/pod-security-policy/",
   "platform": "Kubernetes",
diff --git a/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/test/positive_expected_result.json b/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/test/positive_expected_result.json
index 06320748506..559fe8a61fd 100644
--- a/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/test/positive_expected_result.json
+++ b/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
 	{
 		"queryName": "Not Limited Capabilities For Pod Security Policy",
-		"severity": "MEDIUM",
+		"severity": "HIGH",
 		"line": 10
 	}
 ]
diff --git a/assets/queries/k8s/shared_host_ipc_namespace/metadata.json b/assets/queries/k8s/shared_host_ipc_namespace/metadata.json
index 7bb93a2a8b4..7bd0484d7c2 100644
--- a/assets/queries/k8s/shared_host_ipc_namespace/metadata.json
+++ b/assets/queries/k8s/shared_host_ipc_namespace/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "cd290efd-6c82-4e9d-a698-be12ae31d536",
   "queryName": "Shared Host IPC Namespace",
-  "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "severity": "MEDIUM",
+  "category": "Resource Management",
   "descriptionText": "Container should not share the host IPC namespace",
   "descriptionUrl": "https://kubernetes.io/docs/concepts/policy/pod-security-policy/",
   "platform": "Kubernetes",
diff --git a/assets/queries/k8s/shared_host_ipc_namespace/test/positive_expected_result.json b/assets/queries/k8s/shared_host_ipc_namespace/test/positive_expected_result.json
index c591fc31c93..7e90d6726e6 100644
--- a/assets/queries/k8s/shared_host_ipc_namespace/test/positive_expected_result.json
+++ b/assets/queries/k8s/shared_host_ipc_namespace/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
 	{
 		"queryName": "Shared Host IPC Namespace",
-		"severity": "HIGH",
+		"severity": "MEDIUM",
 		"line": 6
 	}
 ]
diff --git a/assets/queries/k8s/shared_host_network_namespace/metadata.json b/assets/queries/k8s/shared_host_network_namespace/metadata.json
index 9fc833176cc..ebb9c7ab72a 100644
--- a/assets/queries/k8s/shared_host_network_namespace/metadata.json
+++ b/assets/queries/k8s/shared_host_network_namespace/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a",
   "queryName": "Shared Host Network Namespace",
-  "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "severity": "MEDIUM",
+  "category": "Resource Management",
   "descriptionText": "Container should not share the host network namespace",
   "descriptionUrl": "https://kubernetes.io/docs/concepts/policy/pod-security-policy/",
   "platform": "Kubernetes",
diff --git a/assets/queries/k8s/shared_host_network_namespace/test/positive_expected_result.json b/assets/queries/k8s/shared_host_network_namespace/test/positive_expected_result.json
index ce474dcc981..3b14692026d 100644
--- a/assets/queries/k8s/shared_host_network_namespace/test/positive_expected_result.json
+++ b/assets/queries/k8s/shared_host_network_namespace/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
 	{
 		"queryName": "Shared Host Network Namespace",
-		"severity": "HIGH",
+		"severity": "MEDIUM",
 		"line": 6
 	}
 ]
diff --git a/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/metadata.json b/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/metadata.json
index a1de701d137..79f3cf69b76 100644
--- a/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/metadata.json
+++ b/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "3b6d777b-76e3-4133-80a3-0d6f667ade7f",
   "queryName": "Automatic Minor Upgrades Disabled",
-  "severity": "HIGH",
-  "category": "Encryption",
+  "severity": "LOW",
+  "category": "Best Practices",
   "descriptionText": "RDS Instance Auto Minor Version Upgrade feature in Aws Db Instance must be true",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#auto_minor_version_upgrade",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json b/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
index f5a8e302f31..83ba730529e 100644
--- a/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/aws/automatic_minor_upgrades_disabled/test/positive_expected_result.json
@@ -1,13 +1,13 @@
 [
   {
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "HIGH",
+    "severity": "LOW",
     "line": 13,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "Automatic Minor Upgrades Disabled",
-    "severity": "HIGH",
+    "severity": "LOW",
     "line": 11,
     "fileName": "positive2.tf"
   }
diff --git a/assets/queries/terraform/aws/iam_password_without_lowercase_letter/metadata.json b/assets/queries/terraform/aws/iam_password_without_lowercase_letter/metadata.json
index bc67a3ba160..41d997045eb 100644
--- a/assets/queries/terraform/aws/iam_password_without_lowercase_letter/metadata.json
+++ b/assets/queries/terraform/aws/iam_password_without_lowercase_letter/metadata.json
@@ -2,7 +2,7 @@
   "id": "bbc7c137-6c7b-4fc4-984a-0c88e91fcaf9",
   "queryName": "IAM Password Without Lowercase Letter",
   "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "category": "Best Practices",
   "descriptionText": "Check if IAM account password has at least one lowercase letter",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/aws/iam_password_without_uppercase_letter/metadata.json b/assets/queries/terraform/aws/iam_password_without_uppercase_letter/metadata.json
index 461101009d4..42b502afbc0 100644
--- a/assets/queries/terraform/aws/iam_password_without_uppercase_letter/metadata.json
+++ b/assets/queries/terraform/aws/iam_password_without_uppercase_letter/metadata.json
@@ -2,7 +2,7 @@
   "id": "c5ff7bc9-d8ea-46dd-81cb-8286f3222249",
   "queryName": "IAM Password Without Uppercase Letter",
   "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "category": "Best Practices",
   "descriptionText": "Check if IAM account password has at least one uppercase letter",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_account_password_policy",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/aws/iam_policy_grants_full_permissions/metadata.json b/assets/queries/terraform/aws/iam_policy_grants_full_permissions/metadata.json
index bc901af9954..7e0cfc14261 100644
--- a/assets/queries/terraform/aws/iam_policy_grants_full_permissions/metadata.json
+++ b/assets/queries/terraform/aws/iam_policy_grants_full_permissions/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "575a2155-6af1-4026-b1af-d5bc8fe2a904",
   "queryName": "IAM Policy Grants Full Permissions",
-  "severity": "MEDIUM",
+  "severity": "HIGH",
   "category": "Access Control",
   "descriptionText": "IAM policies allow all ('*') in a statement action",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy",
diff --git a/assets/queries/terraform/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json b/assets/queries/terraform/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
index cd193f338b3..f79d9d288ed 100644
--- a/assets/queries/terraform/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
+++ b/assets/queries/terraform/aws/iam_policy_grants_full_permissions/test/positive_expected_result.json
@@ -1,13 +1,13 @@
 [
   {
     "queryName": "IAM Policy Grants Full Permissions",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 20,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "IAM Policy Grants Full Permissions",
-    "severity": "MEDIUM",
+    "severity": "HIGH",
     "line": 3,
     "fileName": "positive2.tf"
   }
diff --git a/assets/queries/terraform/aws/public_lambda_via_api_gateway/metadata.json b/assets/queries/terraform/aws/public_lambda_via_api_gateway/metadata.json
index ac1b3509ad6..a6dc778cf4d 100644
--- a/assets/queries/terraform/aws/public_lambda_via_api_gateway/metadata.json
+++ b/assets/queries/terraform/aws/public_lambda_via_api_gateway/metadata.json
@@ -2,7 +2,7 @@
   "id": "3ef8696c-e4ae-4872-92c7-520bb44dfe77",
   "queryName": "Public Lambda via API Gateway",
   "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "category": "Access Control",
   "descriptionText": "Allowing to run lambda function using public API Gateway",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/aws/sqs_with_sse_disabled/metadata.json b/assets/queries/terraform/aws/sqs_with_sse_disabled/metadata.json
index a72b3f40bce..f8479f348cd 100644
--- a/assets/queries/terraform/aws/sqs_with_sse_disabled/metadata.json
+++ b/assets/queries/terraform/aws/sqs_with_sse_disabled/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "6e8849c1-3aa7-40e3-9063-b85ee300f29f",
   "queryName": "SQS With SSE Disabled",
-  "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "severity": "MEDIUM",
+  "category": "Encryption",
   "descriptionText": "Amazon Simple Queue Service (SQS) queue is not protecting the contents of their messages using Server-Side Encryption (SSE)",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/aws/sqs_with_sse_disabled/test/positive_expected_result.json b/assets/queries/terraform/aws/sqs_with_sse_disabled/test/positive_expected_result.json
index 467226fe887..b83429dea8f 100644
--- a/assets/queries/terraform/aws/sqs_with_sse_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/aws/sqs_with_sse_disabled/test/positive_expected_result.json
@@ -1,43 +1,43 @@
 [
   {
     "queryName": "SQS With SSE Disabled",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 1,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "SQS With SSE Disabled",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 3,
     "fileName": "positive2.tf"
   },
   {
     "queryName": "SQS With SSE Disabled",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 1,
     "fileName": "positive3.tf"
   },
   {
     "queryName": "SQS With SSE Disabled",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 1,
     "fileName": "positive4.tf"
   },
   {
     "queryName": "SQS With SSE Disabled",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 12,
     "fileName": "positive5.tf"
   },
   {
     "queryName": "SQS With SSE Disabled",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 1,
     "fileName": "positive6.tf"
   },
   {
     "queryName": "SQS With SSE Disabled",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 3,
     "fileName": "positive7.tf"
   }
diff --git a/assets/queries/terraform/aws/vpc_flowlogs_disabled/metadata.json b/assets/queries/terraform/aws/vpc_flowlogs_disabled/metadata.json
index d13b0bc3738..002c9ae34ee 100644
--- a/assets/queries/terraform/aws/vpc_flowlogs_disabled/metadata.json
+++ b/assets/queries/terraform/aws/vpc_flowlogs_disabled/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "f83121ea-03da-434f-9277-9cd247ab3047",
   "queryName": "VPC FlowLogs Disabled",
-  "severity": "MEDIUM",
+  "severity": "LOW",
   "category": "Observability",
   "descriptionText": "Every VPC resource should have an associated Flow Log",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc",
diff --git a/assets/queries/terraform/aws/vpc_flowlogs_disabled/test/positive_expected_result.json b/assets/queries/terraform/aws/vpc_flowlogs_disabled/test/positive_expected_result.json
index 55a09bedbfa..375c50ca046 100644
--- a/assets/queries/terraform/aws/vpc_flowlogs_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/aws/vpc_flowlogs_disabled/test/positive_expected_result.json
@@ -1,25 +1,25 @@
 [
   {
     "queryName": "VPC FlowLogs Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 5,
     "filename": "positive1.tf"
   },
   {
     "queryName": "VPC FlowLogs Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 1,
     "filename": "positive2.tf"
   },
   {
     "queryName": "VPC FlowLogs Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 14,
     "filename": "positive3.tf"
   },
   {
     "queryName": "VPC FlowLogs Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 1,
     "filename": "positive4.tf"
   }
diff --git a/assets/queries/terraform/azure/trusted_microsoft_services_not_enabled/metadata.json b/assets/queries/terraform/azure/trusted_microsoft_services_not_enabled/metadata.json
index f26d000fa8a..2e91730392f 100644
--- a/assets/queries/terraform/azure/trusted_microsoft_services_not_enabled/metadata.json
+++ b/assets/queries/terraform/azure/trusted_microsoft_services_not_enabled/metadata.json
@@ -2,7 +2,7 @@
   "id": "5400f379-a347-4bdd-a032-446465fdcc6f",
   "queryName": "Trusted Microsoft Services Not Enabled",
   "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "category": "Networking and Firewall",
   "descriptionText": "Trusted MIcrosoft Services are not enabled for Storage Account access",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#bypass",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json b/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json
index 8fa60548196..c4427df68cb 100644
--- a/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json
+++ b/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "a6cd52a1-3056-4910-96a5-894de9f3f3b3",
   "queryName": "Cloud Storage Anonymous or Publicly Accessible",
-  "severity": "MEDIUM",
+  "severity": "HIGH",
   "category": "Access Control",
   "descriptionText": "Cloud Storage Buckets must not be anonymously or publicly accessible, which means the attribute 'members' must not possess 'allUsers' or 'allAuthenticatedUsers'",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam#google_storage_bucket_iam_binding",
diff --git a/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json b/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
index a7328c3f7f4..698a38fd731 100644
--- a/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
+++ b/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible/test/positive_expected_result.json
@@ -1,17 +1,17 @@
 [
 	{
 		"queryName": "Cloud Storage Anonymous or Publicly Accessible",
-		"severity": "MEDIUM",
+		"severity": "HIGH",
 		"line": 5
 	},
 	{
 		"queryName": "Cloud Storage Anonymous or Publicly Accessible",
-		"severity": "MEDIUM",
+		"severity": "HIGH",
 		"line": 11
 	},
 	{
 		"queryName": "Cloud Storage Anonymous or Publicly Accessible",
-		"severity": "MEDIUM",
+		"severity": "HIGH",
 		"line": 17
 	}
 ]
diff --git a/assets/queries/terraform/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances/metadata.json b/assets/queries/terraform/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances/metadata.json
index 72f999e2cdf..c716eb0b5d2 100644
--- a/assets/queries/terraform/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances/metadata.json
+++ b/assets/queries/terraform/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances/metadata.json
@@ -2,7 +2,7 @@
   "id": "3e4d5ce6-3280-4027-8010-c26eeea1ec01",
   "queryName": "Project-wide SSH Keys Are Enabled In VM Instances",
   "severity": "MEDIUM",
-  "category": "Insecure Configurations",
+  "category": "Secret Management",
   "descriptionText": "VM Instance should block project-wide SSH keys",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/kubernetes/container_host_ipc_is_true/metadata.json b/assets/queries/terraform/kubernetes/container_host_ipc_is_true/metadata.json
index 1975082b158..06a40dc1a25 100644
--- a/assets/queries/terraform/kubernetes/container_host_ipc_is_true/metadata.json
+++ b/assets/queries/terraform/kubernetes/container_host_ipc_is_true/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "e94d3121-c2d1-4e34-a295-139bfeb73ea3",
   "queryName": "Shared Host IPC Namespace",
-  "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "severity": "MEDIUM",
+  "category": "Resource Management",
   "descriptionText": "Container should not share the host IPC namespace",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_ipc",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/kubernetes/container_host_ipc_is_true/test/positive_expected_result.json b/assets/queries/terraform/kubernetes/container_host_ipc_is_true/test/positive_expected_result.json
index 5e26d485662..31f178f754c 100644
--- a/assets/queries/terraform/kubernetes/container_host_ipc_is_true/test/positive_expected_result.json
+++ b/assets/queries/terraform/kubernetes/container_host_ipc_is_true/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
   {
     "queryName": "Shared Host IPC Namespace",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 8
   }
 ]
diff --git a/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/metadata.json b/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/metadata.json
index 1db8ae60f8e..106af0a2645 100644
--- a/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/metadata.json
+++ b/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "5b6d53dd-3ba3-4269-b4d7-f82e880e43c3",
   "queryName": "Liveness Probe Is Not Defined",
-  "severity": "MEDIUM",
+  "severity": "LOW",
   "category": "Availability",
   "descriptionText": "Liveness Probe must be defined",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#liveness_probe",
diff --git a/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/test/positive_expected_result.json b/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/test/positive_expected_result.json
index 57083580bdf..077220a49a4 100644
--- a/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/test/positive_expected_result.json
+++ b/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined/test/positive_expected_result.json
@@ -1,13 +1,13 @@
 [
   {
     "queryName": "Liveness Probe Is Not Defined",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 7,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "Liveness Probe Is Not Defined",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 27,
     "fileName": "positive2.tf"
   }
diff --git a/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/metadata.json b/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/metadata.json
index 58cf6e26488..691899ef68b 100644
--- a/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/metadata.json
+++ b/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba",
   "queryName": "Permissive Access to Create Pods",
-  "severity": "LOW",
+  "severity": "MEDIUM",
   "category": "Access Control",
   "descriptionText": "The permission to create pods in a cluster should be restricted because it allows privilege escalation.",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role#rule",
diff --git a/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/test/positive_expected_result.json b/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/test/positive_expected_result.json
index 6baad6e9491..4c1936c69ac 100644
--- a/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/test/positive_expected_result.json
+++ b/assets/queries/terraform/kubernetes/permissive_access_to_create_pods/test/positive_expected_result.json
@@ -1,49 +1,49 @@
 [
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 13,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 35,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 51,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 67,
     "fileName": "positive1.tf"
   },
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 9,
     "fileName": "positive2.tf"
   },
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 21,
     "fileName": "positive2.tf"
   },
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 33,
     "fileName": "positive2.tf"
   },
   {
     "queryName": "Permissive Access to Create Pods",
-    "severity": "LOW",
+    "severity": "MEDIUM",
     "line": 45,
     "fileName": "positive2.tf"
   }
diff --git a/assets/queries/terraform/kubernetes/shared_host_network_namespace/metadata.json b/assets/queries/terraform/kubernetes/shared_host_network_namespace/metadata.json
index 52bedc9f1c7..5b33ced16ff 100644
--- a/assets/queries/terraform/kubernetes/shared_host_network_namespace/metadata.json
+++ b/assets/queries/terraform/kubernetes/shared_host_network_namespace/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "ac1564a3-c324-4747-9fa1-9dfc234dace0",
   "queryName": "Shared Host Network Namespace",
-  "severity": "HIGH",
-  "category": "Insecure Configurations",
+  "severity": "MEDIUM",
+  "category": "Resource Management",
   "descriptionText": "Container should not share the host network namespace",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/pod#host_network",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/kubernetes/shared_host_network_namespace/test/positive_expected_result.json b/assets/queries/terraform/kubernetes/shared_host_network_namespace/test/positive_expected_result.json
index 842df63aa3a..1b6b06fed37 100644
--- a/assets/queries/terraform/kubernetes/shared_host_network_namespace/test/positive_expected_result.json
+++ b/assets/queries/terraform/kubernetes/shared_host_network_namespace/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
   {
     "queryName": "Shared Host Network Namespace",
-    "severity": "HIGH",
+    "severity": "MEDIUM",
     "line": 7
   }
 ]

From 870712680ba8be077a210cbcfadd99f72293bbcb Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 12:17:45 +0100
Subject: [PATCH 02/12] update SNS Topic is Publicly Accessible ansible

---
 .../metadata.json                                  |  6 +++---
 .../query.rego                                     | 10 +++++++---
 .../test/negative.yaml                             | 12 ++++++++++++
 .../test/positive.yaml                             | 12 ++++++++++++
 .../test/positive_expected_result.json             | 14 ++++++++++++++
 .../test/positive_expected_result.json             | 12 ------------
 6 files changed, 48 insertions(+), 18 deletions(-)
 rename assets/queries/ansible/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/metadata.json (60%)
 rename assets/queries/ansible/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/query.rego (65%)
 rename assets/queries/ansible/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/test/negative.yaml (78%)
 rename assets/queries/ansible/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/test/positive.yaml (83%)
 create mode 100644 assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
 delete mode 100644 assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json

diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/metadata.json
similarity index 60%
rename from assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json
rename to assets/queries/ansible/aws/sns_topic_is_publicly_accessible/metadata.json
index 31a4089d189..e6c992dd090 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/metadata.json
@@ -1,9 +1,9 @@
 {
   "id": "905f4741-f965-45c1-98db-f7a00a0e5c73",
-  "queryName": "SNS Topic is Publicly Accessible For Subscription",
-  "severity": "MEDIUM",
+  "queryName": "SNS Topic is Publicly Accessible",
+  "severity": "HIGH",
   "category": "Access Control",
-  "descriptionText": "This query checks if SNS Topic is Accessible For Subscription",
+  "descriptionText": "SNS Topic Policy should not allow any principal to access",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/sns_topic_module.html",
   "platform": "Ansible",
   "descriptionID": "956322cf",
diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
similarity index 65%
rename from assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego
rename to assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
index 11a7b060bbf..7c02736fd5b 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
@@ -3,17 +3,21 @@ package Cx
 import data.generic.ansible as ansLib
 import data.generic.common as common_lib
 
+notValidToken := {"*", ""}
+
 CxPolicy[result] {
 	task := ansLib.tasks[id][t]
 	modules := {"community.aws.sns_topic", "sns_topic"}
 	snsTopicCommunity := task[modules[m]]
 	ansLib.checkState(snsTopicCommunity)
-
-	common_lib.valid_key(snsTopicCommunity, "subscriptions")
+	policies := snsTopicCommunity.policy
+	statement := policies.Statement[i]
+	statement.Effect == "Allow"
+	statement.Principal == notValidToken[_]
 
 	result := {
 		"documentId": id,
-		"searchKey": sprintf("name={{%s}}.{{%s}}", [task.name, modules[m]]),
+		"searchKey": sprintf("name={{%s}}.{{%s}}.policy", [task.name, modules[m]]),
 		"issueType": "IncorrectValue",
 		"keyExpectedValue": "sns_topic.subscriptions should be undefined",
 		"keyActualValue": "sns_topic.subscriptions is defined",
diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative.yaml b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/negative.yaml
similarity index 78%
rename from assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative.yaml
rename to assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/negative.yaml
index 45355702f70..66896d730d6 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative.yaml
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/negative.yaml
@@ -14,6 +14,12 @@
         disableSubscriptionOverrides: true
         defaultThrottlePolicy:
           maxReceivesPerSecond: 10
+    policy:
+      Version: '2022-05-02'
+      Statement:
+      - Effect: Allow
+        Action: Publish
+        Principal: NotAll
 
 - name: Create alarm SNS topic
   sns_topic:
@@ -31,3 +37,9 @@
         disableSubscriptionOverrides: true
         defaultThrottlePolicy:
           maxReceivesPerSecond: 10
+    policy:
+      Version: '2022-05-02'
+      Statement:
+      - Effect: Allow
+        Action: Publish
+        Principal: NotAll
diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive.yaml b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
similarity index 83%
rename from assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive.yaml
rename to assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
index 26b1d718068..f311594d06f 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive.yaml
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
@@ -20,6 +20,12 @@
         protocol: "email"
       - endpoint: "my_mobile_number"
         protocol: "sms"
+    policy:
+      Version: '2022-05-02'
+      Statement:
+      - Effect: Allow
+        Action: Publish
+        Principal: ''
 
 - name: Create alarm SNS topic
   sns_topic:
@@ -42,3 +48,9 @@
         protocol: "email"
       - endpoint: "my_mobile_number"
         protocol: "sms"
+    policy:
+      Version: '2022-05-02'
+      Statement:
+      - Effect: Allow
+        Action: Publish
+        Principal: '*'
diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
new file mode 100644
index 00000000000..b3e70fd9b62
--- /dev/null
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
@@ -0,0 +1,14 @@
+[
+	{
+		"queryName": "SNS Topic is Publicly Accessible",
+		"severity": "HIGH",
+		"line": 23,
+		"fileName": "positive.yaml"
+	},
+	{
+		"queryName": "SNS Topic is Publicly Accessible",
+		"severity": "HIGH",
+		"line": 51,
+		"fileName": "positive.yaml"
+	}
+]
diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json
deleted file mode 100644
index c3557e0db8f..00000000000
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json
+++ /dev/null
@@ -1,12 +0,0 @@
-[
-	{
-		"queryName": "SNS Topic is Publicly Accessible For Subscription",
-		"severity": "MEDIUM",
-		"line": 3
-	},
-	{
-		"queryName": "SNS Topic is Publicly Accessible For Subscription",
-		"severity": "MEDIUM",
-		"line": 25
-	}
-]

From 2f11c12236c0613ba1cd45ff5b7a28491b98b03b Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 12:53:39 +0100
Subject: [PATCH 03/12] update SNS Topic is Publicly Accessible for cF

---
 .../metadata.json                             |  6 ++--
 .../query.rego                                | 25 ++++++++++++++++
 .../test/negative1.yaml                       | 15 ++++++++++
 .../test/negative2.json                       | 23 ++++++++++++++
 .../test/positive1.yaml                       | 15 ++++++++++
 .../test/positive2.yaml                       | 15 ++++++++++
 .../test/positive3.json                       | 23 ++++++++++++++
 .../test/positive4.json                       | 23 ++++++++++++++
 .../test/positive_expected_result.json        | 26 ++++++++++++++++
 .../query.rego                                | 30 -------------------
 .../test/negative1.yaml                       | 10 -------
 .../test/negative2.json                       | 18 -----------
 .../test/negative3.json                       | 25 ----------------
 .../test/negative4.yaml                       | 13 --------
 .../test/positive1.yaml                       |  7 -----
 .../test/positive2.json                       | 12 --------
 .../test/positive_expected_result.json        | 14 ---------
 17 files changed, 168 insertions(+), 132 deletions(-)
 rename assets/queries/cloudFormation/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/metadata.json (74%)
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative1.yaml
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative2.json
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive1.yaml
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive3.json
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json
 create mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative1.yaml
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative2.json
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative3.json
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative4.yaml
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive1.yaml
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive2.json
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json

diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json
similarity index 74%
rename from assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json
rename to assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json
index cb89b3e157e..4ebbbedf23a 100644
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json
@@ -1,8 +1,8 @@
 {
   "id": "ae53ce91-42b5-46bf-a84f-9a13366a4f13",
-  "queryName": "SNS Topic is Publicly Accessible For Subscription",
-  "severity": "LOW",
-  "category": "Observability",
+  "queryName": "SNS Topic is Publicly Accessible",
+  "severity": "HIGH",
+  "category": "Access Control",
   "descriptionText": "Ensure appropriate subscribers to each SNS topic",
   "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html#cfn-sns-topic-subscription",
   "platform": "CloudFormation",
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
new file mode 100644
index 00000000000..d1a638406e4
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
@@ -0,0 +1,25 @@
+package Cx
+
+import data.generic.common as common_lib
+
+notValidTokens := {"*",""}
+
+CxPolicy[result] {
+	resource := input.document[i].Resources[name]
+	resource.Type == "AWS::SNS::TopicPolicy"
+
+	policy := resource.Properties.PolicyDocument
+	st := common_lib.get_statement(common_lib.get_policy(policy))
+	statement := st[_]
+	common_lib.is_allow_effect(statement)
+	common_lib.equalsOrInArray(statement.Principal, notValidTokens[_])
+
+	result := {
+		"documentId": input.document[i].id,
+		"searchKey": sprintf("Resources.%s.Properties", [name]),
+		"issueType": "IncorrectValue",
+		"keyExpectedValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement does not allow all actions from all principals", [name]),
+		"keyActualValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement allows all actions from all principals", [name]),
+		"searchLine": common_lib.build_search_line(["Resource", name, "Properties", "PolicyDocument"], []),
+	}
+}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative1.yaml b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative1.yaml
new file mode 100644
index 00000000000..7d52a35e034
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative1.yaml
@@ -0,0 +1,15 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: ''
+Resources:
+  snsPolicy:
+      Type: AWS::SNS::TopicPolicy
+      Properties:
+        PolicyDocument:
+          Statement: [
+            {
+              "Sid": "MyTopicPolicy",
+              "Effect": "Allow",
+              "Principal": "otherPrincipal",
+              "Action": ["sns:Publish"],
+              "Resource": "arn:aws:sns:MyTopic"
+            }]
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative2.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative2.json
new file mode 100644
index 00000000000..bfe8a4e5574
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/negative2.json
@@ -0,0 +1,23 @@
+{
+  "AWSTemplateFormatVersion": "2010-09-09",
+  "Description": "",
+  "Resources": {
+    "mysnspolicy0" : {
+      "Type" : "AWS::SNS::TopicPolicy",
+      "Properties" : {
+        "PolicyDocument" :  {
+          "Id" : "MyTopicPolicy",
+          "Version" : "2012-10-17",
+          "Statement" : [ {
+            "Sid" : "My-statement-id",
+            "Effect" : "Allow",
+            "Principal" : "otherPrincipal",
+            "Action" : "sns:Publish",
+            "Resource" : "*"
+          } ]
+        },
+        "Topics" : [ { "Ref" : "MySNSTopic" } ]
+      }
+    }
+  }
+}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive1.yaml b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive1.yaml
new file mode 100644
index 00000000000..a510b7e14f7
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive1.yaml
@@ -0,0 +1,15 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: ''
+Resources:
+  snsPolicy:
+      Type: AWS::SNS::TopicPolicy
+      Properties:
+        PolicyDocument:
+          Statement: [
+            {
+              "Sid": "MyTopicPolicy",
+              "Effect": "Allow",
+              "Principal": "*",
+              "Action": ["sns:Publish"],
+              "Resource": "arn:aws:sns:MyTopic"
+            }]
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml
new file mode 100644
index 00000000000..f5bbe1d0c1e
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml
@@ -0,0 +1,15 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: ''
+Resources:
+  snsPolicy:
+      Type: AWS::SNS::TopicPolicy
+      Properties:
+        PolicyDocument:
+          Statement: [
+            {
+              "Sid": "MyTopicPolicy",
+              "Effect": "Allow",
+              "Principal": "",
+              "Action": ["sns:Publish"],
+              "Resource": "arn:aws:sns:MyTopic"
+            }]
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive3.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive3.json
new file mode 100644
index 00000000000..09a388d6bbd
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive3.json
@@ -0,0 +1,23 @@
+{
+  "AWSTemplateFormatVersion": "2010-09-09",
+  "Description": "",
+  "Resources": {
+    "mysnspolicy0" : {
+      "Type" : "AWS::SNS::TopicPolicy",
+      "Properties" : {
+        "PolicyDocument" :  {
+          "Id" : "MyTopicPolicy",
+          "Version" : "2012-10-17",
+          "Statement" : [ {
+            "Sid" : "My-statement-id",
+            "Effect" : "Allow",
+            "Principal" : "*",
+            "Action" : "sns:Publish",
+            "Resource" : "*"
+          } ]
+        },
+        "Topics" : [ { "Ref" : "MySNSTopic" } ]
+      }
+    }
+  }
+}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json
new file mode 100644
index 00000000000..fca94b18529
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json
@@ -0,0 +1,23 @@
+{
+  "AWSTemplateFormatVersion": "2010-09-09",
+  "Description": "",
+  "Resources": {
+    "mysnspolicy0" : {
+      "Type" : "AWS::SNS::TopicPolicy",
+      "Properties" : {
+        "PolicyDocument" :  {
+          "Id" : "MyTopicPolicy",
+          "Version" : "2012-10-17",
+          "Statement" : [ {
+            "Sid" : "My-statement-id",
+            "Effect" : "Allow",
+            "Principal" : "",
+            "Action" : "sns:Publish",
+            "Resource" : "*"
+          } ]
+        },
+        "Topics" : [ { "Ref" : "MySNSTopic" } ]
+      }
+    }
+  }
+}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
new file mode 100644
index 00000000000..bd3aa88a9cb
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
@@ -0,0 +1,26 @@
+[
+  {
+    "line": 6,
+    "fileName": "positive1.yaml",
+    "queryName": "SNS Topic is Publicly Accessible",
+    "severity": "HIGH"
+  },
+  {
+    "queryName": "SNS Topic is Publicly Accessible",
+    "severity": "HIGH",
+    "line": 6,
+    "fileName": "positive2.yaml"
+  },
+  {
+    "queryName": "SNS Topic is Publicly Accessible",
+    "severity": "HIGH",
+    "line": 7,
+    "fileName": "positive3.json"
+  },
+  {
+    "queryName": "SNS Topic is Publicly Accessible",
+    "severity": "HIGH",
+    "line": 7,
+    "fileName": "positive4.json"
+  }
+]
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego
deleted file mode 100644
index d29aa4cb9cc..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego
+++ /dev/null
@@ -1,30 +0,0 @@
-package Cx
-
-CxPolicy[result] {
-	resourceSNS := input.document[i].Resources
-	some nameSNS
-	resourceSNS[nameSNS].Type == "AWS::SNS::Topic"
-
-	not resourceSNS[nameSNS].Properties.Subscription
-	not has_aws_SNS_Sub(input,nameSNS)
-
-	result := {
-		"documentId": input.document[i].id,
-		"searchKey": sprintf("Resources.%s.Properties", [nameSNS]),
-		"issueType": "MissingAttribute",
-		"keyExpectedValue": sprintf("'Resources.%s.Properties.Subscription' is set", [nameSNS]),
-		"keyActualValue": sprintf("'Resources.%s.Properties.Subscription' is not set", [nameSNS]),
-	}
-}
-
-has_aws_SNS_Sub(input_document, name_SNS){
-	resourceSNS := input_document.document[i].Resources
-	resourceSNS[j].Type == "AWS::SNS::Subscription"
-	topic := get_topic(resourceSNS[j].Properties.TopicArn) 
-	topic == name_SNS
-}
-get_topic(topicArn) = topic {
-   topic := topicArn.Ref
-} else = topic {
-   topic := topicArn
-}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative1.yaml b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative1.yaml
deleted file mode 100644
index 8f0815d0b95..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative1.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-AWSTemplateFormatVersion: '2010-09-09'
-Description: ''
-Resources:
-  SnsTopic:
-    Type: 'AWS::SNS::Topic'
-    Properties:
-      Subscription:
-        - Endpoint: email@example.com
-          Protocol: email
-      TopicName: alarm-action
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative2.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative2.json
deleted file mode 100644
index e3791861936..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative2.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-  "AWSTemplateFormatVersion": "2010-09-09",
-  "Description": "",
-  "Resources": {
-    "SnsTopic": {
-      "Type": "AWS::SNS::Topic",
-      "Properties": {
-        "Subscription": [
-          {
-            "Endpoint": "email@example.com",
-            "Protocol": "email"
-          }
-        ],
-        "TopicName": "alarm-action"
-      }
-    }
-  }
-}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative3.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative3.json
deleted file mode 100644
index 0b2f7a2b6c1..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative3.json
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-  "AWSTemplateFormatVersion": "2010-09-09",
-  "Description": "",
-  "Resources": {
-    "mytopicF1111A24": {
-      "Type": "AWS::SNS::Topic",
-      "Properties": {
-        "TopicName": "mytopic"
-      }
-    },
-    "mytopictestexamplecomCB22222C3": {
-      "Type": "AWS::SNS::Subscription",
-      "Properties": {
-        "Protocol": "email",
-        "TopicArn": {
-          "Ref": "mytopicF1111A24"
-        },
-        "Endpoint": "test@example.com"
-      },
-      "Metadata": {
-        "aws:cdk:path": "stack-test/mytopic/test@example.com/Resource"
-      }
-    }
-  }
-}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative4.yaml b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative4.yaml
deleted file mode 100644
index 91752b78419..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative4.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-AWSTemplateFormatVersion: '2010-09-09'
-Description: ''
-Resources:
-  MySNSTopic:
-    Type: AWS::SNS::Topic
-    Properties:
-      TopicName: createProductTopic
-  MySubscription:
-    Type: AWS::SNS::Subscription
-    Properties:
-      Endpoint: test@example.com
-      Protocol: email
-      TopicArn: !Ref MySNSTopic
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive1.yaml b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive1.yaml
deleted file mode 100644
index 8ed601d8e91..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive1.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-AWSTemplateFormatVersion: '2010-09-09'
-Description: ''
-Resources:
-  SnsTopic:
-    Type: 'AWS::SNS::Topic'
-    Properties:
-      TopicName: alarm-action
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive2.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive2.json
deleted file mode 100644
index 44c3ff1258d..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive2.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "Resources": {
-    "SnsTopic": {
-      "Type": "AWS::SNS::Topic",
-      "Properties": {
-        "TopicName": "alarm-action"
-      }
-    }
-  },
-  "AWSTemplateFormatVersion": "2010-09-09",
-  "Description": ""
-}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json
deleted file mode 100644
index b8b2af86c73..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json
+++ /dev/null
@@ -1,14 +0,0 @@
-[
-  {
-    "line": 6,
-    "fileName": "positive1.yaml",
-    "queryName": "SNS Topic is Publicly Accessible For Subscription",
-    "severity": "LOW"
-  },
-  {
-    "queryName": "SNS Topic is Publicly Accessible For Subscription",
-    "severity": "LOW",
-    "line": 5,
-    "fileName": "positive2.json"
-  }
-]

From d95c0e07c39304399fb037ae7b89d515b6348c39 Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 12:57:19 +0100
Subject: [PATCH 04/12] update SNS Topic is Publicly Accessible ansible

---
 .../ansible/aws/sns_topic_is_publicly_accessible/query.rego      | 1 +
 1 file changed, 1 insertion(+)

diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
index 7c02736fd5b..61f1fe3a28b 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
@@ -21,5 +21,6 @@ CxPolicy[result] {
 		"issueType": "IncorrectValue",
 		"keyExpectedValue": "sns_topic.subscriptions should be undefined",
 		"keyActualValue": "sns_topic.subscriptions is defined",
+		"searchLine": common_lib.build_search_line(["playbooks", t, modules[m], "policy"], []),
 	}
 }

From 1221d017cb61947397ebd6cfc3fda302aeca6722 Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 13:02:36 +0100
Subject: [PATCH 05/12] update description

---
 .../aws/sns_topic_is_publicly_accessible/metadata.json        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json
index 4ebbbedf23a..c70082b9eda 100644
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/metadata.json
@@ -3,8 +3,8 @@
   "queryName": "SNS Topic is Publicly Accessible",
   "severity": "HIGH",
   "category": "Access Control",
-  "descriptionText": "Ensure appropriate subscribers to each SNS topic",
-  "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-topic.html#cfn-sns-topic-subscription",
+  "descriptionText": "SNS Topic Policy should not allow any principal to access",
+  "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sns-policy.html",
   "platform": "CloudFormation",
   "descriptionID": "93100b84",
   "cloudProvider": "aws"

From e26d5514722b423f66c3c45e6b59458858a6bf4c Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 15:00:49 +0100
Subject: [PATCH 06/12] change any principal check

---
 .../query.rego                                |  8 +++----
 .../test/positive.yaml                        |  2 +-
 .../query.rego                                | 14 +++++------
 .../test/{positive3.json => positive2.json}   |  0
 .../test/positive2.yaml                       | 15 ------------
 .../test/positive4.json                       | 23 -------------------
 .../test/positive_expected_result.json        | 18 +++------------
 .../metadata.json                             |  6 ++---
 .../query.rego                                |  0
 .../test/negative.tf                          |  0
 .../test/positive.tf                          |  0
 .../test/positive_expected_result.json        |  7 ++++++
 .../test/positive_expected_result.json        |  7 ------
 13 files changed, 23 insertions(+), 77 deletions(-)
 rename assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/{positive3.json => positive2.json} (100%)
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml
 delete mode 100644 assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json
 rename assets/queries/terraform/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/metadata.json (60%)
 rename assets/queries/terraform/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/query.rego (100%)
 rename assets/queries/terraform/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/test/negative.tf (100%)
 rename assets/queries/terraform/aws/{sns_topic_is_publicly_accessible_for_subscription => sns_topic_is_publicly_accessible}/test/positive.tf (100%)
 create mode 100644 assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
 delete mode 100644 assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json

diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
index 61f1fe3a28b..b8dbbe32c50 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
@@ -3,8 +3,6 @@ package Cx
 import data.generic.ansible as ansLib
 import data.generic.common as common_lib
 
-notValidToken := {"*", ""}
-
 CxPolicy[result] {
 	task := ansLib.tasks[id][t]
 	modules := {"community.aws.sns_topic", "sns_topic"}
@@ -13,14 +11,14 @@ CxPolicy[result] {
 	policies := snsTopicCommunity.policy
 	statement := policies.Statement[i]
 	statement.Effect == "Allow"
-	statement.Principal == notValidToken[_]
+	common_lib.any_principal(statement)
 
 	result := {
 		"documentId": id,
 		"searchKey": sprintf("name={{%s}}.{{%s}}.policy", [task.name, modules[m]]),
 		"issueType": "IncorrectValue",
-		"keyExpectedValue": "sns_topic.subscriptions should be undefined",
-		"keyActualValue": "sns_topic.subscriptions is defined",
+		"keyExpectedValue": "sns_topic.policy does not allow actions from all principals",
+		"keyActualValue": "sns_topic.policy allows actions from all principals",
 		"searchLine": common_lib.build_search_line(["playbooks", t, modules[m], "policy"], []),
 	}
 }
diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
index f311594d06f..c92b932f18e 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
@@ -25,7 +25,7 @@
       Statement:
       - Effect: Allow
         Action: Publish
-        Principal: ''
+        Principal: '*'
 
 - name: Create alarm SNS topic
   sns_topic:
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
index d1a638406e4..9ef2fcab3ca 100644
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
@@ -2,24 +2,22 @@ package Cx
 
 import data.generic.common as common_lib
 
-notValidTokens := {"*",""}
-
 CxPolicy[result] {
 	resource := input.document[i].Resources[name]
 	resource.Type == "AWS::SNS::TopicPolicy"
 
 	policy := resource.Properties.PolicyDocument
 	st := common_lib.get_statement(common_lib.get_policy(policy))
-	statement := st[_]
+	statement := st[j]
 	common_lib.is_allow_effect(statement)
-	common_lib.equalsOrInArray(statement.Principal, notValidTokens[_])
+	common_lib.any_principal(statement)
 
 	result := {
 		"documentId": input.document[i].id,
-		"searchKey": sprintf("Resources.%s.Properties", [name]),
+		"searchKey": sprintf("Resources.%s.Properties.PolicyDocument.Statement", [name]),
 		"issueType": "IncorrectValue",
-		"keyExpectedValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement does not allow all actions from all principals", [name]),
-		"keyActualValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement allows all actions from all principals", [name]),
-		"searchLine": common_lib.build_search_line(["Resource", name, "Properties", "PolicyDocument"], []),
+		"keyExpectedValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement does not allow actions from all principals", [name]),
+		"keyActualValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement allows actions from all principals", [name]),
+		"searchLine": common_lib.build_search_line(["Resource", name, "Properties", "PolicyDocument","Statement"], []),
 	}
 }
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive3.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.json
similarity index 100%
rename from assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive3.json
rename to assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.json
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml
deleted file mode 100644
index f5bbe1d0c1e..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive2.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-AWSTemplateFormatVersion: '2010-09-09'
-Description: ''
-Resources:
-  snsPolicy:
-      Type: AWS::SNS::TopicPolicy
-      Properties:
-        PolicyDocument:
-          Statement: [
-            {
-              "Sid": "MyTopicPolicy",
-              "Effect": "Allow",
-              "Principal": "",
-              "Action": ["sns:Publish"],
-              "Resource": "arn:aws:sns:MyTopic"
-            }]
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json
deleted file mode 100644
index fca94b18529..00000000000
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive4.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-  "AWSTemplateFormatVersion": "2010-09-09",
-  "Description": "",
-  "Resources": {
-    "mysnspolicy0" : {
-      "Type" : "AWS::SNS::TopicPolicy",
-      "Properties" : {
-        "PolicyDocument" :  {
-          "Id" : "MyTopicPolicy",
-          "Version" : "2012-10-17",
-          "Statement" : [ {
-            "Sid" : "My-statement-id",
-            "Effect" : "Allow",
-            "Principal" : "",
-            "Action" : "sns:Publish",
-            "Resource" : "*"
-          } ]
-        },
-        "Topics" : [ { "Ref" : "MySNSTopic" } ]
-      }
-    }
-  }
-}
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
index bd3aa88a9cb..48ad320bbae 100644
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
@@ -1,6 +1,6 @@
 [
   {
-    "line": 6,
+    "line": 8,
     "fileName": "positive1.yaml",
     "queryName": "SNS Topic is Publicly Accessible",
     "severity": "HIGH"
@@ -8,19 +8,7 @@
   {
     "queryName": "SNS Topic is Publicly Accessible",
     "severity": "HIGH",
-    "line": 6,
-    "fileName": "positive2.yaml"
-  },
-  {
-    "queryName": "SNS Topic is Publicly Accessible",
-    "severity": "HIGH",
-    "line": 7,
-    "fileName": "positive3.json"
-  },
-  {
-    "queryName": "SNS Topic is Publicly Accessible",
-    "severity": "HIGH",
-    "line": 7,
-    "fileName": "positive4.json"
+    "line": 11,
+    "fileName": "positive2.json"
   }
 ]
diff --git a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/metadata.json
similarity index 60%
rename from assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json
rename to assets/queries/terraform/aws/sns_topic_is_publicly_accessible/metadata.json
index eec72306c86..c18c59ef855 100644
--- a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/metadata.json
+++ b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/metadata.json
@@ -1,9 +1,9 @@
 {
   "id": "b26d2b7e-60f6-413d-a3a1-a57db24aa2b3",
-  "queryName": "SNS Topic is Publicly Accessible For Subscription",
-  "severity": "MEDIUM",
+  "queryName": "SNS Topic is Publicly Accessible",
+  "severity": "HIGH",
   "category": "Access Control",
-  "descriptionText": "This query checks if SNS Topic is Accessible For Subscription",
+  "descriptionText": "SNS Topic Policy should not allow any principal to access",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic",
   "platform": "Terraform",
   "descriptionID": "52e85de5",
diff --git a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/query.rego
similarity index 100%
rename from assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/query.rego
rename to assets/queries/terraform/aws/sns_topic_is_publicly_accessible/query.rego
diff --git a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative.tf b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/negative.tf
similarity index 100%
rename from assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/negative.tf
rename to assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/negative.tf
diff --git a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive.tf b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/positive.tf
similarity index 100%
rename from assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive.tf
rename to assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/positive.tf
diff --git a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
new file mode 100644
index 00000000000..2991efdbc11
--- /dev/null
+++ b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
@@ -0,0 +1,7 @@
+[
+  {
+    "queryName": "SNS Topic is Publicly Accessible",
+    "severity": "HIGH",
+    "line": 2
+  }
+]
diff --git a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json b/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json
deleted file mode 100644
index 228b497eedf..00000000000
--- a/assets/queries/terraform/aws/sns_topic_is_publicly_accessible_for_subscription/test/positive_expected_result.json
+++ /dev/null
@@ -1,7 +0,0 @@
-[
-  {
-    "queryName": "SNS Topic is Publicly Accessible For Subscription",
-    "severity": "MEDIUM",
-    "line": 2
-  }
-]

From 8b98109e1f8a355298af0874e6a2124e56886a93 Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 15:17:11 +0100
Subject: [PATCH 07/12] update CloudTrail Log Files Not Encrypted With CMK

---
 .../test/positive_expected_result.json             |  7 -------
 .../metadata.json                                  |  4 ++--
 .../query.rego                                     |  0
 .../test/negative.yaml                             |  0
 .../test/positive.yaml                             |  0
 .../test/positive_expected_result.json             |  7 +++++++
 .../test/positive_expected_result.json             | 14 --------------
 .../metadata.json                                  |  4 ++--
 .../query.rego                                     |  0
 .../test/negative1.yaml                            |  0
 .../test/negative2.json                            |  0
 .../test/positive1.yaml                            |  0
 .../test/positive2.json                            |  0
 .../test/positive_expected_result.json             | 14 ++++++++++++++
 .../test/positive_expected_result.json             |  7 -------
 .../metadata.json                                  |  4 ++--
 .../query.rego                                     |  0
 .../test/negative.tf                               |  0
 .../test/positive.tf                               |  0
 .../test/positive_expected_result.json             |  7 +++++++
 20 files changed, 34 insertions(+), 34 deletions(-)
 delete mode 100644 assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
 rename assets/queries/ansible/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/metadata.json (81%)
 rename assets/queries/ansible/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/query.rego (100%)
 rename assets/queries/ansible/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/negative.yaml (100%)
 rename assets/queries/ansible/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/positive.yaml (100%)
 create mode 100644 assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
 delete mode 100644 assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
 rename assets/queries/cloudFormation/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/metadata.json (82%)
 rename assets/queries/cloudFormation/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/query.rego (100%)
 rename assets/queries/cloudFormation/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/negative1.yaml (100%)
 rename assets/queries/cloudFormation/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/negative2.json (100%)
 rename assets/queries/cloudFormation/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/positive1.yaml (100%)
 rename assets/queries/cloudFormation/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/positive2.json (100%)
 create mode 100644 assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
 delete mode 100644 assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
 rename assets/queries/terraform/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/metadata.json (81%)
 rename assets/queries/terraform/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/query.rego (100%)
 rename assets/queries/terraform/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/negative.tf (100%)
 rename assets/queries/terraform/aws/{cloudtrail_log_files_not_encrypted => cloudtrail_log_files_not_encrypted_with_cmk}/test/positive.tf (100%)
 create mode 100644 assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json

diff --git a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
deleted file mode 100644
index 0104eb70722..00000000000
--- a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
+++ /dev/null
@@ -1,7 +0,0 @@
-[
-  {
-    "queryName": "CloudTrail Log Files Not Encrypted",
-    "severity": "HIGH",
-    "line": 2
-  }
-]
diff --git a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/metadata.json b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
similarity index 81%
rename from assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/metadata.json
rename to assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
index a0d74d7fd9b..df75d830625 100644
--- a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/metadata.json
+++ b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "f5587077-3f57-4370-9b4e-4eb5b1bac85b",
-  "queryName": "CloudTrail Log Files Not Encrypted",
-  "severity": "HIGH",
+  "queryName": "CloudTrail Log Files Not Encrypted With CMK",
+  "severity": "LOW",
   "category": "Encryption",
   "descriptionText": "CloudTrail Log Files should be encrypted with Key Management Service (KMS)",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html",
diff --git a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/query.rego b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/query.rego
similarity index 100%
rename from assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/query.rego
rename to assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/query.rego
diff --git a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/negative.yaml b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative.yaml
similarity index 100%
rename from assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/negative.yaml
rename to assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative.yaml
diff --git a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/positive.yaml b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive.yaml
similarity index 100%
rename from assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted/test/positive.yaml
rename to assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive.yaml
diff --git a/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
new file mode 100644
index 00000000000..7643d7313ae
--- /dev/null
+++ b/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
@@ -0,0 +1,7 @@
+[
+  {
+    "queryName": "CloudTrail Log Files Not Encrypted With CMK",
+    "severity": "LOW",
+    "line": 2
+  }
+]
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
deleted file mode 100644
index ea6c39f47cd..00000000000
--- a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
+++ /dev/null
@@ -1,14 +0,0 @@
-[
-  {
-    "queryName": "CloudTrail Log Files Not Encrypted",
-    "severity": "HIGH",
-    "line": 62,
-    "fileName": "positive1.yaml"
-  },
-  {
-    "queryName": "CloudTrail Log Files Not Encrypted",
-    "severity": "HIGH",
-    "line": 53,
-    "fileName": "positive2.json"
-  }
-]
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/metadata.json b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
similarity index 82%
rename from assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/metadata.json
rename to assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
index 25a100613de..36d5748ebfe 100644
--- a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/metadata.json
+++ b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "050a9ba8-d1cb-4c61-a5e8-8805a70d3b85",
-  "queryName": "CloudTrail Log Files Not Encrypted",
-  "severity": "HIGH",
+  "queryName": "CloudTrail Log Files Not Encrypted With CMK",
+  "severity": "LOW",
   "category": "Encryption",
   "descriptionText": "Logs delivered by CloudTrail should be encrypted using KMS",
   "descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-kmskeyid",
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/query.rego b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/query.rego
similarity index 100%
rename from assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/query.rego
rename to assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/query.rego
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/negative1.yaml b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative1.yaml
similarity index 100%
rename from assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/negative1.yaml
rename to assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative1.yaml
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/negative2.json b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative2.json
similarity index 100%
rename from assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/negative2.json
rename to assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative2.json
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive1.yaml b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive1.yaml
similarity index 100%
rename from assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive1.yaml
rename to assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive1.yaml
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive2.json b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive2.json
similarity index 100%
rename from assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted/test/positive2.json
rename to assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive2.json
diff --git a/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
new file mode 100644
index 00000000000..520df01994a
--- /dev/null
+++ b/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
@@ -0,0 +1,14 @@
+[
+  {
+    "queryName": "CloudTrail Log Files Not Encrypted With CMK",
+    "severity": "LOW",
+    "line": 62,
+    "fileName": "positive1.yaml"
+  },
+  {
+    "queryName": "CloudTrail Log Files Not Encrypted With CMK",
+    "severity": "LOW",
+    "line": 53,
+    "fileName": "positive2.json"
+  }
+]
diff --git a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
deleted file mode 100644
index 11cdef8676a..00000000000
--- a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/positive_expected_result.json
+++ /dev/null
@@ -1,7 +0,0 @@
-[
-  {
-    "queryName": "CloudTrail Log Files Not Encrypted",
-    "severity": "HIGH",
-    "line": 1
-  }
-]
diff --git a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/metadata.json b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
similarity index 81%
rename from assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/metadata.json
rename to assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
index 2827d1617f4..1a48fc94022 100644
--- a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/metadata.json
+++ b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "5d9e3164-9265-470c-9a10-57ae454ac0c7",
-  "queryName": "CloudTrail Log Files Not Encrypted",
-  "severity": "HIGH",
+  "queryName": "CloudTrail Log Files Not Encrypted With CMK",
+  "severity": "LOW",
   "category": "Observability",
   "descriptionText": "Logs delivered by CloudTrail should be encrypted using KMS",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#kms_key_id",
diff --git a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/query.rego b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/query.rego
similarity index 100%
rename from assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/query.rego
rename to assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/query.rego
diff --git a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/negative.tf b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative.tf
similarity index 100%
rename from assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/negative.tf
rename to assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/negative.tf
diff --git a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/positive.tf b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive.tf
similarity index 100%
rename from assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted/test/positive.tf
rename to assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive.tf
diff --git a/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
new file mode 100644
index 00000000000..41946912991
--- /dev/null
+++ b/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_cmk/test/positive_expected_result.json
@@ -0,0 +1,7 @@
+[
+  {
+    "queryName": "CloudTrail Log Files Not Encrypted With CMK",
+    "severity": "LOW",
+    "line": 1
+  }
+]

From 255103ff6080122de67842e2ce50a8f90b7d79dd Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 15:36:37 +0100
Subject: [PATCH 08/12] update yaml sample

---
 .../sns_topic_is_publicly_accessible/test/positive.yaml    | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
index c92b932f18e..d5a8909517e 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
@@ -23,10 +23,9 @@
     policy:
       Version: '2022-05-02'
       Statement:
-      - Effect: Allow
-        Action: Publish
-        Principal: '*'
-
+        - Action: Publish
+          Effect: Allow
+          Principal: "*"
 - name: Create alarm SNS topic
   sns_topic:
     name: "alarms"

From 58c9e6b9ba075b42c5a570469c581dc01d8992df Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 15:38:23 +0100
Subject: [PATCH 09/12] change yaml sample

---
 .../aws/sns_topic_is_publicly_accessible/test/positive.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
index d5a8909517e..db5c44bc834 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive.yaml
@@ -50,6 +50,6 @@
     policy:
       Version: '2022-05-02'
       Statement:
-      - Effect: Allow
-        Action: Publish
-        Principal: '*'
+        - Effect: Allow
+          Action: Publish
+          Principal: '*'

From ff83a2f52f403d51ee1733227e8ee8dbc97e75e3 Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 15:58:07 +0100
Subject: [PATCH 10/12] update line

---
 .../test/positive_expected_result.json                          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
index b3e70fd9b62..73ce9cee89b 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
@@ -8,7 +8,7 @@
 	{
 		"queryName": "SNS Topic is Publicly Accessible",
 		"severity": "HIGH",
-		"line": 51,
+		"line": 50,
 		"fileName": "positive.yaml"
 	}
 ]

From b1b2fd97400f45c372be36ccd595565adf74008b Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Mon, 2 May 2022 16:50:51 +0100
Subject: [PATCH 11/12] fix issues

---
 .../ansible/aws/sns_topic_is_publicly_accessible/query.rego  | 5 +++--
 .../aws/sns_topic_is_publicly_accessible/query.rego          | 4 ++--
 .../test/positive_expected_result.json                       | 4 ++--
 .../metadata.json                                            | 2 +-
 .../terraform/alicloud/vpc_flow_logs_disabled/metadata.json  | 2 +-
 .../test/positive_expected_result.json                       | 2 +-
 6 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
index b8dbbe32c50..79e3eea767e 100644
--- a/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
+++ b/assets/queries/ansible/aws/sns_topic_is_publicly_accessible/query.rego
@@ -8,8 +8,9 @@ CxPolicy[result] {
 	modules := {"community.aws.sns_topic", "sns_topic"}
 	snsTopicCommunity := task[modules[m]]
 	ansLib.checkState(snsTopicCommunity)
-	policies := snsTopicCommunity.policy
-	statement := policies.Statement[i]
+    st := common_lib.get_statement(common_lib.get_policy(snsTopicCommunity.policy))
+	statement := st[_]
+	
 	statement.Effect == "Allow"
 	common_lib.any_principal(statement)
 
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
index 9ef2fcab3ca..880422ffe34 100644
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/query.rego
@@ -14,10 +14,10 @@ CxPolicy[result] {
 
 	result := {
 		"documentId": input.document[i].id,
-		"searchKey": sprintf("Resources.%s.Properties.PolicyDocument.Statement", [name]),
+		"searchKey": sprintf("Resources.%s.Properties.PolicyDocument", [name]),
 		"issueType": "IncorrectValue",
 		"keyExpectedValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement does not allow actions from all principals", [name]),
 		"keyActualValue": sprintf("Resources.%s.Properties.PolicyDocument.Statement allows actions from all principals", [name]),
-		"searchLine": common_lib.build_search_line(["Resource", name, "Properties", "PolicyDocument","Statement"], []),
+		"searchLine": common_lib.build_search_line(["Resource", name, "Properties", "PolicyDocument"], []),
 	}
 }
diff --git a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
index 48ad320bbae..eb621b16955 100644
--- a/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
+++ b/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible/test/positive_expected_result.json
@@ -1,6 +1,6 @@
 [
   {
-    "line": 8,
+    "line": 7,
     "fileName": "positive1.yaml",
     "queryName": "SNS Topic is Publicly Accessible",
     "severity": "HIGH"
@@ -8,7 +8,7 @@
   {
     "queryName": "SNS Topic is Publicly Accessible",
     "severity": "HIGH",
-    "line": 11,
+    "line": 8,
     "fileName": "positive2.json"
   }
 ]
diff --git a/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json b/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json
index dc9f9af7325..4a36e9ca239 100644
--- a/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json
+++ b/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json
@@ -2,7 +2,7 @@
   "id": "5e0fb613-ba9b-44c3-88f0-b44188466bfd",
   "queryName": "RAM Account Password Policy Not Require at Least one Uppercase Character",
   "severity": "MEDIUM",
-  "category": "Secret Management",
+  "category": "Best Practices",
   "descriptionText": "Ram Account Password Policy should have 'require_uppercase_characters' set to true",
   "descriptionUrl": "https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_uppercase_characters",
   "platform": "Terraform",
diff --git a/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/metadata.json b/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/metadata.json
index e52d97fd4c8..c8c39504f64 100644
--- a/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/metadata.json
+++ b/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/metadata.json
@@ -1,7 +1,7 @@
 {
   "id": "d2731f3d-a992-44ed-812e-f4f1c2747d71",
   "queryName": "VPC Flow Logs Disabled",
-  "severity": "MEDIUM",
+  "severity": "LOW",
   "category": "Observability",
   "descriptionText": "Every VPC resource should have an associated Flow Log",
   "descriptionUrl": "https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc_flow_log",
diff --git a/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/test/positive_expected_result.json b/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/test/positive_expected_result.json
index c3c49edacef..03ac6e46411 100644
--- a/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/test/positive_expected_result.json
+++ b/assets/queries/terraform/alicloud/vpc_flow_logs_disabled/test/positive_expected_result.json
@@ -1,7 +1,7 @@
 [
   {
     "queryName": "VPC Flow Logs Disabled",
-    "severity": "MEDIUM",
+    "severity": "LOW",
     "line": 1,
     "fileName": "positive1.tf"
   }

From 440fdf8b1719385b76b4eaa310a17c76d620917b Mon Sep 17 00:00:00 2001
From: cxMiguelSilva <miguel.dasilva@checkmarx.com>
Date: Tue, 3 May 2022 10:25:55 +0100
Subject: [PATCH 12/12] fixing e2e errors

---
 .../metadata.json                             |   2 +-
 e2e/fixtures/E2E_CLI_031_RESULT.html          |  40 +++---
 e2e/fixtures/E2E_CLI_032_RESULT.json          | 116 +++++++++---------
 e2e/fixtures/E2E_CLI_036_RESULT.json          | 108 ++++++++--------
 e2e/fixtures/E2E_CLI_040_RESULT.html          |  42 +++----
 5 files changed, 154 insertions(+), 154 deletions(-)

diff --git a/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json b/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json
index 4a36e9ca239..dc9f9af7325 100644
--- a/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json
+++ b/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character/metadata.json
@@ -2,7 +2,7 @@
   "id": "5e0fb613-ba9b-44c3-88f0-b44188466bfd",
   "queryName": "RAM Account Password Policy Not Require at Least one Uppercase Character",
   "severity": "MEDIUM",
-  "category": "Best Practices",
+  "category": "Secret Management",
   "descriptionText": "Ram Account Password Policy should have 'require_uppercase_characters' set to true",
   "descriptionUrl": "https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ram_account_password_policy#require_uppercase_characters",
   "platform": "Terraform",
diff --git a/e2e/fixtures/E2E_CLI_031_RESULT.html b/e2e/fixtures/E2E_CLI_031_RESULT.html
index b7707185502..417593ac47d 100644
--- a/e2e/fixtures/E2E_CLI_031_RESULT.html
+++ b/e2e/fixtures/E2E_CLI_031_RESULT.html
@@ -1,8 +1,8 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>KICS Scan Result</title><style>*{margin:0;padding:0;outline:0;box-sizing:border-box}body{font-family:sans-serif}.container{display:flex;align-items:center;flex-direction:column;margin:5px;border:1px solid #bebebe}.run-info{display:flex;flex-wrap:wrap;border:1px solid #bebebe;margin-top:10px;width:50vw}.run-info>span{flex-basis:50%;text-align:center}.counters{display:flex;flex-direction:row;margin:22px 0}.report-header-footer{display:flex;flex-direction:row;justify-content:space-between;border-bottom:1px solid #bebebe;width:100%;padding:15px 21px;background-color:#503e9e;height:50px;font-weight:700;font-size:14px;color:#fff;cursor:default;user-select:none}.report-header-footer>a{color:inherit;text-decoration:inherit}.report-header-footer>.title{font-size:18px}.report-header-footer>.title>span{color:#000}.report-header-footer>.timestamp{font-weight:400;font-style:italic;opacity:.5}.severity{display:flex;flex-direction:column;cursor:pointer;position:relative;margin:0 22px;align-items:center}.severity>.caption.selected{text-decoration:underline overline}.badge{color:#fff;border:2px solid #e8e8e8;border-radius:50%;cursor:default;user-select:none;padding:3px;font-size:10px;display:flex;align-items:center;justify-content:center;width:30px;height:30px;position:absolute;left:60%;top:50%}.kics-orange{color:#fc6e3a}.kics-orange>svg{fill:#fc6e3a}.kics-orange~.badge{background-color:#503e9e}.kics-purple{color:#503e9e}.kics-purple>svg{fill:#503e9e}.kics-purple~.badge{background-color:#fc6e3a}.severity>.icon>svg{width:80px;height:auto}.severity>.caption{font-size:16px;font-weight:bolder;user-select:none;cursor:default}.separator{border-top:1px solid #979797;opacity:.5;width:95%;margin:22px 0}.query{width:95vw}.query-title{display:flex;align-items:flex-start;flex-direction:column;width:100%}.query-title>h2{display:flex}.query-title>h2>div{width:20px;margin-right:12px;margin-left:-30px}.query>*{margin-left:30px}.query-info{display:flex;flex-direction:column;justify-content:space-between}.query-details{margin:12px 0;display:flex;flex-direction:column;text-align:justify}.query-details>span.query-description-title{font-size:18px;margin-top:5px}.query-details>span.cis-description-text{margin-top:5px}.query-details>span:last-child{font-size:14px}.vulnerable-info{border:1px #969696 solid;border-radius:2px;display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-header{display:flex;flex-direction:row;justify-content:space-between;margin:6px 9px}.vulnerable-info-details{display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-details>span>strong{width:5vw}.code-box{display:flex;flex-direction:column;background-color:#503e9e10}.code-line{display:flex;flex-direction:row;align-items:center;height:20px}.code-box>.error{background-color:#fc6e3a50}.code-line>.code-line-counter{font-size:10px;margin-left:9px;margin-right:10vw}.code-line>.code{font-family:monospace;font-size:16px}.kics-message{margin:24px 30vw;text-align:center}.love{color:#503e9d;font-style:italic}.social-networks{display:flex;flex-direction:row;align-items:center;justify-content:center;margin-bottom:24px}.social-networks>a{margin:0 15px}.social-networks>a>div>svg{width:20px;height:20px}.footer-text{font-style:italic;opacity:.5;font-weight:400;width:100%;display:flex;align-self:center;justify-content:center}a.checkmarx,a.checkmarx:visited,a.checkmarx:hover,a.checkmarx:active{cursor:pointer;font-weight:700;text-decoration:underline;color:#fff;opacity:.8}.hide{display:none}summary{cursor:pointer;user-select:none;font-size:18px;font-weight:700}</style><script>function filter(e){const t=document.querySelectorAll("[data-type='severity']");t.forEach(t=>e!=="TOTAL"&&e!==t.getAttribute("data-name")?t.classList.add("hide"):t.classList.remove("hide"));const n=document.querySelectorAll(".severity > .caption");n.forEach(t=>e&&e===t.innerText?t.classList.add("selected"):t.classList.remove("selected"))}</script></head><body><img src="data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAABAAAAACqCAYAAAAz1T0YAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAFLcSURBVHhe7b0LfFXVmffPyUlOEnIPIQn3BAuitpDYCtpRuamt9YZU27HWCrSd+lZnuMzbvjPv2xaw08//P1M/Ev5jp7VaLlVr59UiFNtqrVzEzihaCFgvgJCEaxIgObmR5IQk//Vbe+14iAFy2Wvtvc/5fXVz1lp7n5O99zl77/V71vM8axghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhJChEFCvJA5JzZo8LxBMzlZVR2lt2L+xu7M9rKqEEGIM3tsIIYQQQvqGBoA4pnDKgxVJydlFquooJ95/rPhspKFSVQkhxBj5E+/dmpxRNEtVHaX24NOz25urtqkqIYQQQoivSFCvhBBCCCGEEEIIiWFoACCEEEIIIYQQQuIAGgAIIYQQQgghhJA4gAYAQgghhBBCCCEkDojZJICJoawiZIFOSi0okfWkiye7O9sRrkR2567OtnBnpKEy1pPYMQkgISQWYRJAQgghhJC+8b0BIBBMyU5JHz9LCPwJyXhNKShxUtRGztSUd3aEKyOtNXvaW6q2RVpry7s722JiCigaAAghsQgNAIQQQgghfeNLAwCEfmrmpfOS0ybMDA23RvhN0t5Uua2t5fD21sZ9Gztaa8tVs++gAYAQEovQAEAIIYQQ0je+MQCEUgtKUjMn35GWd9WSYGJqtmp2nY72hsrW+j3rmuvfWd8ZCftK8NIAQAiJRWgAIIQQQkgskBlKyb7rE9Puvzy3sOTqURN6+jaNkbbw0eZw5R+r9m38zYd7ftk9bJj4v3943gCA0f6s/OuW6+rMOUlz3d51jTU7VvrFEEADACEkFqEBgBBCCCF+BsJ/0RUzFi+6fMaSzNCFB7+PNtdXPv/hnnWrd29/uD+GAM/OAgDhj05c/iX3aevIOU167tQFoy97sCJn3G1rgyE9wpoQQgghhBBCSGxyRe6o0t/f8Xe7l5TMWnEx8Q/GpucUYdvtdy0+OC49p1g1nxfPGQCQ1C+v6K4X/CT8e2MbArIKrluOmQhUMyGEEEIIIYQQ0icQ/8/efN8WiHrV1G/GZ2QXP/P5r716MSOApwwAaTlT7x815dsVqVmXzlNNviaz8PoVBZO+uZveAIQQQgghhBBCzoct/vsz6n8+bCPA2PTz609PGAAw6p8z+sZVueNvW+elBH9OkJScVWR7A6gmQgghhBBCCCFEglH7x+fevWEo4t8GRoBHrrt9rap+DNcNABgdz5/41a3pI6cvUU0xCbwBskffuEpVCSGEEEIIIYTEORD/g3X7Px/TC4tnXl3Ydzi9qwYAiP+RQvy7MZe/G2SMnL4ECQJVlRBCCCGEEEJInKJD/AMh8gOLS2b+QFXPwTUDgC3+4SKvmuICJAikEYAQQgghhBBC4pesUGqODvFvc9mIwhJMJ6iqPbhiAIhX8W9DIwAhhBBCCCGExCe6xT+A+O8rGaArBoC8CXe9EK/i3wZGACYGJIQQQgghhJD4ITAsEPj+9JsevTx3lPYweE94ACDbf7zE/F8MJAZMTp/QZ3IGQgghhBBCCCGxgxT/M2569K5JJQtUk3GMGgAy8qYvjvVs/wMlZ+xtawPB5Jia+pAQQgghhBBCyLksKZ25fNHlVxvTw0ebw5Wq2IMxAwDi/jMKrl2hqkSBUIgRzAdACCGEEEIIITHL0tJZKxaXzDQWAt4YaQu7agDIGX3DqmBiKke6+yA169J5DAUghBBCCCGEkNjDtPgH75+uLlfFczBiAEjLmboAIldVSR8gFEAVCSGEEEIIIYTEAHdPKl1gWvx3DRvW/fyHe9ap6jkYMQBkFFzPbPcXAaEAGXlXMT8CIYQQQgghhMQA1xQWz/7xtbcbH+g92hSu/M2H5b9U1XPQbgDA6H+8T/nXXzIKrlvOhICEEEIIIYQQ4m+uyB1V+vjcuzeoqjEw+r+6fPt5c+9pNwBw9L//IEcCDCaqSgghhBBCCCHEZ4xLzymG+M8Mmc2BB/G/5t03Vp9v9B8E1KsWIGZzx7sX2955tjXc0VpT3tZ0YOPZSEMVyl2dreGuzvaw2kQSSi0oCQRTssXrtNSMSfOSM4pcS8gXOVNTXnPgyVJV1UrhlAcrkpKztXhnnHj/sWJxzj+WdZIQQnSTP/Herbru47UHn57d3ly1TVUJIYQQQs4B4v/Zm+/bMjY9x6gXvIz7P1C+/ruvb1qomvpEqwGgcMpDQmCad/9va6rcBtHfUrdnfW+x3x8SgsnZSFqYkX/dcl0C+UKY6mDSAEAIiUVoACCEEEKIG7gp/jHy/y87X16qms6LthAAN2L/MeJfd2TzgpOHnpnddHLn6sGIf4D3tdTtXVf9wU+Kxect7Gj/+PyJOhmeM/V+VSSEEEIIIYQQ4nGyQqk5bon/1bu3reyP+AcaDQCfMipi4Tpfe+AXpUK4r1dNjgBDwKlDT8/uEJ+vmrSTmjlpnt+TAXL0nxBCCCGEEBIPuC3+V5dvX6maLooWA0AwlF1kMo4eoh9x87pEJz63Wny+08aF84FkgKmZl85TVd/R0U7xTwghhBBCCIl9AsMCge9Pv+nRy3NHlagmI0D8//DNl5cORPwDLQaAlLTxxsQ/Rv7h9q+qWsHfMeUJkJw+YaYq+o6uSD0NAIQQQgghhJCYRor/GTc9etekEqMzuUH8f2fHpoVr33tjtWrqN1oMAKbc/xGbf7rquTtV1Qi1CAcwkBMAYQCq6DsibbV7VJEQQgghhBDiMzJDKdl3fWLagh/M+FzZz+d+6YVf3/y1rVgeufaOtaL9/rHp5hOle5ElpTOXL7r86iWqaoRwpK3+nj+sn/2bD8sH5Z3u+CwAcP8ffdmDFaqqlVOVz93Z2rB/o6oaIzl9wqz8S766VVW1oTvbtK5ZAOqP/XFp86m3ylTVETBNYzCYnB0MZRUliHJfORI6VQgIXpmDwBkSxfnG64XOO7DPfVdnW7i7sz3M86+f/lwTIB6/G84CQJwilp890ceGRTWfg1+PzQvY5xe/Gfx2zneOQfR9+myksbJbvMoVJKZAn6o/v4f+0il+KzqeRxD+i66YsXjR5TOWXGwO++cPlK8rK9++8miz2YTpXmFp6awVi0tmLldVI9S3nam79+Wn5r5XVz1or3THDQCm5v5vrtu7rv7I5gvOcagTnR1Mm8bq11Y21OxYoaqOo8sAcKryuXmtDfs3qeqgSE4fPyslbcLMpNSCksSUgpLB7CfCQzo7wuLmeHhbpK16D17VKhIFOimh1PySUErhNPFAKhYPqAmDPefRwFOmKxKuhEeI6NxU4DuItNaWs2MzMJLEd4PrQHw/JTq/m1i6PmgAIIMB98IU8exJTpswK5SSPy1RXHfIyaNW9xs8e7o7W8NtLYe3t7dUbfPCfQ/Hlpo1aR7uI+L4ZgZDmUWDPTY+V88Foi4kfjeJSdlFwVD2hJC4Rw/2/EZj/47s+3RbS+X2DvFbUquJx8HvIjXz0jtwH3HqN9Gb9qbKbbWHnpmtqo5wdWHRLIz2X0z496asfNuKst0Di0P3O26I/8NN4YqvvLR+zlANLo4bAPKK7noBc+irqjbcnmfehBeAjgs7Gl0GgOr9T5QO5iEF0Y/kh8NzPnW/0zdJgOSE6Iydqd+zPt47Lfa5RifXZMJOgN81OjStjfs2svP4cexOA8KABitABkusfDfxYADAszYhQf9sMU2n3yobqkG3Nxj9ypvwxRdUddA48XyEME7PmXo/rjed90JcWy3176w707h/kyljgIljw/TLkZbD2+CN2VJvJlGy29jnFfdnnFuT92ic77OtNeWtjQc2+tEgkD36xjL0O1TVM3R0NFY6MaiI30Zm3lWLU+VU6M73r3vjtE5YUjpr+ZKSmYMeeHzuw/K139mxaZGqxjR3Typd8ONrb9c+4B2NU+IfOG4AGHPFsvoEzTdDt0f/bXR7AeBGf/zdR3NU1XF0GQCO7PnRgH5XGN3MGXXDKpNCFMaApprXVsRLhwXoNrAMBtso03zqzdXxPLJhutPQH/z83cS6ASBn9I2r0kdO1x5vCE+R6g9+UqyqjgEj16jLHhpyqOBQvgv7mkvLu2qJaQEH8dZYs2NlZ0SPy6xbx4Z7Rmv9nnXN9e+s13VsbmGLft2GooFi92XgbeKHc27Ce3awHP3rIzkIk1PVAYHw56yC61ak5U41OgW6kwaAm8ZfOu/nc/92SIZZJKX7/8q3rYx1T4ArcgtLf3fHt3apqhGqGusOwe3fqVCLoHp1BAiM9LxPP6Cq2qg78tuFXWdbqlXVNc52NFaJi11bxseEhKSU1sZ9m3Qda3redNE5SHG0c4CHUfOpnf3ORomObO7429YlGhY9OG54qgzPmbYAozEdbTUxmbgQnZaMEVd+K3fMzT/LLPjsPyWnjbkavyu12nXwPYRSC0rSR3z6ARgnhnWfbYvV76IvcM8cMfbWtbnjvvAzeBU5fT0OBT9/NwhF03VPgdHQjtd1Axxb1ug5/6+qagNC9eTB9dd0DbJDfCHgAZDhgAEj0lq9J3Lm+Buq2m9w3eUV3/OH4dmXzjN9P8Tfw3WF48d56Giv2+ekR0Bq5uR5Iy+5d2tq5ic+b/rYcM/AfSxF3C8Q+94uRKla5VvwW0E/JXv0DWX4vZjuq1wMuy+D3xNEaEdb7R4vh9npvDcPlbamQy8P5t6ekTd9ce74O36dnDb2atVkDBh9WurfGfJAFpL5/fusLz47ULf/3gTE/9MLi2Y2Rdoadp88NuB7sx+4IndU6bM3f21LctDM/RVGlb+ePr77rt+v/ZuTrc2O6UFHZwFAbJkqaiNy5kS5V0ajMPLQJTpJqqqFJAPn1En6OwUgHlQFk76x28Qo1oVISs4qggEiZ9xta8+XRM2PQPhnFVy3fNSUb1dkj7mxLGl4ged/RyGxj/guCqc8VCE6CUat6KZBpxIjIfmX3OfZ0ZBo4um78TJylGn0DatUVSsNJ/60xOtJ34ZnTr5DFftNprgv4rrDvV81uQZE28iJX90K0ayahgSEal7x3S+47eGFc5tZeP0K3C/wm1XNviL6Hg2B7RWvuQuRnjt1AZJwoz/j1/PuJgOdwhz9rJxxt6xFH8sPv48LsaT0+hVj03Mc+c0IYRn43ozPP4pcAqopZhiXnlP8+Ny7NwzVUNJfIP6fP1C+/t6XnprbGHHWsOeoAUDcMLXPXd98+m1Hs8sPFScsbxcCIwWq6AsQR6WK5wUPJnR6ICpUk+vgwVkw6Zu7Y+GhiREgGFfQAfPjQ8k2yiDGOdY6MTgePwn/3tjfjZ879n4G900T13TTqZ2rW+q8Hx6FGOyBGG4h/rPEfVFVPQGuKeQTgsFWNQ0KCBG3Deq9wbEVTFq0OyPvKk/t14WQom70jav8eo8G6M/gXkFj7cBITuu/hsHvJF+c4/Rcs/O+6wCj/3d9otTR3wqMAD+b++UNsTRNIMT/szfft8UpQ8nFsMX/d1/ftNBp8Q8cNQAkGhitbm+u8pRLme5EWU5ME2KSzki4ShX7xBb/6BioJs+AfZIdbJ8KG1tcYgTIi+d3oGDUBaMZfuo8Xgi4CaIz7NdOZTT4feG7GapoIf0HosTEdY24/8bq1zwlks8HjCGh1P71O7wo/qOBwXaw15MU/x4VIviOssfctMoP9wqM+nvBM9EJcK+IRe9GncCgqIoXxBb/XhrEGgpXFzrjgdSb7FBKzq8+f78QzP43Argh/lfv3rYS4l81OY5jBgDEsununMD932suiUiSpYpaSEop9Fy21AvR0VazWxU/hpfFvw32zY9GAKvjEhvisjfoPGYL8ePXToxtmIkFN8HeQLTg2PxqNPMLiJs1JUpOHXp6to64f130x23X6+LfZjBGAC+L/2hwbF425nopNMRJYsm7UTd4Pl8sHCfWxD+4PFff4O34jOzix+d8eUNmyDv5jQZKVig1xw3xv7pcbyJFxwwAmKtaFbURaTvpuUzUXUggd6ZG23757WF09jweAH4Q/za2EcAvgtPuuMSauIwGsbL5E8Ux+qwTgxku8FuKRcOMDY7Nj0Yzv4DzmlFwvZHRU2Sm93rcf28u5rbrF/FvMxCh7BfxbwNjrlP5DpzCjuP2029koPh1YMMNklLOr2ViUfyDy0cUaB1ovGJEYen3Z3zuUVX1FYFhgUAsin/gmAHARALAtsZ9G1XRU0TaqrVmxsaUSaroedLzZizGaDRulKrJV+LfBvs6YtxtRuf3HAx+69wOBTx0/dSJscT/vTE3otQX7GDqw9S9E9PrNvjE9T+aC+UB8Ov9EUIZ9w9V7RO/iX+bnLHecUm3BV0sxHFfDN6j+8f5DFSxKv5NcfcnShb6zQgA8f/ja29fc3nuKCPfOcT/d3ZsWmhC/APHpgEcnn3532KKMVXVQsOJrf/sRdfERHFDTcm85POq6jitjfs36Zh2Ssc0gEhamJY7bUFm/mf/Ca6ZSamFpVmFc/4fP4qgpJS8KZj27Gz76Q9Uk6dABzBz5IyYiI/vL/i9Yoqplvo964d1d7apZs9hi/9Y9srojf3d4H7l9jRUOqeaMjkNIAQsph5TVW0g7j98dPNCU89Xp6YBBHKqu66z7UHxjMF1Zy/pOdPux9SnajPfkZx+yee7uloboo+p59jyrlrsV9GK+0RS8ogpZ8Lv/adqco28CfOeTcnwlkeCTnDuk9MmzDrT8O5/uvX81HlvdoKExLTCzs7mmt7XXO6YL/zUi+LfiWkAb5pw6bxLskZOUVVtlIwce7VfpgeE+P/+jJsevXfKZ7RPbQ/Ckbb6f9j2m3terPirsftiQL0OGcSB6nRzxZzEx999NEdVPQXmyM4rvusFVXWc04c3LzxTv3edqjpG4ZQHK5I8fCP2Ah3tDZU1B54o7faY4SmeRv77or2pclvtoWdmq6qnQGch3sR/NLhmTh56ejY6JqrJODqfR7UHn56NKWBVVRvoKOeON+OFVLP/ydJIq75Qtt7Aq23UZQ9VqCqJQ0xdR+cjnp+hTSd3loWPv7JUVY2iWyvEG070hX4w/XNli664erGqagWj3A+8+uv5fzzsTY9um6Wls1YsLplpJPSuvu1M3b0vPzX3vbpqo2HuziUB1OxWdNZg52SgdLTp/dISmMHVNeC5kJnnrYzA8S7+AToQSAyoqp4B7pUjJrg/D7eb4JrJm6DPIBoP4HdkMu7fpPgnBGTlX+varAAwrsXzMxTeN17LxUDcw6TwFKIz8G/XzVujM/HgUDEp/g83hStu2/zEp02Lf+BcEkDNI8mRtlqtcfZDQXfSJIQYqCJxgbS8qxZ7JWYR+RXiXfzbeLET47dcF7qAq6QXDTR+wdTvKHKmptyPcf/E/8CI68b926RxzcsgF4MqkjjH9Gg8pgf82Zwvb/Di9ICmxf9XXlo/52izO96SjhgAkvo5D+9QOOuiO2l/QAylKjpOIJiSpYrEBTCam5I24YKZpk2AjkvO2Nv50I7CSwml4JlB8f8RHGUaHKZ+R3hmna567k5VJcQ4GXlXGXE7jiar4LoVvE9bnlo4F6pK4pjGSFv4+QO7h5RHYKB4cXrAuyeVLjAl/qsa6w65Kf6BIwaABKFMVFEbHW21ceuimBBM9mTug3jCC/MXs+PycXA+vBCiQc+MvskeRS+AgZCaOXmeqd9RU+2OFX6b8o/EFqE0zBhkzoALI3pa7tT7VTXu8ZJ3I3GXsvLXVjRGWo3musL0gDACqKqrXJFbWPrja80MsL1z+vguuP27Kf6BIwaAYJJ+N46uTrM/zIHSpdFDIZiQTA8Al4G7opsPSsQsut1xQSJOuAwj6Uz0gjasU5sZxwudGHpm9A1CAcRvlx3ufgBxkjX6JiMGE8T9t9TtNTriQ0hv4F2HJMqqqp0RY2/hfToKnP/hmZfeoaokjoEYLdv9mpHp56K5ZlTRbLenB7wid1Tpszd/bYuqagMJEP/7ROXWe196ai68LlSzazhiADAxT31Hq7c9ALq69GWJp4XWG5jsqPTGjZjFNiHuG4RQQLbmY399JAezcNQceLIUGWejF7RhHbbBtg3Vr62EUUB9jHbQickqcG/0PSNv+mJ6ZpyfrNE3lPEednGQONHE7wiu/4z7J14hOd1MeB0MbKazz+Naa23Yt7Hp5M7VeC6ePrJ5ob2gjgXrTT4ve5OW8ylfTidJnGfNe2+UPf+h2VAAsPDyq5csKTXjet+bcek5xY/PvXtDZkhv4maI/+cPlK+/56X1c7wg/oEj0wBmj76xLGPkdG2xXF6eAtAGmfoTgvp+QDpyIHAawIHRXLd3Xb14cKuqMSAws8fcWKaq2sFxnqnfu36oUzTBMJgphLkJzwXcI0588JNi09M1olPJxH8Xp/7YH5c2n3rL2G/Yb9MAmprZA9dJ7YFflLrt+s9pAImNqf5d7rjb1pl4FsFw3tZ0YGNrw/5NA+m3oQ+ZnF40C2FApr39jv71kRxTz05OA+gsTkwD2BuT0wLaQCB/d8emhc9/WG7MAAHx/+zN920Zm56jtf+GY1vz7hur/2Xny65MvXk+HDEA5I67VdxYp2m7YUXOnCivObCmVFWJQ9AAMDAwv3n1B48Vq6oREoIp2fmTvrHbhMBEx6X+6IsLnRYH6OznSZGs97fWiBGVmh1GRzbdnJIRHefWxgMbz7bVlIvvrArz7nf16sShUxkQv6FQasG0pJSCUrFMg1u+Wm0MHZ2UC+EnAwA6/HnFdxuZNrH++CtLm0/uNGaIOR80AJBoTrz/WLFuo1ThlIdEf0ffcxTPz8ba11c6cW8waTwHJg20NAA4i65n65KSWStMj8qHI231X/nD+jkmpsQzKf5X7962cnX5duPhFRfDEQOA7gvadOcxXvCCAQAPzY622j0RiJjWmnJbwNiWc0yBGC1iUjMmzXPz4WHSUg4Q+587Xv90PYgJ1u0WnCmEcpYQzKrqOG54CunuVPbFmYZ9G0VnbfVgO5roXKaPnL4kJWPyHSavfx0j5+fDLwYAkx4kbnkw9YUXDAC4X0RaDm9rFwsMaB3i+YN2+9lje/UFxb7CEAtDTSht/Ew/GM3het7WuH8TnqudQlhjQfv5nqvJaeNnISEfwqmw3jSnKp+bhxFzVXUcJGnNv+S+rarqOLqen7qfmTYm+9gZedOXJIrfnKo6xvDMSfMSXPr9RoNrD/eUzki46myHfk+r7s62sLh2tEzjt+jyq5f8YMbnjCbyNTE1XlYoNed3d3xzVzyLf+ALA4Do8G46Xfm8a/HXsYpbBgB0vJpPv726+eSbZb1HLPsDOi6pWZfOy8jHdFlm99+kiAEmBKYJ8W+ju0Nj8vsxZZyxcdpDAyJseO60BSY6mABxsOHjrxiZscEvBoCCSd/YbcIjA53S2gNPlg7mfqsDNw0AQx2pFYK5JF2IGLeTsvbGfq6eqdu7brAhg+KYFrjxXNU9Aq0zTFX38xPfSe44vc8ZN4znTuOmZwHuKS3hd9a3Nezb6JV7rFNcnltY8vO5X3pBt1iOBkaAW3/7+JU6YuUDwwIBiP/Lc0dpfe5C/P/wzZeXrn3vjdWqyXM4Mw1gSO/DQlxQ9apIfA6SylV/8JPiRvHAHOyNEu9rEZ0cfA4+TzUbIZhkbrQXSQdjSfwDfO8QgqrqOBilU0XtmEzMCNftk4eeme2kmyw+C99Hzf4nSyEQVbM2hud8ylOCyW0QPmIqHOPUoadnx1rHdKBII8jBp2fjOhqKASfSWlNed2TzAritm7hu+kPTqZ2r7efqYMU/sJ+rYXG/UU1GSEotdHxEOJpQSr6Wzzfx/MR3ovOZCeD5kZSabzw0zO9A+Nv3FBjeYvEeC3f8v/3DL2cfba43dq8bn5FdrGN6QIj/H197+xrd4h+hDN/ZsWmhl8U/cMQAoJvuzrYGVSQ+BRZm3CiHIvz7Ap8nOmPG3Fox+qOK2knL1SuY4BJsUvzbiE7TCl0dZ1MiU3RYS0y5/tcdeXGhzrhtCBoIRN1iBp3M5PQJroXveAm4JJvKHQGRoju+2utgykN4QDjpHYRzioSKHS5mcMdzFfeH8LFXljj5XBWCswyGwS7x+apJKwnBZK2jzzpGhnG/NPX8xDNT93eRlFJIA0A/sa+7oRoT/QLc8WEEeK/uhLF7ndPTA0L8f3/GTY/eNalE66wX9W1n6pDH4DcGkxkOFkcMAMGg3imeujq9MWUCGRxS/IuOkq4bJSzkpkYsAsGULFXUiow5zdI37SA6L0015ud8Bbie4cquqo5iaiQjI+8qI67sGPlvqduzTlW1ATFTV/X8nbo7mSlp4+PeAIC4/5yxtxsJHcEUY24Y+bwERscxYq9jdA73sloYz1wyApwSAkTX/UEaBqt+c6eqakWIT20eADDWqqKjNNWaSziL31nTqbe0jiaaHNzwM+jP6rzuvAqMAF/Y9PNSZLNXTdpxcnpAfA5yGqiqFhC6cO/LT801kcTQCZwJAfBA4g3iXRpO/GmJ7hEojFigs6uq2khKyjQy6qvblR2dFzdHBWEMQuIhVXWU5DT9o8yhNP1zV8NDw2TGdnT4ERutqlpIThtvZM5vLzNi7C1rTXiPwMhn2pXba8hzcExv3gmIs1NVzxkRytHAOIhrVlW1gPu0bvdz3SRqCNvD7wpeJapqBN1Z+pHsUhXJBThd9Zs7dV93XubhnS8vKdttJqmdEKiBfyiZtfyuT5QMybNzaemsFYtL9M5oYCcv9Iv4B74IAaAHgH+BiDH1oIRLlu4RzIBmbxeb1KzJd6ii47jReemLBk1iU7ebuQn3f7c8NGBI02WYAYlxPsqEuH9Tiap0TOnpNxDaoopawXluqDZ3vcqZQAwZB024nycEQ9qeqzo8wjraavaoojHQD9Z6b07KnKCK5DwgnCoeXP4vRln5thUPv2lmTnsYAb4343OrkIxQNQ2Ir19xzRJT4l/nzAU68IkBIL6TF/kZkyIGD8iW+ne0CttAcLgRAwCmZVJFxzHpungh8CDV0bHU6U4KTLixu+mhocswAxCigQzwqhpXmI77j/eOKozPJq8hU/OogwaDnh0m3M91Tj+IcDpVdAy3rq22lsPbVdFxTPVt/AqM8vEeThXNmvfeKLtl08+vNJEcMDuUkvOzOV/eMDZ9YAnn755UuuD702/SOo3hu6erd/tR/IMhGwB03FxJbGC6AwZaG/XMh2oSCAWdYTWi86KtEzFQxPfl+NzPGJ3X6amRmjlJm3cGcNtDQ5dhxiZkIETDawRDOcWm4v47InUV7KiaNT4D3SO0Nvgbpp+rZ+r3+jbeORAMIW9Pt5NLR1utK26+Ha36/q6ppLZ+xSsDJ17i3boTu+/5w1NC/Oo3AmBmgF99/v4tmaH+ac4rcgtLf3ytvmcupvl75/TxXff4VPwDBwwAZlyiif9oa9Qfk98b3eLFBCGN2XjdMMpciLbmw1o6zCFNiZ9AkmY39vYWPedkIOj0pIlHD4Cc0XMfNRL3L8T/qYO/mqOqcUvkzIlyN+5zrY0HHDdo9qYl/I5xMY5zCcOkqvqKllNvr649+PQcJ5eOVnfifDva/BNfHGt4aeDESxxprq+AEcDEDAH9nR7witxRpc/e/LUtquo4EP/PHyhff9tvn/h0Y8S/Ieq+CAEg/qTNpRumFwTUUEhO15coLdLiLbdgXfuTlKJnJgDE/+tOeurW7AzR6PSkCYay4yrWNLPguhU6Z/SIpqnmz3E/5R9obzniyrOnzcCzxy0hIu7VvhRASNiGgQEnF7fCUnX/3XgNz7oYbhkU/QKMALdseuJKEzMEXGx6wHHpOcWPz717Q2ZITz8N4h/H+d3XNxmbflwXNAAQLeCG2e3SQ1LcqKtU0ZckJg0szmkgnGnYp32EaiDgoarDYyMxpOcc6sgoHY1XOhodotOsy5PG1EwaXiAptaA0q/B6rQmIbJpOvVnmheSeXqC9pWqrKhqlM6J3lBxTkLl1f9Dpfk76BxNiu0Ok7SR/+xehe1h3t6kZAs43PSDE/7M337dlbHqOlj4GxP/q3dtW/stOMwkQdUMDANHC2Y5G10S4n6doQU6NpOF6XMzdNMpciE4N+xQIpiDu03GQn0EVteDWyGVv0NHsjDRqERoJIT0PZ3MEAv1ZEPc/YsLdF3VXdAK4/oeP/Smup/yL5mwk7MrzB9eNTlf5sy4+2zgCSuKVjtZq47M++BXMEPDDnS8vU1UtCOEqpwdcdPmMnileryksnm1C/K8uNzMFogloACBa6HSxs9DZ4c9YRaBjyiIbr4jL3nRpGDXTNcocSsnXOsOAWyOXfRFpY6enL/IvuXfLuGn/u+tiy+jLvn3IUGKtbsb9n4uro9UajawdHXqMcv3hbAcNACQ+6exoqFBF0g9+8e4bq3TPEAAjwA9mfH7V3nu/W//63f9QgZh/neL/h2++vDSWxD+gAYBoga5qgyOo0f2/o61mtyp6CtGxdHy0Ttcoc0JQb/y/W3kz+kLXiB+zTTtL/fFXlnF09iPgJq+KrtDVqe/vd7rk2QC6NR4XIV6mq7O9QRVJPzE1QwBi/XUJfwDx/50dmxaufU9/fgPT0ABAtOCmAcBN74OhojMJT0JCSm5y+oTZXlsSk7IcTwqXEAxpEeq6wjMAhIuXQjQw1VV7U9VWHYv6E2SIYFaP5pM7jc0/7we6hEpWRUIIIS5hcoYAHYQjbfX3/GH97N98WB6TuXUC6nXQIGZ5zCf/sV5VtXD68OaFfp6H1qsUTnmwIilZz4izm98ZRPSoyx7S4rLV0d5QWf3BY8Wq6jh5RXe9YCpjeKxzZM+Phnx/i0bn7wpgfu/aQ8/MVlUyBPIn3rs1OaNIa74Gt7Gn/PPj6L+f79EXQ+dvL1afq8Dp+3WsMm7a/+lWRcc58f5jxX71JtJ53dUefHo2Zn9QVTJAAsMCge9Pv2nVoiuuXqyaPA/E/1f+sH7Oe3WxO/XmkD0A6OpNiHMkJCRrdTEngyeo0TsDuBnfS/yHX8U/IYSQ+MHkDAFOcLgpXHHrpsevjGXxD3wRApAQpCgi8YHuGPN4wulwioQEvd+Nm/G9xF801uzgfP+EEEJ8g4kZAoYKxP9XXlo/52izf5OJ9xefGABSKIpIXBAMxc8c6X4joNkQSUFH+kNbU9XWhurXVqgqIcQYH5/uMzGUXYwlKTW/tK8cN04vakcI8SUmZggYLPEk/oEjMVc6Y8mB6OysbKzZwQ6PwzAHwMDRHV+qM74v3nA6njGz4LoVWYXXL1dVx2GcoXPEag4AP8f9R8McAIODOQBMA5FvHXsoffysUErBNFGegNl6YKwPJsaWxx5zAPQNn83OMy49p1jnvP0D5d3T1bvvEeK/MRI/Ye30ACDEI/B3Tgi5EA3HX+WUf4RoJRAIBFNzhudOXZgz7tY1o69YWjfqsgcPjRh325qMkdMXI0lvaHhBSayJf0JM4qUZAv7vgfJ18Sb+gTMGAM1TVwWCKVmqSEjMwlwX3gajQKqoBZ3zhxP/g7j/1ob9G1WVEOIogQBc7PMnfmXL2E8uq4PgT8+duoBCnxA9wAhwy6Ynrlzzrntz7EP8f/f1TQvjTfwDRwwA7LgSQrxGp89mKOnWbEgl/uZMw75NqkgIcY5AVsF1KzDSn3/JV7fEYugQIV7FzRkCynZvWwnxr6pxhyMGgLMdDVqzVyclMTEaIWRgUFCTWCJ37G1rVJEQMmSsEf/CKQ8dyiy8fjlH+glxD8wQYNII8FLV+xvLyrfHdW45f+QACHkjSUQ/QMIYXQshhJA4BXHHGKlUVULIIEGMf17RFzdgxD8pWW9oFyGkf6zes33lz3I/FV4z+uruNaOvGfbRq718VF8bVUd57ZjPikW0jZphtYnXnm1GRb1Pts/oXt8Uifukjs54ADAp0bDUzEvnFU558JCuJTVz8h3qTxFCLkLnWYYlkdgjLe+qxcFQjmsZ7gnxO0mpBaUFk76+C8n8VBMhxAN0dw8bVtvZGW5MGh5oTEod1pCYIpbk7sbE1GGoN4l2We9ZlyLbZTmYLBaxXShNbtOAbcU6+VmhVPF5altRr09M6W4LJsX9wKojBgDdrrZ+sNAmpeaXYEo9XQt9AAjpP12dERoASMwBN+URY7/AUABCBgFc/kdOvJej/oR4kMycwqKM7MKibiBbAsMCgQTxj1XuQiPqAuQOsMuYrROr0Ga9VdbtCjaQi70NPrX06vl/n5ySHtdhP44YAEwk29KdgdvrdHW2N6giIeQidEXqOVUaiUmQpCwj76olqkoI6QepmZPvhMs/Y/0J8R7JqRk5t3z5XzZItS+FvfUqVL6l5LGREPrAKottZDuEvWxXBgFb6Ktt1HpZl1j1jOzRE794f9mWzOzCuNWWjhgAOtpqtc/jGAxle/pL4hRhxAfY98V4WAiJWTIKrlvOUABC+geuFczpr6qEEA+RmTOq+J5v/WLXyMJJJV3dXUKfC5EehWUIsDt2EPtK1EuBL9rFe3o6fQHxZnuRdWv9R+/Di/g8wchRk0u/eP+quDUCWCdoiED8jrrsoQpV1cLpw5sXnqnfu05VPUf+xHu36pw+5sT7jxU7nWuhcMqDFTK8QANufl86f48d7Q2V1R88pqXjrXO/I2dqyptO73RtrlXTdEbCle3Nhx1N8pI9+sayjJHTF6uq41Tvf6K0o1W/MTUe0H0/9gLtTZXbag89M1tVfYVf79H9QedvL1afq+DInh850h/tDQaPRk786la6/V8cHf1MU+i87moPPj27vbkq7pPG6SBv1KTS+fev3pKSmpHd3SXFv6XclX5HWyBBCHa1DpYBuYk0DAQCEPLW5lYbKtHrsU6ithsmPkuUrToMCN1d3eGGExW///X3vniq+sO46n85dsMdc8Wy+gSNrlVNJ3euDh9/xbNuj4WTvrE7aXhBiao6jo6HIw0AA0d353LctP9j3aQcJnLmRHnNgTWlqkoGQWbBdSuyCq9frqqOw06Gc8SDAQCEj/1xadOpt8pU1TfQADA4aAAYOLnjbluXljv1flUlF4AGgL7hs1kPl5V+YcENt//TmmEJUUJdgVAAKfp7r+vqtgwC0gfAQnaabScAsT3a5Xtl3fISUO4DFtLLQG2o6Ozq7Przyz9ZVv7Gc3EzUObYNICdmhMBBsXDRxU9STCUqW3/mNGcDJVAcDjjHoeI7mSnwSSOUJGBwVAAQs5PWs7UBS6Kf0gOHQshvmfG7K+vuGHe/14rBbpQ4pYXPxS5tUDgDwti5F8Je2kQEGWh260GbCN0f896gTIWoMHexn4fUFXbC0BsYn0GloSEYMJ1n3to1YxZC7UN8ngNebKcIK/orhd0TqvitlX/QiQEU7LHfPIf61XVcXSN3tIDYODo/h3q/E50jbDEC8NFZ3LE+NvWqqrj1B/749JmH47mehGdo0HNdXvXdUbCVap6XkIphVNTsyffqara8GMoAD0ABgc9AAZG4ZSHxPPUmGG1GwmxO87UlHe0Ve+JtNXu6Yw0VGJR64cMBsLyL/nqVlV1HHoA9A09ABwkEAjccMc/r5lS+oUFctQ+aoRfeu53dkphLum1DnR3Wl4Bclul/bFKynm8yvVq1B8ghACGBLsddfGKdwai/z7+FY3wHNjz5nNlO17692WyPYZxzANA3DQu2iEaCriJB4LJnhzFxBSAqqgF3SOPxENo/K69ev34Bd3XYaLHE50SCyHA1jfW7FhxsaXu6OZFXZ1t2gzDNuj0clYAQs4Fo/+GxH93W1PVViES51S//9jEk4eenhM+/qelZ+r2roNoPBsJVzq1ILeN+puE+A5k+v/bB9buunTazfdDrXdDmGMFyhilRzkYDGDkXy5oV81dQsBb663Rewh6WRf0fIYsW5+FJissQNQ7xSs+V/0Ne70sw2iA94ptUIaRYNo1X176pW+t2YUpCbFdrOKYASDSWqM9eUIotVCr0B4soRS9+wVLsiqSGOdsh74HPEZwVJEMgrMdekdGAsGULFX0BGJ/shND2cU6Fny2+jMxixD/4bojLy5SVa0wFICQc0nL+ZR21/+OSF0FhD9EP8R+FwdrCOmTjJxRxV96YM2uEaMmlUjXftVuC3cgBXmvBYIcAh2j+Kj2tIm69AKQ77c/Q2xiGw4g9vF3UMYrPADwnmBQtmEbaz/kx1rvQ1m9N3/MpaXzF/z7llg2AjhnAGjR7x6TkjZei3vPUElOHz9TFbUAy68qkhhHiIYGVXScJM2GqlinW/NUnKGUkZ76fkKp+SWjLnvwkI4lq+C6FerPxDStDfs2tjdVaXPZtcHc5iPGfoHTnBEiQOZ/Xe7gNpHW6t21+9dcSddwQi5M3ujJpXf/j3W7MnPHFA3rkt76lgCH4LZH6SHAZRuwhHhPHe+BMLdqUvBbr+dijeyLdXDrl4JegDLaIfZhFMB2altr+6i6erW3Tc8dXXznon9/NQ9GixjEyRCAyi7NyeqS0/QK7cGSqFlYdbRxarB4Qec0cAkMARgSuu9x6LSqoidISNA3qwtGx1Ux5mEoACFmGZ45WVs+KoCR/5MHn57DEX9CLsyU0lsWfOmBdbtSUjKypcAOQpBbRgC5qHh8UREvGH2H2BdVuORDlEP4i/fIbe061tvb9rxHNErhjgz/ok1+JGwAoizj/K31PUYF8XdhHLDeLz5X7UfPtlgHI0DmqOK7H1j7l6nXfFnbFNBu4ZgBAHRGGrWOVKOD47U4ZnTadceZRVqraQCIE5BESBUdJym1cJoqkkGi8x6HUVzd+UQGgs59iScDAAxHjTU7HlZVrTAUgJBhw1IzJ92hilo4dfBXFP+EXISrZn9zxZz531srRbsQ+FJsywWIV2hxrFOiXOh4y0AAAQ6xrsS4jOEHcjuxoIYithXa3VppNUsjgLWNNCDIWQKwGUQ+jAr4LIh91LGd/BzlLYAdEA12XgDZLpZAQkLCtZ/7+1VXzf56TM0Q4KgBoK2larsqaiM1U99MA4NBd1gCpgBkEsD4QWcoTXLaBE+G0PiJSFu11nwcXvqOQqkF2gxG8dZ5bjq5s4yhAIToB7My6XT/xywgfs2UT4gRAoHA7PnfX/uZOYuW2+LcEvMKUZTCHGJbNckQACnIE2SbjNkXZQlEPUb5MWoPIOiFkG9rbwm/tX3Nw1s2/WjRB7t/v14KevWZcltUpfeAKOAz8D78HflqjfBLgwB2TbXJssT6LKsulmAwcNWcb6y49vP/8KhcHQM4agAwkQgw3UBil4GgO9HMWQPnlHgHnW7mXp5Jwy/oDNEAXvLSSEzSF5LQqTmhohcJn3jFyLRCDAUg8YxuL6rmU2+uVkXjBIL6wrIIcYLk1Myc2xf8ZAsy/UN4Q2Rbcf5ClOMVQjshEJBJ/VCG678S2bYxQNbFgsz/XaIq32dvj3bRBvH/3GNfK31ryy9W7Nv9+3VbNvzLgq0bfrRQfob99yDcYTgQdWlwkN4FaBdgtN/+THgGyF2wPl/ut9oOn9RTFp/xqb+5Z+ndD6zblZE9yvfJAZ31AGjcv1EVteGlMAATiWbaWg5r96og3kKnm7nXPGj8hu6Rn9TMSZ74fjCKljS8QGMIgN58MV4EBvKG6tdWqqpWGApA4hWdszJ1tIcrdRuBL0SC6HSqIiGeIyNndPH8b6/fNfqSK2f1iGuIaVG2Xep7jABieyx2rL0syzABJbbxfvUZ8n2qXSI237bxR4uawifO6Y99sPvFdW9t/cVK++/ByCBj+sWrNYsA/hd/WxoDoj4b+yA/XNQFcn/kfsqqfI8E24r2EaMml9y+EDME+NsI4KgBAHGduEGqqjYy86Z7YnTDRCbr9pbDzDAbZ+gMpUlOn+DJRJp+oV3zbCdw4RbfkethALpDEdzsRLtJ86m3ypBATFW1gd9Rzui5MeOqSEh/CWqc7rajrcbVKZl1TzlNyGAZMXpy6e2L/mNLZmbhBEs5Q2jDjV8JelvkwzXfjrW3hbYS4z0J+LBIAa4MBShjQVksb29b83DF+9v7HHB+e+svVr7zX/+5GtvDU8AW79gRfIL8EPH34F3QkxNAeSHIv4X12DZ6kR4C1ufIfRPvz8gZU3TrosdehTFArfAdjhoAQFvj/k2qqI20vKsWu+0FgNH/UJp+McUEgPGHzlAajDB7LQwgNWvyncNzpy50ctGVUd+EkTMr/1rXE82I70SbJ0LkzIm4vafh91N/5PeLVFUrqVmXzsO1paqExAWJoawJqug4nS7H/us0bhAyWKZceduCWxf9x6tpWYUThiVCzAshDb0s4/DxPypisUU2RtzRBOGPhHwQ5lghNLlMwAd/fbTLPACiAWW8TzS/teXJFW+LRVT7RnzEn/9QtvR41e7tPYYGuQjU35f7FAzKfZBx/2pkXxoalMDvaZP7iZ1Q78U6IPYpK3fMRExvOPWzf+vLkDvHDQCtBsIAMLqRVXC9q53ktJxPLdCd/b+9qXIbEwDGHzoTAeLaScuZukBVXQdCPa/o7g0jxt22xslFdAK1XZvi+9EaloOwIl0GjP6Av52WO1VbbpOzHY1VqhiXYN7wppNvlamqVnLG3romEEzOUVVCYp6EBH0GbrdnL0kxMOhEyED49Ny/W3H9F7+/NjmUnt0jsG3RDaksxbsoQ1CrhHuyHeLarsv3CLCNqNgJ/GQYAOoCJOGr2Ld941+2PHnxMDqx/Uu/+l/zmxuqq7rghQBhj8+T0l18JD4TRSnm1d9HGX9fbSux16t9lseBV+QVEKutsIZg4JrPL37003O+6bsZAhw3AKBzo3OubJuMkdOXJKcXzVZVoyC2MqtQvwGC8f/xCeLMdY4yD8+crHWKpIGgaxaNzoi+89fWrD8sJ7PgOtceJroTm3YwsemwxprXVgoxUa+q2pCzAoy7jbMCEOIAyI2iisaBYVZnXhZCBkQgELjmlmWrPj1XCF+I5sSgks1CJKMOFW0LZWuFFNQoQ93LFapuGQXwPrFpjzu+er8oBxISAg2njx7a/psf9dt7LtLaVP/bNd+e09RQU2VPLSj3RZSkQQF/QzSgbO8DgHdCT+JB7IPKSyCR24gF+40i3o/tRP0zc7+x4ppblvgq7M5xAwBoNRAGANwY3QgEU3NGTrx3i6pqpbVxn3ZvCuJNdIbSYITZLeNZb1KznDdGYOpMncn6TCQ7Tc+dusCN7widzOE507R6iDCviTWSWHfkRYYCEOIwCRq9pwLBlCxVNI6JnFOE9Adk+r/16/+x5ZN/c490fYdAlu76UtALZSxH/UWrfBXrILaxoRLhUmDb4h9lIaLlggryAGB7Jazx2hg+XvG7NQ/NbW9rGtDgclP98Yo/Pvu/5kfam8Ly87Bv9v6hrgS9jPEXJbnv0SJflOT+wBAh349trGWYygtgTU1ovWfqZ7+ydP6DT/tmhgAtBoCW+nfWqaJW4IKfP/G+LeaMAIHAiHG3rNHt+g/czjZL3EV3KE32qBtct1RCbEKcqKpj6J46E+IN4Tmqqg03DJzoZOq+vzGviUVrw76N7U1VW1VVK+q3xAzihAyBUMpIV0bg8aw0kXOKkIuBTP/zHnxq16iJn5Hemz3COVrQi6p0k5e6GP9Yrz11LBjtVyP8eC9EufwMbIft1ee1tTeHX3zi23OawscHNahz+vi+3f/1u7Jlcj/xN/H5Qszb+40R/wC8F6ydswwPOB61TRfeg5wFWGevx2dgvxVIWSCNGqItb8ylpbd+46dbMrJHe94IoMUAYCoMAISGF5TACKB7yiOM/OeM+8IaHYKlL0wkUyTeRfc1hOvG7REFXX/fROhMa+MB7dcnhPjICXdtsJ6W+skU34fO2H/AvCbnUnd08yJToQBu580hxARdGsO/QsNHlbhhSMvMu2qxiYEnQi7EiNGXln7hGz/D9HcTbCEPkSwFPEQz2lAUZTkFH9qihHP0glW2az6Q+huvajQedHZ1de3Y8MNFgxX/Nvv/8uLaXdt+8TD2swsfjv3F/sn9sI5BLtgHrLPbsF7so22kQD4BeVxoh1EA26EMsI0iI3dM8S3f+I8tXp8hQIsBADSdemu1KmoHYgZu+ZYRIOpbcAh8br74/PTcEmPJ05pP7TSSJIp4F93XUGbh9cvdCgVIy5m6UJfYNOFi3lK/d50JIyfCNXLG6fYECAQg/k3kNTlDw+Y5IFSlsWbHw6qqFTfz5hASK5iehjo5fcLsdHHtqiohrjD5ytsX3PJNIf5zMLIthK+QvXLBCLkA4rmnDXUljOU/SMSXIBRzMGiN9MMF3zYKyG0g2yC6LaEdCCTIdeVbf/Fw5XvbHPGG/cuWJ1a+8+dny/An5D7Jv2ntp+0ZIPdB7ROS+0kjAbZRS49RA+LfPm61z3hvl228EJ+VkTu2eP6DT+365N/csxhNXkSbAeCM6CCrohFgHR192bcPobPsjCFA/AaDqTkYpcTnwsigVmgHo2Q6Y5iJPzARaz5iwvwNur1nepOUWlCaNVpPCALi/+E9oaraQBiAqWR2yAdQMOmbu3R8T9KzSXwXJsQ/MPGb9htNJ3eWMRSAEGc429GgdZYRk9NQ456fM5ZJPIm7XDn3gRXX3b18bSglM1sKe1sYQ2ahjER5okGOiKMdixDJaJWCGKJfrhP/ScGt2iG45ctH70MZc/Tv2vrkyl2v/vziGf/7i/iTb/z+0WUnDu3aJg0MaBJ/yzJIwMVf1JWhAiP9cl8g7rENXrGv2E9RlKIf5ehzgU+0DQHWm8U5CAauvnnpqivn/p0nve+0GQAgYE3EyfYGnWUI9ryiL27AdGcfGQPspS961knRj3nE8yd+ZcvYTy6rwyiptY05WsJmcigQbxMRAlP3NQTXYHjPQJSrJq1gNEN664i/q5ocpbXxgDGB2VD7unMPp4tgGzhhkHTKwInvomDS13eZGl2iYfP8hE+8skwVtYLfEUMBSCzTpTnEyFQ4DZ7J8tkcA67/6FcnhrKLdS7qT2khlFJQiuelmWX8LCzqT7tLIBCYcev/XFV6gzXF3TnJ+6K7IFLsS01ttatFzuUP44BcDUcAtQ2EMhZ7O7ShDJEtRPWB8hfXOyr+bbq7u1955jvzG+uOVcq/GX0scj/UvmC/ZRsqgqiytAygjvAFeAnIddZ75Su2E4u0IUgDQTBw5Q1/t+LqW5Z5boYA7Ko2xI95Vv4lXzUysnEhImdqyjs7wpWi81mFkTu0wUqcmJQ1AWVM7ZIYypqQmFJQkpTs3vzboCNSV1H9/k8nqqpWCqc8WKHreE8f3rzQtBeIDeaAH3XZQxWq6igd7Q2V1R88ZmzE3OQ11Fj92sqGmh246cp7oMMEhHhdrtugVnvw6dkmPABs8ifeuxVu+qpqjOa6vevaGvf9tq35yLZudU+zkI+nKPB0+gh0LFLSxs/EKJYuI8z5qDuyeUFL3d71qqoVnd+Lrt+YqTAMUHvwmTntzZWuPZtj6R7dG52/vVh9roIje37kSH80I2/6kuwxN65SVW1Yz0sYgXvfc4dKIJAh7s8ZBdcuN32PPvH+Y8U6jLS5425dl5Y7TWt+mVjDqethsIRSM3Pm3vfIhlHFn5klXfgh2KN+6XbPAmP5AVTEOnu1rMqKtU5uY9XEf1iBf8WrGmgPqBF4cOrYvt0vPfmtOZEBZvwfCOk5iNH/2Zb0XCtRn5zBQAAXf7xGY+03jsk6Dht7Q9mGgxHHYG8rD160RR8XOH103+5Xn/mf84ea08ApPnawTuNWB9mvmOwk0wAwcNzoXJq8hnB8TTWvrWypl7/B6HvXIJD3Qyk64caoeyTDpPHMxgtGzr4MnDYwbmLqqlBKQUkwlFlkukNpg1lNqj/4ibHrxo8GAHxX+ZMX7koK5Wo/T7jOaw48UepWQkYaAAYHDQAXx+Q9GYbYxprXH+6UiQej1MGggFfW+FlZ+df+wK0+Mw0A3sFNAwAE8s1/h3j/MarPJnZFTvMnBK34lfcIfCHgAzKRn1WWr9DBWN8p1sEzAO3Rr9haTRmIHqYU1iiI9Y3hY5UvPfHAnOZ6/QJ5xBgkNHx8S1IoPUv2dK2jsIwAoi73CXWxWCWBPN6EAAwG9qsl/MVb0JaI9/ZsLYFHg/WZVntj/bEKHGOTgWO8GNpCAGxMusn6HQgYU+Kf+AfTrua5429bWzjloUMYSUlKzS/FLfqj5UJY28DdD65s2aNvWDX6iqV1ojNmxI2xqebPxu81EIJuhDpFg/wkmJ0kY+T0xRhBjl7QhrAobOOW+Aet4Xd4X7sIMN7UH/n9IlXVCkMBSKxiKjcLsENOkXvKelZCL1zsOWkjtwvAfR3PWoSd4lnJATPiJlL8C2GcnjO2CCP21iKELESs6gbK8Xz8DxGMgr0dRrwBPkhmz8er9T7ZZr83GJSZ9LEeUQF4Q3t7Y9iU+Aenj+3b/cbvHl1q75+doBD7gv2S4/li56x0ADgQbIPjFeC10zpM69gFog25C+xjlecD7fIzYU4QdfFZGeL8fq4nmaK7aDcAWB1kMwmO/I4bAoZ4HzeuIQgEuFEWTv7mLiniRecEnRy4KaOzgjwZ9oI62rEeMeWjpvyPQ+jIQHyaEp1uGs9o5Lww1nezh3lN+gGu9aaTbxmZAYazApBYBIY000ZZGALwrIThHPmn8DzEsxGG8OglNWvynWi3n5eFUx48NOqyBw/hWUvhT9zGGvl/fEvaiDFC/Fuj13IFXiFsrZrCErgQyj0580SbTKqnxK4UyUoQS9GMV7TjVWyHZHzy/eITXn3qO/ObDY+KH3j7t+t2/+nnK6UhIlq8y2z+ar9xTGgXL7LNalTHhBwA6jxhMxyjWGHNKiDWi/fJV7nSfk0Ylpk9pmj2vY9sQIubaDcAAFNzHfsZjv6TC+HmNQQRj84JOjkYVUZnZcS429bYC+pod3Ok2U3jmUnR5kfw3TD5X/9prHltpalrnbMCkFikreXwdlU0Cgzn8MbC8xDPRhjCo5e8ors3oN1+Xrqdc4qQHoQSL7nxW8vTcsYUydFviFVL0Fru+gIpjm1jAMpiHcS/FL7YRr0P28gRdbSr98hFlOVn9by/e9jZrq6ut363aln1obdd8aTc/erjK9/771+vlvsqdx/HrWL3sa/yGFCz9jmQYM0g0HNs9nmS68VibWy1y+MUC15Fa7cKl4CnxIixU0pLb/jWCtTdwogBAJ0/U3Md+5VTB381RxUJ+Ri8hs6PF4xnEG3YD1UlCho2Bw5GMOuOvMhQAEIGSXvLYVfDsggZIlJEmuSSK29fcEnpbV+DaEW2f0vMC4RYtea3F3UhfqXYVSP7MqYfbv9yQ4hd8fxSCQMheDHaLbcVdWkQEJujWZoCUBbs3fLEw++9/sxqfIIriH1488VHllW9u22j8v0X+6iksdpfHIeN3H8l7s/BrotjHZYojlWA84ZX+R6sx+eJFyt8IDDs0s/e8/ehlAzXDPBGDADA5FzHfkMIO46QkYvCa6hPur1gPINoMxW/7Sdo2BwcrQ37Npq61hkKQGINL+RmIcQ3BAKBSz4jxD/i1VFVYl6OXsOdXY5wi7pcKdowQg5PAAhhuS3ErVivRv7laD+2s40BYqWM9Rdby+2xTpTe+/OvVpe/8jP3QyjF7r7+m+WLTh/fVy4PBMei9lEeLzYRByDb7FAB8WodozpWsZEsi4K9ThoD8IpFrhPb4MMTrXOUkpKZc/m19xqZhrkvjBkAAEMBPg5GyBqqX3PVDYT4B1xDHGn+iPrjryzzivEMnU41jSIR0LA5NEw+LxkKQGKNptNvuzeqSIiPSM8eXVRY9JmZEKW24IVOlQtG+GU76hC+QsdCzcNYAFGrtpWvomB7AMipA5VBQYL3iPX2dnXH39+988VHlsqqB4icaazf8tSy+cjObx0TDtg+LgGOyX7FOruuxL08P73XiTf3vF+er4+q2AZvGn/FzNtVi3GMGgDQGTxV+fx8VY17IOQ4QkYGAq6husoN82lIEx28U2+WNZ/c6anY+8bq11ZgaihVjVvw3dCwOTRwrZsK+2EoAIk14EUTaa3eraqEkPOQO2ZKSY9ohUiHsIfQtwW7EqtyZBvbwSgA8AqjgNhEKmCsw7YQvrb4F80ytt6eFUAszaePVWz95T96Tgs21x+r2PLU0vntrc1hefxS3GNwH8eI/9Sx4h+ss49dHKtVjl6sbXrqomzPItBjOBHnJLdwSolbYQBGDQCAo2Q9dMNlmCNkZKBEWmvKw8dfWSaK8h4Sj6BjFz72J89Yj6NpOP7K0njueOLYG6t5j3cCk2E/DAUgsUb4+J/wnIwVpHbotRAyZHJGXTpN/piU+74UtxDzeMWikOIfyDaxICeArFqv8jMwym2/TywQv9hWvop1jXVHD738xDeMTfc3UOqOfbD7v57/wSKIc3mMEO04J/IYgHhF5kNRkrH8EP+CLmvlRyD/gVhjN0vRL7e0PlO+SuMCZhFxZ0pA4wYAgFGyODcCdCPJE4whqk7IgGip27uu7shmxJz3vu3EPBCYJw8+7VnPGeQDOHnwmTnxaASAV9Ppyufnd3W2h1UTGSLhE9LYZwSGApBYIlZmaEE41ZE9P0rovXScqSlXmxAyOAKBQFr2qAn29Hxy5N4e0RYN9gi/FPRKBEsxi9F/eASIuvWvVLdCVcoNJfa2liFg2LDOQHf39l8u+2KzR8W/zeG/bnnhrc2PLO3Zf+m9AM0ujgOvSGiIcwHjgN0m/pev4tThfcAyfqBd/GMbFPCC9+JVGVmSUjKy5IaGccUAAOLYCNCNuGXOi02GCowACKmJp3CAtqaqrRD/XheYthEgnpI2wuBRu3/NlfRqchZ4/DRUv2bkWYlQgMy86a4lJSLEafw+QwvE//nCqdpaqlyZ7pDEGEKG9ox0C10qBb7VbiFEak9dClcro3+Pl0D3MDm6Ld4kXjFNniVw5efZoQDiI/+y+ZF/rJOJ9rzPezueKkOCQhg67FkAes4LyjhuvKINx6lOlsz8j2O3T57czlowu4LlPCDq6rPk51nzLhrHNQMAiDIC2Oc01pEj/16LWyb+BXGONfufvDIOEgN2I6785CHvi38bGAFqxf7GwT2uu7l+7zo/GGb8SvOpt8pMXeOZhdcvT0otKFVVQnwN7sPIteTHZ+SFxD9ob+Z0h2SICB3aHD5RCcEaSLSMAPJV1OUihaoS83ab7M7g1erYSJEs6lbCQGTJt9rtqf+gevf86WcrP3j9aV9pn71/+unKg3/57Tp5jDgOZfCQxg1xOnrapJHAOjcfnSN1bqKWYTAO2HV5rrq7Oz/a1DiuGgAAjADxEM+Mhw+EGkf+idPI5Jqig9Ma3v+CqMbcddTZ2VYPrxmvxvxfDNzjEK4Ro54a0qOp/vDmhRT/+oCIMTnNZO7Y29aoIiG+x06e6ycjwMXEP2hvYRgpGTr1x/ftsVWoXOxeJIR8dII7GAGkxrVUqxT3WLAO26IsR/yj2kTp/dd/tXrvKz/1n8e3UPlvb/63ZXXH3z/Ha8E6duUVIMvW6D5A3WrDIv6JXqSxQJwfUZTnEnWxYf3xD/bgLaZx3QAAkOjoxPuPTYzRUcxuuC1DoMGVU7UR4ijSCFD13HwY02LoOpLXTu3+J6/0u9cMwjVgAFQzBMjng8/phsu/PCZ6NBnBZDxzaHhBSVbBdZzFgcQM6H/5xROgP+IfwDDY0R5myBUZEjWH3pKGJCnc1ai9HOVGXXoACIRYtUf60SCFLl6xKO8AueB90lBgbVd39L3db2/+V18O3gBMD7ht3dL5TXXHpJcEjhsj+ZZxA6dKHa86dpwn6dGPdrGpPIdqUZ4DVsgAzqdoq614a3uktcmVwRNPGAAABEzt/rVXqg6OPMd+xx65hNsy42KJCWBMQyfH70IT107dkc0LY+nawXHUi2OCN4DqhPry+7HvazX7f3EljZpmQTyzKU8ShgKQWEMayr39fOzur/i3aWvcv0kVCRkUEKDVh97eJrPaC2yhK+tylFohBKwc6VYCVy6IB5Bi1rqgPhK3oj96+ljF9l8u8f3U7y31xypeefzrc9rPNIaloE8U5wQHCEGPDVSeA8T34/i7kBxRrrDOkb0OLXLWACw4x6Lx4Nub18t2F/CMAQDAmhk+/selUd4A1gnzHzEzckn8hy00cR35zBDQDXGJmPlqse8tdXtduzHqBN4A1e//dKLPDAHnfDe8r7kDnpHII6Oq2mEoAIk1+jDEegLbsDoQ8Q9ohCVDRsjVv/7xPx6GXrXEv+iSKA0rFzVdHcStHPGW7Ur8Rot/jIwrMdx46mjFq48vmtPi8Yz//aWl7ljFa8qYIY896jz0GEPgIQGDSWKwZ3YAuY1a11PHuRXllvoTFYfe3kQDQDS4Qfuwgwws4X/w6Tkc9Sdu09sQ4OFrSV434eOvLIW4RMx8PMSTRxsC1GwB1vPEW8Tld+NlkPjT1OwSDAUgsYqcRefgr2SSVpefjUMaMIowDwBxAIQBfPDnp1ZbSfyEUBVC3koKKK4LCFuIWFv0Q/TKF1XHNlgwMo6RbqFvX39q8fyW+mMxpYFqDu7c+pff/pucHtDCOg92XQp9vOIfe8Rf0bNOeUzAJeCVxxfNlY0u4UkDgI3dQcZUZ17uIMNy23TyzTJb+Ptmfv+AuNA/OqdOL27T1z4NfbHOma+wDQG22ESyQPxmxSq3jkWeS3S60Pmyr5umkztXx6O4xH0OswXAUOMBY0AsfTf2OXR6cZ26oz1JJfvaP0eXtJHT/yEYyi4SZafp8+8NefHGPfrj++XM4jZ97ZNTi3HwbIRRE9OX4t6LvCai2cT+yL/hxIAR3hdlwBjqogUoQvkSH4s/gRfAKz99uCV8vEq6/gu9aocAyBFr0QD3fznKD+GPBWW0YXQbc+WjLP4VInlZ/bEPYtIz5YMdvyx7548/XYnzYX3h6rULpwRlceIg/qVnhL0Op8kqAxhZ/vv/fn+R2wYSyyThExJDWUWpWZfeMTznU/eHUgtLVLMbxwDRH+44U1Pe1rR/U0vdnvV+FC7iXM4LBJOzVdVRIs1V2wb7QBsqCcGU7JSsyfNU1VG6xffe2rB/o6r6muT0CbNSMyfdEUopnJY4vKAkKM6bWuXkNWXf8zATRmWk+ci2jrbaPeIcbjobYfKi85Egrsvk9KJZyWnjZuL7Sc6YMEutAk59PzH73SSnj5+lSbS6em+LRucx9qZT/B6cnHIslu/Rsfrb0/mdgTN1MlzNdex+ZmrG5DscfC7Ke62ufqNTvzl4F3Vr6MvieZYQTNXS14xV3HoGp40YWzz3gbVb0nLHFuFHK3/0+Ef1FnraBBjMDoj/ZGgAvASEsN31239dum/HL1erTWKWT9704IqpNz24XB47jB+d6hUnyD4fH52oYZZxoHtYe2tD/a6N/7q04u2Nroe4DuWG5iq4SUPAhNImzAyl5k+LMggAJ49L/uztG3dHW/We1sYDmzpaq8vpCktiiVCq6OyITkRSSn6JuL7GJyZlFwUSk7PRFtUJuiAQkt1CLXS2N1ae7aiv6uxorIy01uzh9TJ0or8f0aHKSkzKmSA7VskZsuOXFMrtswOI7wSv9vfS1dUaFiLi8NmOhsqzrTXl6GjwuyGEkI9zvudiQDT2dc9FX7Gr80y493OwvblqO++1xBcItXrlHf+8avJ19y1WLecgxWyn5WkVQEI7obia6w5XvPns9xbVHtwZNyEpxVfdueBTN357edqIMUUyZwKEPtz7JfL0iBuCaJXGke7umkM7t735n99zfeTfxrcGgN6gI5yUWlgibtbTgkmZRdGd44Tg8Oz+CBi7o9zV3iRu2uHK6E4yE60QAsNb36MMHM0nhBBCCIkN0nLHFH3ypoeWj/nk3Hmh1MxsWzFC/EPoQvCeFIK/4q0X1oklJpM29wcYAoo/c8f9BROnz5Tx/ZgFQIh+nK5Ia2O4YufG9UfffXWj14wjMWMA6C99CRiKF0IIIYQQQgg5l5wxl5UMzxldJA0Bgo62pnDNh29u63BpDnuvkjN6SkmSOEcdQvhjesVYS4RICCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIISTWGTbs/weu4URpsmtERgAAAABJRU5ErkJggg==" alt="Checkmarx logo" width="192" height="32"><div class="container"><div class="report-header-footer"><span class="title">KICS <span>REPORT</span></span><span class="timestamp">04/28/2022 11:02</span><a href="https://www.kics.io/" rel="noopener" target="_blank">KICS.IO</a></div><div class="run-info"><span style="flex-basis:100%" id="scan-paths"><strong>KICS development</strong></span>
+<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>KICS Scan Result</title><style>*{margin:0;padding:0;outline:0;box-sizing:border-box}body{font-family:sans-serif}.container{display:flex;align-items:center;flex-direction:column;margin:5px;border:1px solid #bebebe}.run-info{display:flex;flex-wrap:wrap;border:1px solid #bebebe;margin-top:10px;width:50vw}.run-info>span{flex-basis:50%;text-align:center}.counters{display:flex;flex-direction:row;margin:22px 0}.report-header-footer{display:flex;flex-direction:row;justify-content:space-between;border-bottom:1px solid #bebebe;width:100%;padding:15px 21px;background-color:#503e9e;height:50px;font-weight:700;font-size:14px;color:#fff;cursor:default;user-select:none}.report-header-footer>a{color:inherit;text-decoration:inherit}.report-header-footer>.title{font-size:18px}.report-header-footer>.title>span{color:#000}.report-header-footer>.timestamp{font-weight:400;font-style:italic;opacity:.5}.severity{display:flex;flex-direction:column;cursor:pointer;position:relative;margin:0 22px;align-items:center}.severity>.caption.selected{text-decoration:underline overline}.badge{color:#fff;border:2px solid #e8e8e8;border-radius:50%;cursor:default;user-select:none;padding:3px;font-size:10px;display:flex;align-items:center;justify-content:center;width:30px;height:30px;position:absolute;left:60%;top:50%}.kics-orange{color:#fc6e3a}.kics-orange>svg{fill:#fc6e3a}.kics-orange~.badge{background-color:#503e9e}.kics-purple{color:#503e9e}.kics-purple>svg{fill:#503e9e}.kics-purple~.badge{background-color:#fc6e3a}.severity>.icon>svg{width:80px;height:auto}.severity>.caption{font-size:16px;font-weight:bolder;user-select:none;cursor:default}.separator{border-top:1px solid #979797;opacity:.5;width:95%;margin:22px 0}.query{width:95vw}.query-title{display:flex;align-items:flex-start;flex-direction:column;width:100%}.query-title>h2{display:flex}.query-title>h2>div{width:20px;margin-right:12px;margin-left:-30px}.query>*{margin-left:30px}.query-info{display:flex;flex-direction:column;justify-content:space-between}.query-details{margin:12px 0;display:flex;flex-direction:column;text-align:justify}.query-details>span.query-description-title{font-size:18px;margin-top:5px}.query-details>span.cis-description-text{margin-top:5px}.query-details>span:last-child{font-size:14px}.vulnerable-info{border:1px #969696 solid;border-radius:2px;display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-header{display:flex;flex-direction:row;justify-content:space-between;margin:6px 9px}.vulnerable-info-details{display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-details>span>strong{width:5vw}.code-box{display:flex;flex-direction:column;background-color:#503e9e10}.code-line{display:flex;flex-direction:row;align-items:center;height:20px}.code-box>.error{background-color:#fc6e3a50}.code-line>.code-line-counter{font-size:10px;margin-left:9px;margin-right:10vw}.code-line>.code{font-family:monospace;font-size:16px}.kics-message{margin:24px 30vw;text-align:center}.love{color:#503e9d;font-style:italic}.social-networks{display:flex;flex-direction:row;align-items:center;justify-content:center;margin-bottom:24px}.social-networks>a{margin:0 15px}.social-networks>a>div>svg{width:20px;height:20px}.footer-text{font-style:italic;opacity:.5;font-weight:400;width:100%;display:flex;align-self:center;justify-content:center}a.checkmarx,a.checkmarx:visited,a.checkmarx:hover,a.checkmarx:active{cursor:pointer;font-weight:700;text-decoration:underline;color:#fff;opacity:.8}.hide{display:none}summary{cursor:pointer;user-select:none;font-size:18px;font-weight:700}</style><script>function filter(e){const t=document.querySelectorAll("[data-type='severity']");t.forEach(t=>e!=="TOTAL"&&e!==t.getAttribute("data-name")?t.classList.add("hide"):t.classList.remove("hide"));const n=document.querySelectorAll(".severity > .caption");n.forEach(t=>e&&e===t.innerText?t.classList.add("selected"):t.classList.remove("selected"))}</script></head><body><img src="data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAABAAAAACqCAYAAAAz1T0YAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAFLcSURBVHhe7b0LfFXVmffPyUlOEnIPIQn3BAuitpDYCtpRuamt9YZU27HWCrSd+lZnuMzbvjPv2xaw08//P1M/Ev5jp7VaLlVr59UiFNtqrVzEzihaCFgvgJCEaxIgObmR5IQk//Vbe+14iAFy2Wvtvc/5fXVz1lp7n5O99zl77/V71vM8axghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhJChEFCvJA5JzZo8LxBMzlZVR2lt2L+xu7M9rKqEEGIM3tsIIYQQQvqGBoA4pnDKgxVJydlFquooJ95/rPhspKFSVQkhxBj5E+/dmpxRNEtVHaX24NOz25urtqkqIYQQQoivSFCvhBBCCCGEEEIIiWFoACCEEEIIIYQQQuIAGgAIIYQQQgghhJA4gAYAQgghhBBCCCEkDojZJICJoawiZIFOSi0okfWkiye7O9sRrkR2567OtnBnpKEy1pPYMQkgISQWYRJAQgghhJC+8b0BIBBMyU5JHz9LCPwJyXhNKShxUtRGztSUd3aEKyOtNXvaW6q2RVpry7s722JiCigaAAghsQgNAIQQQgghfeNLAwCEfmrmpfOS0ybMDA23RvhN0t5Uua2t5fD21sZ9Gztaa8tVs++gAYAQEovQAEAIIYQQ0je+MQCEUgtKUjMn35GWd9WSYGJqtmp2nY72hsrW+j3rmuvfWd8ZCftK8NIAQAiJRWgAIIQQQkgskBlKyb7rE9Puvzy3sOTqURN6+jaNkbbw0eZw5R+r9m38zYd7ftk9bJj4v3943gCA0f6s/OuW6+rMOUlz3d51jTU7VvrFEEADACEkFqEBgBBCCCF+BsJ/0RUzFi+6fMaSzNCFB7+PNtdXPv/hnnWrd29/uD+GAM/OAgDhj05c/iX3aevIOU167tQFoy97sCJn3G1rgyE9wpoQQgghhBBCSGxyRe6o0t/f8Xe7l5TMWnEx8Q/GpucUYdvtdy0+OC49p1g1nxfPGQCQ1C+v6K4X/CT8e2MbArIKrluOmQhUMyGEEEIIIYQQ0icQ/8/efN8WiHrV1G/GZ2QXP/P5r716MSOApwwAaTlT7x815dsVqVmXzlNNviaz8PoVBZO+uZveAIQQQgghhBBCzoct/vsz6n8+bCPA2PTz609PGAAw6p8z+sZVueNvW+elBH9OkJScVWR7A6gmQgghhBBCCCFEglH7x+fevWEo4t8GRoBHrrt9rap+DNcNABgdz5/41a3pI6cvUU0xCbwBskffuEpVCSGEEEIIIYTEORD/g3X7Px/TC4tnXl3Ydzi9qwYAiP+RQvy7MZe/G2SMnL4ECQJVlRBCCCGEEEJInKJD/AMh8gOLS2b+QFXPwTUDgC3+4SKvmuICJAikEYAQQgghhBBC4pesUGqODvFvc9mIwhJMJ6iqPbhiAIhX8W9DIwAhhBBCCCGExCe6xT+A+O8rGaArBoC8CXe9EK/i3wZGACYGJIQQQgghhJD4ITAsEPj+9JsevTx3lPYweE94ACDbf7zE/F8MJAZMTp/QZ3IGQgghhBBCCCGxgxT/M2569K5JJQtUk3GMGgAy8qYvjvVs/wMlZ+xtawPB5Jia+pAQQgghhBBCyLksKZ25fNHlVxvTw0ebw5Wq2IMxAwDi/jMKrl2hqkSBUIgRzAdACCGEEEIIITHL0tJZKxaXzDQWAt4YaQu7agDIGX3DqmBiKke6+yA169J5DAUghBBCCCGEkNjDtPgH75+uLlfFczBiAEjLmboAIldVSR8gFEAVCSGEEEIIIYTEAHdPKl1gWvx3DRvW/fyHe9ap6jkYMQBkFFzPbPcXAaEAGXlXMT8CIYQQQgghhMQA1xQWz/7xtbcbH+g92hSu/M2H5b9U1XPQbgDA6H+8T/nXXzIKrlvOhICEEEIIIYQQ4m+uyB1V+vjcuzeoqjEw+r+6fPt5c+9pNwBw9L//IEcCDCaqSgghhBBCCCHEZ4xLzymG+M8Mmc2BB/G/5t03Vp9v9B8E1KsWIGZzx7sX2955tjXc0VpT3tZ0YOPZSEMVyl2dreGuzvaw2kQSSi0oCQRTssXrtNSMSfOSM4pcS8gXOVNTXnPgyVJV1UrhlAcrkpKztXhnnHj/sWJxzj+WdZIQQnSTP/Herbru47UHn57d3ly1TVUJIYQQQs4B4v/Zm+/bMjY9x6gXvIz7P1C+/ruvb1qomvpEqwGgcMpDQmCad/9va6rcBtHfUrdnfW+x3x8SgsnZSFqYkX/dcl0C+UKY6mDSAEAIiUVoACCEEEKIG7gp/jHy/y87X16qms6LthAAN2L/MeJfd2TzgpOHnpnddHLn6sGIf4D3tdTtXVf9wU+Kxect7Gj/+PyJOhmeM/V+VSSEEEIIIYQQ4nGyQqk5bon/1bu3reyP+AcaDQCfMipi4Tpfe+AXpUK4r1dNjgBDwKlDT8/uEJ+vmrSTmjlpnt+TAXL0nxBCCCGEEBIPuC3+V5dvX6maLooWA0AwlF1kMo4eoh9x87pEJz63Wny+08aF84FkgKmZl85TVd/R0U7xTwghhBBCCIl9AsMCge9Pv+nRy3NHlagmI0D8//DNl5cORPwDLQaAlLTxxsQ/Rv7h9q+qWsHfMeUJkJw+YaYq+o6uSD0NAIQQQgghhJCYRor/GTc9etekEqMzuUH8f2fHpoVr33tjtWrqN1oMAKbc/xGbf7rquTtV1Qi1CAcwkBMAYQCq6DsibbV7VJEQQgghhBDiMzJDKdl3fWLagh/M+FzZz+d+6YVf3/y1rVgeufaOtaL9/rHp5hOle5ElpTOXL7r86iWqaoRwpK3+nj+sn/2bD8sH5Z3u+CwAcP8ffdmDFaqqlVOVz93Z2rB/o6oaIzl9wqz8S766VVW1oTvbtK5ZAOqP/XFp86m3ylTVETBNYzCYnB0MZRUliHJfORI6VQgIXpmDwBkSxfnG64XOO7DPfVdnW7i7sz3M86+f/lwTIB6/G84CQJwilp890ceGRTWfg1+PzQvY5xe/Gfx2zneOQfR9+myksbJbvMoVJKZAn6o/v4f+0il+KzqeRxD+i66YsXjR5TOWXGwO++cPlK8rK9++8miz2YTpXmFp6awVi0tmLldVI9S3nam79+Wn5r5XVz1or3THDQCm5v5vrtu7rv7I5gvOcagTnR1Mm8bq11Y21OxYoaqOo8sAcKryuXmtDfs3qeqgSE4fPyslbcLMpNSCksSUgpLB7CfCQzo7wuLmeHhbpK16D17VKhIFOimh1PySUErhNPFAKhYPqAmDPefRwFOmKxKuhEeI6NxU4DuItNaWs2MzMJLEd4PrQHw/JTq/m1i6PmgAIIMB98IU8exJTpswK5SSPy1RXHfIyaNW9xs8e7o7W8NtLYe3t7dUbfPCfQ/Hlpo1aR7uI+L4ZgZDmUWDPTY+V88Foi4kfjeJSdlFwVD2hJC4Rw/2/EZj/47s+3RbS+X2DvFbUquJx8HvIjXz0jtwH3HqN9Gb9qbKbbWHnpmtqo5wdWHRLIz2X0z496asfNuKst0Di0P3O26I/8NN4YqvvLR+zlANLo4bAPKK7noBc+irqjbcnmfehBeAjgs7Gl0GgOr9T5QO5iEF0Y/kh8NzPnW/0zdJgOSE6Iydqd+zPt47Lfa5RifXZMJOgN81OjStjfs2svP4cexOA8KABitABkusfDfxYADAszYhQf9sMU2n3yobqkG3Nxj9ypvwxRdUddA48XyEME7PmXo/rjed90JcWy3176w707h/kyljgIljw/TLkZbD2+CN2VJvJlGy29jnFfdnnFuT92ic77OtNeWtjQc2+tEgkD36xjL0O1TVM3R0NFY6MaiI30Zm3lWLU+VU6M73r3vjtE5YUjpr+ZKSmYMeeHzuw/K139mxaZGqxjR3Typd8ONrb9c+4B2NU+IfOG4AGHPFsvoEzTdDt0f/bXR7AeBGf/zdR3NU1XF0GQCO7PnRgH5XGN3MGXXDKpNCFMaApprXVsRLhwXoNrAMBtso03zqzdXxPLJhutPQH/z83cS6ASBn9I2r0kdO1x5vCE+R6g9+UqyqjgEj16jLHhpyqOBQvgv7mkvLu2qJaQEH8dZYs2NlZ0SPy6xbx4Z7Rmv9nnXN9e+s13VsbmGLft2GooFi92XgbeKHc27Ce3awHP3rIzkIk1PVAYHw56yC61ak5U41OgW6kwaAm8ZfOu/nc/92SIZZJKX7/8q3rYx1T4ArcgtLf3fHt3apqhGqGusOwe3fqVCLoHp1BAiM9LxPP6Cq2qg78tuFXWdbqlXVNc52NFaJi11bxseEhKSU1sZ9m3Qda3redNE5SHG0c4CHUfOpnf3ORomObO7429YlGhY9OG54qgzPmbYAozEdbTUxmbgQnZaMEVd+K3fMzT/LLPjsPyWnjbkavyu12nXwPYRSC0rSR3z6ARgnhnWfbYvV76IvcM8cMfbWtbnjvvAzeBU5fT0OBT9/NwhF03VPgdHQjtd1Axxb1ug5/6+qagNC9eTB9dd0DbJDfCHgAZDhgAEj0lq9J3Lm+Buq2m9w3eUV3/OH4dmXzjN9P8Tfw3WF48d56Giv2+ekR0Bq5uR5Iy+5d2tq5ic+b/rYcM/AfSxF3C8Q+94uRKla5VvwW0E/JXv0DWX4vZjuq1wMuy+D3xNEaEdb7R4vh9npvDcPlbamQy8P5t6ekTd9ce74O36dnDb2atVkDBh9WurfGfJAFpL5/fusLz47ULf/3gTE/9MLi2Y2Rdoadp88NuB7sx+4IndU6bM3f21LctDM/RVGlb+ePr77rt+v/ZuTrc2O6UFHZwFAbJkqaiNy5kS5V0ajMPLQJTpJqqqFJAPn1En6OwUgHlQFk76x28Qo1oVISs4qggEiZ9xta8+XRM2PQPhnFVy3fNSUb1dkj7mxLGl4ged/RyGxj/guCqc8VCE6CUat6KZBpxIjIfmX3OfZ0ZBo4um78TJylGn0DatUVSsNJ/60xOtJ34ZnTr5DFftNprgv4rrDvV81uQZE28iJX90K0ayahgSEal7x3S+47eGFc5tZeP0K3C/wm1XNviL6Hg2B7RWvuQuRnjt1AZJwoz/j1/PuJgOdwhz9rJxxt6xFH8sPv48LsaT0+hVj03Mc+c0IYRn43ozPP4pcAqopZhiXnlP8+Ny7NwzVUNJfIP6fP1C+/t6XnprbGHHWsOeoAUDcMLXPXd98+m1Hs8sPFScsbxcCIwWq6AsQR6WK5wUPJnR6ICpUk+vgwVkw6Zu7Y+GhiREgGFfQAfPjQ8k2yiDGOdY6MTgePwn/3tjfjZ879n4G900T13TTqZ2rW+q8Hx6FGOyBGG4h/rPEfVFVPQGuKeQTgsFWNQ0KCBG3Deq9wbEVTFq0OyPvKk/t14WQom70jav8eo8G6M/gXkFj7cBITuu/hsHvJF+c4/Rcs/O+6wCj/3d9otTR3wqMAD+b++UNsTRNIMT/szfft8UpQ8nFsMX/d1/ftNBp8Q8cNQAkGhitbm+u8pRLme5EWU5ME2KSzki4ShX7xBb/6BioJs+AfZIdbJ8KG1tcYgTIi+d3oGDUBaMZfuo8Xgi4CaIz7NdOZTT4feG7GapoIf0HosTEdY24/8bq1zwlks8HjCGh1P71O7wo/qOBwXaw15MU/x4VIviOssfctMoP9wqM+nvBM9EJcK+IRe9GncCgqIoXxBb/XhrEGgpXFzrjgdSb7FBKzq8+f78QzP43Argh/lfv3rYS4l81OY5jBgDEsununMD932suiUiSpYpaSEop9Fy21AvR0VazWxU/hpfFvw32zY9GAKvjEhvisjfoPGYL8ePXToxtmIkFN8HeQLTg2PxqNPMLiJs1JUpOHXp6to64f130x23X6+LfZjBGAC+L/2hwbF425nopNMRJYsm7UTd4Pl8sHCfWxD+4PFff4O34jOzix+d8eUNmyDv5jQZKVig1xw3xv7pcbyJFxwwAmKtaFbURaTvpuUzUXUggd6ZG23757WF09jweAH4Q/za2EcAvgtPuuMSauIwGsbL5E8Ux+qwTgxku8FuKRcOMDY7Nj0Yzv4DzmlFwvZHRU2Sm93rcf28u5rbrF/FvMxCh7BfxbwNjrlP5DpzCjuP2029koPh1YMMNklLOr2ViUfyDy0cUaB1ovGJEYen3Z3zuUVX1FYFhgUAsin/gmAHARALAtsZ9G1XRU0TaqrVmxsaUSaroedLzZizGaDRulKrJV+LfBvs6YtxtRuf3HAx+69wOBTx0/dSJscT/vTE3otQX7GDqw9S9E9PrNvjE9T+aC+UB8Ov9EUIZ9w9V7RO/iX+bnLHecUm3BV0sxHFfDN6j+8f5DFSxKv5NcfcnShb6zQgA8f/ja29fc3nuKCPfOcT/d3ZsWmhC/APHpgEcnn3532KKMVXVQsOJrf/sRdfERHFDTcm85POq6jitjfs36Zh2Ssc0gEhamJY7bUFm/mf/Ca6ZSamFpVmFc/4fP4qgpJS8KZj27Gz76Q9Uk6dABzBz5IyYiI/vL/i9Yoqplvo964d1d7apZs9hi/9Y9srojf3d4H7l9jRUOqeaMjkNIAQsph5TVW0g7j98dPNCU89Xp6YBBHKqu66z7UHxjMF1Zy/pOdPux9SnajPfkZx+yee7uloboo+p59jyrlrsV9GK+0RS8ogpZ8Lv/adqco28CfOeTcnwlkeCTnDuk9MmzDrT8O5/uvX81HlvdoKExLTCzs7mmt7XXO6YL/zUi+LfiWkAb5pw6bxLskZOUVVtlIwce7VfpgeE+P/+jJsevXfKZ7RPbQ/Ckbb6f9j2m3terPirsftiQL0OGcSB6nRzxZzEx999NEdVPQXmyM4rvusFVXWc04c3LzxTv3edqjpG4ZQHK5I8fCP2Ah3tDZU1B54o7faY4SmeRv77or2pclvtoWdmq6qnQGch3sR/NLhmTh56ejY6JqrJODqfR7UHn56NKWBVVRvoKOeON+OFVLP/ydJIq75Qtt7Aq23UZQ9VqCqJQ0xdR+cjnp+hTSd3loWPv7JUVY2iWyvEG070hX4w/XNli664erGqagWj3A+8+uv5fzzsTY9um6Wls1YsLplpJPSuvu1M3b0vPzX3vbpqo2HuziUB1OxWdNZg52SgdLTp/dISmMHVNeC5kJnnrYzA8S7+AToQSAyoqp4B7pUjJrg/D7eb4JrJm6DPIBoP4HdkMu7fpPgnBGTlX+varAAwrsXzMxTeN17LxUDcw6TwFKIz8G/XzVujM/HgUDEp/g83hStu2/zEp02Lf+BcEkDNI8mRtlqtcfZDQXfSJIQYqCJxgbS8qxZ7JWYR+RXiXfzbeLET47dcF7qAq6QXDTR+wdTvKHKmptyPcf/E/8CI68b926RxzcsgF4MqkjjH9Gg8pgf82Zwvb/Di9ICmxf9XXlo/52izO96SjhgAkvo5D+9QOOuiO2l/QAylKjpOIJiSpYrEBTCam5I24YKZpk2AjkvO2Nv50I7CSwml4JlB8f8RHGUaHKZ+R3hmna567k5VJcQ4GXlXGXE7jiar4LoVvE9bnlo4F6pK4pjGSFv4+QO7h5RHYKB4cXrAuyeVLjAl/qsa6w65Kf6BIwaABKFMVFEbHW21ceuimBBM9mTug3jCC/MXs+PycXA+vBCiQc+MvskeRS+AgZCaOXmeqd9RU+2OFX6b8o/EFqE0zBhkzoALI3pa7tT7VTXu8ZJ3I3GXsvLXVjRGWo3musL0gDACqKqrXJFbWPrja80MsL1z+vguuP27Kf6BIwaAYJJ+N46uTrM/zIHSpdFDIZiQTA8Al4G7opsPSsQsut1xQSJOuAwj6Uz0gjasU5sZxwudGHpm9A1CAcRvlx3ufgBxkjX6JiMGE8T9t9TtNTriQ0hv4F2HJMqqqp0RY2/hfToKnP/hmZfeoaokjoEYLdv9mpHp56K5ZlTRbLenB7wid1Tpszd/bYuqagMJEP/7ROXWe196ai68LlSzazhiADAxT31Hq7c9ALq69GWJp4XWG5jsqPTGjZjFNiHuG4RQQLbmY399JAezcNQceLIUGWejF7RhHbbBtg3Vr62EUUB9jHbQickqcG/0PSNv+mJ6ZpyfrNE3lPEednGQONHE7wiu/4z7J14hOd1MeB0MbKazz+Naa23Yt7Hp5M7VeC6ePrJ5ob2gjgXrTT4ve5OW8ylfTidJnGfNe2+UPf+h2VAAsPDyq5csKTXjet+bcek5xY/PvXtDZkhv4maI/+cPlK+/56X1c7wg/oEj0wBmj76xLGPkdG2xXF6eAtAGmfoTgvp+QDpyIHAawIHRXLd3Xb14cKuqMSAws8fcWKaq2sFxnqnfu36oUzTBMJgphLkJzwXcI0588JNi09M1olPJxH8Xp/7YH5c2n3rL2G/Yb9MAmprZA9dJ7YFflLrt+s9pAImNqf5d7rjb1pl4FsFw3tZ0YGNrw/5NA+m3oQ+ZnF40C2FApr39jv71kRxTz05OA+gsTkwD2BuT0wLaQCB/d8emhc9/WG7MAAHx/+zN920Zm56jtf+GY1vz7hur/2Xny65MvXk+HDEA5I67VdxYp2m7YUXOnCivObCmVFWJQ9AAMDAwv3n1B48Vq6oREoIp2fmTvrHbhMBEx6X+6IsLnRYH6OznSZGs97fWiBGVmh1GRzbdnJIRHefWxgMbz7bVlIvvrArz7nf16sShUxkQv6FQasG0pJSCUrFMg1u+Wm0MHZ2UC+EnAwA6/HnFdxuZNrH++CtLm0/uNGaIOR80AJBoTrz/WLFuo1ThlIdEf0ffcxTPz8ba11c6cW8waTwHJg20NAA4i65n65KSWStMj8qHI231X/nD+jkmpsQzKf5X7962cnX5duPhFRfDEQOA7gvadOcxXvCCAQAPzY622j0RiJjWmnJbwNiWc0yBGC1iUjMmzXPz4WHSUg4Q+587Xv90PYgJ1u0WnCmEcpYQzKrqOG54CunuVPbFmYZ9G0VnbfVgO5roXKaPnL4kJWPyHSavfx0j5+fDLwYAkx4kbnkw9YUXDAC4X0RaDm9rFwsMaB3i+YN2+9lje/UFxb7CEAtDTSht/Ew/GM3het7WuH8TnqudQlhjQfv5nqvJaeNnISEfwqmw3jSnKp+bhxFzVXUcJGnNv+S+rarqOLqen7qfmTYm+9gZedOXJIrfnKo6xvDMSfMSXPr9RoNrD/eUzki46myHfk+r7s62sLh2tEzjt+jyq5f8YMbnjCbyNTE1XlYoNed3d3xzVzyLf+ALA4Do8G46Xfm8a/HXsYpbBgB0vJpPv726+eSbZb1HLPsDOi6pWZfOy8jHdFlm99+kiAEmBKYJ8W+ju0Nj8vsxZZyxcdpDAyJseO60BSY6mABxsOHjrxiZscEvBoCCSd/YbcIjA53S2gNPlg7mfqsDNw0AQx2pFYK5JF2IGLeTsvbGfq6eqdu7brAhg+KYFrjxXNU9Aq0zTFX38xPfSe44vc8ZN4znTuOmZwHuKS3hd9a3Nezb6JV7rFNcnltY8vO5X3pBt1iOBkaAW3/7+JU6YuUDwwIBiP/Lc0dpfe5C/P/wzZeXrn3vjdWqyXM4Mw1gSO/DQlxQ9apIfA6SylV/8JPiRvHAHOyNEu9rEZ0cfA4+TzUbIZhkbrQXSQdjSfwDfO8QgqrqOBilU0XtmEzMCNftk4eeme2kmyw+C99Hzf4nSyEQVbM2hud8ylOCyW0QPmIqHOPUoadnx1rHdKBII8jBp2fjOhqKASfSWlNed2TzAritm7hu+kPTqZ2r7efqYMU/sJ+rYXG/UU1GSEotdHxEOJpQSr6Wzzfx/MR3ovOZCeD5kZSabzw0zO9A+Nv3FBjeYvEeC3f8v/3DL2cfba43dq8bn5FdrGN6QIj/H197+xrd4h+hDN/ZsWmhl8U/cMQAoJvuzrYGVSQ+BRZm3CiHIvz7Ap8nOmPG3Fox+qOK2knL1SuY4BJsUvzbiE7TCl0dZ1MiU3RYS0y5/tcdeXGhzrhtCBoIRN1iBp3M5PQJroXveAm4JJvKHQGRoju+2utgykN4QDjpHYRzioSKHS5mcMdzFfeH8LFXljj5XBWCswyGwS7x+apJKwnBZK2jzzpGhnG/NPX8xDNT93eRlFJIA0A/sa+7oRoT/QLc8WEEeK/uhLF7ndPTA0L8f3/GTY/eNalE66wX9W1n6pDH4DcGkxkOFkcMAMGg3imeujq9MWUCGRxS/IuOkq4bJSzkpkYsAsGULFXUiow5zdI37SA6L0015ud8Bbie4cquqo5iaiQjI+8qI67sGPlvqduzTlW1ATFTV/X8nbo7mSlp4+PeAIC4/5yxtxsJHcEUY24Y+bwERscxYq9jdA73sloYz1wyApwSAkTX/UEaBqt+c6eqakWIT20eADDWqqKjNNWaSziL31nTqbe0jiaaHNzwM+jP6rzuvAqMAF/Y9PNSZLNXTdpxcnpAfA5yGqiqFhC6cO/LT801kcTQCZwJAfBA4g3iXRpO/GmJ7hEojFigs6uq2khKyjQy6qvblR2dFzdHBWEMQuIhVXWU5DT9o8yhNP1zV8NDw2TGdnT4ERutqlpIThtvZM5vLzNi7C1rTXiPwMhn2pXba8hzcExv3gmIs1NVzxkRytHAOIhrVlW1gPu0bvdz3SRqCNvD7wpeJapqBN1Z+pHsUhXJBThd9Zs7dV93XubhnS8vKdttJqmdEKiBfyiZtfyuT5QMybNzaemsFYtL9M5oYCcv9Iv4B74IAaAHgH+BiDH1oIRLlu4RzIBmbxeb1KzJd6ii47jReemLBk1iU7ebuQn3f7c8NGBI02WYAYlxPsqEuH9Tiap0TOnpNxDaoopawXluqDZ3vcqZQAwZB024nycEQ9qeqzo8wjraavaoojHQD9Z6b07KnKCK5DwgnCoeXP4vRln5thUPv2lmTnsYAb4343OrkIxQNQ2Ir19xzRJT4l/nzAU68IkBIL6TF/kZkyIGD8iW+ne0CttAcLgRAwCmZVJFxzHpungh8CDV0bHU6U4KTLixu+mhocswAxCigQzwqhpXmI77j/eOKozPJq8hU/OogwaDnh0m3M91Tj+IcDpVdAy3rq22lsPbVdFxTPVt/AqM8vEeThXNmvfeKLtl08+vNJEcMDuUkvOzOV/eMDZ9YAnn755UuuD702/SOo3hu6erd/tR/IMhGwB03FxJbGC6AwZaG/XMh2oSCAWdYTWi86KtEzFQxPfl+NzPGJ3X6amRmjlJm3cGcNtDQ5dhxiZkIETDawRDOcWm4v47InUV7KiaNT4D3SO0Nvgbpp+rZ+r3+jbeORAMIW9Pt5NLR1utK26+Ha36/q6ppLZ+xSsDJ17i3boTu+/5w1NC/Oo3AmBmgF99/v4tmaH+ac4rcgtLf3ytvmcupvl75/TxXff4VPwDBwwAZlyiif9oa9Qfk98b3eLFBCGN2XjdMMpciLbmw1o6zCFNiZ9AkmY39vYWPedkIOj0pIlHD4Cc0XMfNRL3L8T/qYO/mqOqcUvkzIlyN+5zrY0HHDdo9qYl/I5xMY5zCcOkqvqKllNvr649+PQcJ5eOVnfifDva/BNfHGt4aeDESxxprq+AEcDEDAH9nR7witxRpc/e/LUtquo4EP/PHyhff9tvn/h0Y8S/Ieq+CAEg/qTNpRumFwTUUEhO15coLdLiLbdgXfuTlKJnJgDE/+tOeurW7AzR6PSkCYay4yrWNLPguhU6Z/SIpqnmz3E/5R9obzniyrOnzcCzxy0hIu7VvhRASNiGgQEnF7fCUnX/3XgNz7oYbhkU/QKMALdseuJKEzMEXGx6wHHpOcWPz717Q2ZITz8N4h/H+d3XNxmbflwXNAAQLeCG2e3SQ1LcqKtU0ZckJg0szmkgnGnYp32EaiDgoarDYyMxpOcc6sgoHY1XOhodotOsy5PG1EwaXiAptaA0q/B6rQmIbJpOvVnmheSeXqC9pWqrKhqlM6J3lBxTkLl1f9Dpfk76BxNiu0Ok7SR/+xehe1h3t6kZAs43PSDE/7M337dlbHqOlj4GxP/q3dtW/stOMwkQdUMDANHC2Y5G10S4n6doQU6NpOF6XMzdNMpciE4N+xQIpiDu03GQn0EVteDWyGVv0NHsjDRqERoJIT0PZ3MEAv1ZEPc/YsLdF3VXdAK4/oeP/Smup/yL5mwk7MrzB9eNTlf5sy4+2zgCSuKVjtZq47M++BXMEPDDnS8vU1UtCOEqpwdcdPmMnileryksnm1C/K8uNzMFogloACBa6HSxs9DZ4c9YRaBjyiIbr4jL3nRpGDXTNcocSsnXOsOAWyOXfRFpY6enL/IvuXfLuGn/u+tiy+jLvn3IUGKtbsb9n4uro9UajawdHXqMcv3hbAcNACQ+6exoqFBF0g9+8e4bq3TPEAAjwA9mfH7V3nu/W//63f9QgZh/neL/h2++vDSWxD+gAYBoga5qgyOo0f2/o61mtyp6CtGxdHy0Ttcoc0JQb/y/W3kz+kLXiB+zTTtL/fFXlnF09iPgJq+KrtDVqe/vd7rk2QC6NR4XIV6mq7O9QRVJPzE1QwBi/XUJfwDx/50dmxaufU9/fgPT0ABAtOCmAcBN74OhojMJT0JCSm5y+oTZXlsSk7IcTwqXEAxpEeq6wjMAhIuXQjQw1VV7U9VWHYv6E2SIYFaP5pM7jc0/7we6hEpWRUIIIS5hcoYAHYQjbfX3/GH97N98WB6TuXUC6nXQIGZ5zCf/sV5VtXD68OaFfp6H1qsUTnmwIilZz4izm98ZRPSoyx7S4rLV0d5QWf3BY8Wq6jh5RXe9YCpjeKxzZM+Phnx/i0bn7wpgfu/aQ8/MVlUyBPIn3rs1OaNIa74Gt7Gn/PPj6L+f79EXQ+dvL1afq8Dp+3WsMm7a/+lWRcc58f5jxX71JtJ53dUefHo2Zn9QVTJAAsMCge9Pv2nVoiuuXqyaPA/E/1f+sH7Oe3WxO/XmkD0A6OpNiHMkJCRrdTEngyeo0TsDuBnfS/yHX8U/IYSQ+MHkDAFOcLgpXHHrpsevjGXxD3wRApAQpCgi8YHuGPN4wulwioQEvd+Nm/G9xF801uzgfP+EEEJ8g4kZAoYKxP9XXlo/52izf5OJ9xefGABSKIpIXBAMxc8c6X4joNkQSUFH+kNbU9XWhurXVqgqIcQYH5/uMzGUXYwlKTW/tK8cN04vakcI8SUmZggYLPEk/oEjMVc6Y8mB6OysbKzZwQ6PwzAHwMDRHV+qM74v3nA6njGz4LoVWYXXL1dVx2GcoXPEag4AP8f9R8McAIODOQBMA5FvHXsoffysUErBNFGegNl6YKwPJsaWxx5zAPQNn83OMy49p1jnvP0D5d3T1bvvEeK/MRI/Ye30ACDEI/B3Tgi5EA3HX+WUf4RoJRAIBFNzhudOXZgz7tY1o69YWjfqsgcPjRh325qMkdMXI0lvaHhBSayJf0JM4qUZAv7vgfJ18Sb+gTMGAM1TVwWCKVmqSEjMwlwX3gajQKqoBZ3zhxP/g7j/1ob9G1WVEOIogQBc7PMnfmXL2E8uq4PgT8+duoBCnxA9wAhwy6Ynrlzzrntz7EP8f/f1TQvjTfwDRwwA7LgSQrxGp89mKOnWbEgl/uZMw75NqkgIcY5AVsF1KzDSn3/JV7fEYugQIV7FzRkCynZvWwnxr6pxhyMGgLMdDVqzVyclMTEaIWRgUFCTWCJ37G1rVJEQMmSsEf/CKQ8dyiy8fjlH+glxD8wQYNII8FLV+xvLyrfHdW45f+QACHkjSUQ/QMIYXQshhJA4BXHHGKlUVULIIEGMf17RFzdgxD8pWW9oFyGkf6zes33lz3I/FV4z+uruNaOvGfbRq718VF8bVUd57ZjPikW0jZphtYnXnm1GRb1Pts/oXt8Uifukjs54ADAp0bDUzEvnFU558JCuJTVz8h3qTxFCLkLnWYYlkdgjLe+qxcFQjmsZ7gnxO0mpBaUFk76+C8n8VBMhxAN0dw8bVtvZGW5MGh5oTEod1pCYIpbk7sbE1GGoN4l2We9ZlyLbZTmYLBaxXShNbtOAbcU6+VmhVPF5altRr09M6W4LJsX9wKojBgDdrrZ+sNAmpeaXYEo9XQt9AAjpP12dERoASMwBN+URY7/AUABCBgFc/kdOvJej/oR4kMycwqKM7MKibiBbAsMCgQTxj1XuQiPqAuQOsMuYrROr0Ga9VdbtCjaQi70NPrX06vl/n5ySHtdhP44YAEwk29KdgdvrdHW2N6giIeQidEXqOVUaiUmQpCwj76olqkoI6QepmZPvhMs/Y/0J8R7JqRk5t3z5XzZItS+FvfUqVL6l5LGREPrAKottZDuEvWxXBgFb6Ktt1HpZl1j1jOzRE794f9mWzOzCuNWWjhgAOtpqtc/jGAxle/pL4hRhxAfY98V4WAiJWTIKrlvOUABC+geuFczpr6qEEA+RmTOq+J5v/WLXyMJJJV3dXUKfC5EehWUIsDt2EPtK1EuBL9rFe3o6fQHxZnuRdWv9R+/Di/g8wchRk0u/eP+quDUCWCdoiED8jrrsoQpV1cLpw5sXnqnfu05VPUf+xHu36pw+5sT7jxU7nWuhcMqDFTK8QANufl86f48d7Q2V1R88pqXjrXO/I2dqyptO73RtrlXTdEbCle3Nhx1N8pI9+sayjJHTF6uq41Tvf6K0o1W/MTUe0H0/9gLtTZXbag89M1tVfYVf79H9QedvL1afq+DInh850h/tDQaPRk786la6/V8cHf1MU+i87moPPj27vbkq7pPG6SBv1KTS+fev3pKSmpHd3SXFv6XclX5HWyBBCHa1DpYBuYk0DAQCEPLW5lYbKtHrsU6ithsmPkuUrToMCN1d3eGGExW///X3vniq+sO46n85dsMdc8Wy+gSNrlVNJ3euDh9/xbNuj4WTvrE7aXhBiao6jo6HIw0AA0d353LctP9j3aQcJnLmRHnNgTWlqkoGQWbBdSuyCq9frqqOw06Gc8SDAQCEj/1xadOpt8pU1TfQADA4aAAYOLnjbluXljv1flUlF4AGgL7hs1kPl5V+YcENt//TmmEJUUJdgVAAKfp7r+vqtgwC0gfAQnaabScAsT3a5Xtl3fISUO4DFtLLQG2o6Ozq7Przyz9ZVv7Gc3EzUObYNICdmhMBBsXDRxU9STCUqW3/mNGcDJVAcDjjHoeI7mSnwSSOUJGBwVAAQs5PWs7UBS6Kf0gOHQshvmfG7K+vuGHe/14rBbpQ4pYXPxS5tUDgDwti5F8Je2kQEGWh260GbCN0f896gTIWoMHexn4fUFXbC0BsYn0GloSEYMJ1n3to1YxZC7UN8ngNebKcIK/orhd0TqvitlX/QiQEU7LHfPIf61XVcXSN3tIDYODo/h3q/E50jbDEC8NFZ3LE+NvWqqrj1B/749JmH47mehGdo0HNdXvXdUbCVap6XkIphVNTsyffqara8GMoAD0ABgc9AAZG4ZSHxPPUmGG1GwmxO87UlHe0Ve+JtNXu6Yw0VGJR64cMBsLyL/nqVlV1HHoA9A09ABwkEAjccMc/r5lS+oUFctQ+aoRfeu53dkphLum1DnR3Wl4Bclul/bFKynm8yvVq1B8ghACGBLsddfGKdwai/z7+FY3wHNjz5nNlO17692WyPYZxzANA3DQu2iEaCriJB4LJnhzFxBSAqqgF3SOPxENo/K69ev34Bd3XYaLHE50SCyHA1jfW7FhxsaXu6OZFXZ1t2gzDNuj0clYAQs4Fo/+GxH93W1PVViES51S//9jEk4eenhM+/qelZ+r2roNoPBsJVzq1ILeN+puE+A5k+v/bB9buunTazfdDrXdDmGMFyhilRzkYDGDkXy5oV81dQsBb663Rewh6WRf0fIYsW5+FJissQNQ7xSs+V/0Ne70sw2iA94ptUIaRYNo1X176pW+t2YUpCbFdrOKYASDSWqM9eUIotVCr0B4soRS9+wVLsiqSGOdsh74HPEZwVJEMgrMdekdGAsGULFX0BGJ/shND2cU6Fny2+jMxixD/4bojLy5SVa0wFICQc0nL+ZR21/+OSF0FhD9EP8R+FwdrCOmTjJxRxV96YM2uEaMmlUjXftVuC3cgBXmvBYIcAh2j+Kj2tIm69AKQ77c/Q2xiGw4g9vF3UMYrPADwnmBQtmEbaz/kx1rvQ1m9N3/MpaXzF/z7llg2AjhnAGjR7x6TkjZei3vPUElOHz9TFbUAy68qkhhHiIYGVXScJM2GqlinW/NUnKGUkZ76fkKp+SWjLnvwkI4lq+C6FerPxDStDfs2tjdVaXPZtcHc5iPGfoHTnBEiQOZ/Xe7gNpHW6t21+9dcSddwQi5M3ujJpXf/j3W7MnPHFA3rkt76lgCH4LZH6SHAZRuwhHhPHe+BMLdqUvBbr+dijeyLdXDrl4JegDLaIfZhFMB2altr+6i6erW3Tc8dXXznon9/NQ9GixjEyRCAyi7NyeqS0/QK7cGSqFlYdbRxarB4Qec0cAkMARgSuu9x6LSqoidISNA3qwtGx1Ux5mEoACFmGZ45WVs+KoCR/5MHn57DEX9CLsyU0lsWfOmBdbtSUjKypcAOQpBbRgC5qHh8UREvGH2H2BdVuORDlEP4i/fIbe061tvb9rxHNErhjgz/ok1+JGwAoizj/K31PUYF8XdhHLDeLz5X7UfPtlgHI0DmqOK7H1j7l6nXfFnbFNBu4ZgBAHRGGrWOVKOD47U4ZnTadceZRVqraQCIE5BESBUdJym1cJoqkkGi8x6HUVzd+UQGgs59iScDAAxHjTU7HlZVrTAUgJBhw1IzJ92hilo4dfBXFP+EXISrZn9zxZz531srRbsQ+FJsywWIV2hxrFOiXOh4y0AAAQ6xrsS4jOEHcjuxoIYithXa3VppNUsjgLWNNCDIWQKwGUQ+jAr4LIh91LGd/BzlLYAdEA12XgDZLpZAQkLCtZ/7+1VXzf56TM0Q4KgBoK2larsqaiM1U99MA4NBd1gCpgBkEsD4QWcoTXLaBE+G0PiJSFu11nwcXvqOQqkF2gxG8dZ5bjq5s4yhAIToB7My6XT/xywgfs2UT4gRAoHA7PnfX/uZOYuW2+LcEvMKUZTCHGJbNckQACnIE2SbjNkXZQlEPUb5MWoPIOiFkG9rbwm/tX3Nw1s2/WjRB7t/v14KevWZcltUpfeAKOAz8D78HflqjfBLgwB2TbXJssT6LKsulmAwcNWcb6y49vP/8KhcHQM4agAwkQgw3UBil4GgO9HMWQPnlHgHnW7mXp5Jwy/oDNEAXvLSSEzSF5LQqTmhohcJn3jFyLRCDAUg8YxuL6rmU2+uVkXjBIL6wrIIcYLk1Myc2xf8ZAsy/UN4Q2Rbcf5ClOMVQjshEJBJ/VCG678S2bYxQNbFgsz/XaIq32dvj3bRBvH/3GNfK31ryy9W7Nv9+3VbNvzLgq0bfrRQfob99yDcYTgQdWlwkN4FaBdgtN/+THgGyF2wPl/ut9oOn9RTFp/xqb+5Z+ndD6zblZE9yvfJAZ31AGjcv1EVteGlMAATiWbaWg5r96og3kKnm7nXPGj8hu6Rn9TMSZ74fjCKljS8QGMIgN58MV4EBvKG6tdWqqpWGApA4hWdszJ1tIcrdRuBL0SC6HSqIiGeIyNndPH8b6/fNfqSK2f1iGuIaVG2Xep7jABieyx2rL0syzABJbbxfvUZ8n2qXSI237bxR4uawifO6Y99sPvFdW9t/cVK++/ByCBj+sWrNYsA/hd/WxoDoj4b+yA/XNQFcn/kfsqqfI8E24r2EaMml9y+EDME+NsI4KgBAHGduEGqqjYy86Z7YnTDRCbr9pbDzDAbZ+gMpUlOn+DJRJp+oV3zbCdw4RbfkethALpDEdzsRLtJ86m3ypBATFW1gd9Rzui5MeOqSEh/CWqc7rajrcbVKZl1TzlNyGAZMXpy6e2L/mNLZmbhBEs5Q2jDjV8JelvkwzXfjrW3hbYS4z0J+LBIAa4MBShjQVksb29b83DF+9v7HHB+e+svVr7zX/+5GtvDU8AW79gRfIL8EPH34F3QkxNAeSHIv4X12DZ6kR4C1ufIfRPvz8gZU3TrosdehTFArfAdjhoAQFvj/k2qqI20vKsWu+0FgNH/UJp+McUEgPGHzlAajDB7LQwgNWvyncNzpy50ctGVUd+EkTMr/1rXE82I70SbJ0LkzIm4vafh91N/5PeLVFUrqVmXzsO1paqExAWJoawJqug4nS7H/us0bhAyWKZceduCWxf9x6tpWYUThiVCzAshDb0s4/DxPypisUU2RtzRBOGPhHwQ5lghNLlMwAd/fbTLPACiAWW8TzS/teXJFW+LRVT7RnzEn/9QtvR41e7tPYYGuQjU35f7FAzKfZBx/2pkXxoalMDvaZP7iZ1Q78U6IPYpK3fMRExvOPWzf+vLkDvHDQCtBsIAMLqRVXC9q53ktJxPLdCd/b+9qXIbEwDGHzoTAeLaScuZukBVXQdCPa/o7g0jxt22xslFdAK1XZvi+9EaloOwIl0GjP6Av52WO1VbbpOzHY1VqhiXYN7wppNvlamqVnLG3romEEzOUVVCYp6EBH0GbrdnL0kxMOhEyED49Ny/W3H9F7+/NjmUnt0jsG3RDaksxbsoQ1CrhHuyHeLarsv3CLCNqNgJ/GQYAOoCJOGr2Ld941+2PHnxMDqx/Uu/+l/zmxuqq7rghQBhj8+T0l18JD4TRSnm1d9HGX9fbSux16t9lseBV+QVEKutsIZg4JrPL37003O+6bsZAhw3AKBzo3OubJuMkdOXJKcXzVZVoyC2MqtQvwGC8f/xCeLMdY4yD8+crHWKpIGgaxaNzoi+89fWrD8sJ7PgOtceJroTm3YwsemwxprXVgoxUa+q2pCzAoy7jbMCEOIAyI2iisaBYVZnXhZCBkQgELjmlmWrPj1XCF+I5sSgks1CJKMOFW0LZWuFFNQoQ93LFapuGQXwPrFpjzu+er8oBxISAg2njx7a/psf9dt7LtLaVP/bNd+e09RQU2VPLSj3RZSkQQF/QzSgbO8DgHdCT+JB7IPKSyCR24gF+40i3o/tRP0zc7+x4ppblvgq7M5xAwBoNRAGANwY3QgEU3NGTrx3i6pqpbVxn3ZvCuJNdIbSYITZLeNZb1KznDdGYOpMncn6TCQ7Tc+dusCN7widzOE507R6iDCviTWSWHfkRYYCEOIwCRq9pwLBlCxVNI6JnFOE9Adk+r/16/+x5ZN/c490fYdAlu76UtALZSxH/UWrfBXrILaxoRLhUmDb4h9lIaLlggryAGB7Jazx2hg+XvG7NQ/NbW9rGtDgclP98Yo/Pvu/5kfam8Ly87Bv9v6hrgS9jPEXJbnv0SJflOT+wBAh349trGWYygtgTU1ovWfqZ7+ydP6DT/tmhgAtBoCW+nfWqaJW4IKfP/G+LeaMAIHAiHG3rNHt+g/czjZL3EV3KE32qBtct1RCbEKcqKpj6J46E+IN4Tmqqg03DJzoZOq+vzGviUVrw76N7U1VW1VVK+q3xAzihAyBUMpIV0bg8aw0kXOKkIuBTP/zHnxq16iJn5Hemz3COVrQi6p0k5e6GP9Yrz11LBjtVyP8eC9EufwMbIft1ee1tTeHX3zi23OawscHNahz+vi+3f/1u7Jlcj/xN/H5Qszb+40R/wC8F6ydswwPOB61TRfeg5wFWGevx2dgvxVIWSCNGqItb8ylpbd+46dbMrJHe94IoMUAYCoMAISGF5TACKB7yiOM/OeM+8IaHYKlL0wkUyTeRfc1hOvG7REFXX/fROhMa+MB7dcnhPjICXdtsJ6W+skU34fO2H/AvCbnUnd08yJToQBu580hxARdGsO/QsNHlbhhSMvMu2qxiYEnQi7EiNGXln7hGz/D9HcTbCEPkSwFPEQz2lAUZTkFH9qihHP0glW2az6Q+huvajQedHZ1de3Y8MNFgxX/Nvv/8uLaXdt+8TD2swsfjv3F/sn9sI5BLtgHrLPbsF7so22kQD4BeVxoh1EA26EMsI0iI3dM8S3f+I8tXp8hQIsBADSdemu1KmoHYgZu+ZYRIOpbcAh8br74/PTcEmPJ05pP7TSSJIp4F93XUGbh9cvdCgVIy5m6UJfYNOFi3lK/d50JIyfCNXLG6fYECAQg/k3kNTlDw+Y5IFSlsWbHw6qqFTfz5hASK5iehjo5fcLsdHHtqiohrjD5ytsX3PJNIf5zMLIthK+QvXLBCLkA4rmnDXUljOU/SMSXIBRzMGiN9MMF3zYKyG0g2yC6LaEdCCTIdeVbf/Fw5XvbHPGG/cuWJ1a+8+dny/An5D7Jv2ntp+0ZIPdB7ROS+0kjAbZRS49RA+LfPm61z3hvl228EJ+VkTu2eP6DT+365N/csxhNXkSbAeCM6CCrohFgHR192bcPobPsjCFA/AaDqTkYpcTnwsigVmgHo2Q6Y5iJPzARaz5iwvwNur1nepOUWlCaNVpPCALi/+E9oaraQBiAqWR2yAdQMOmbu3R8T9KzSXwXJsQ/MPGb9htNJ3eWMRSAEGc429GgdZYRk9NQ456fM5ZJPIm7XDn3gRXX3b18bSglM1sKe1sYQ2ahjER5okGOiKMdixDJaJWCGKJfrhP/ScGt2iG45ctH70MZc/Tv2vrkyl2v/vziGf/7i/iTb/z+0WUnDu3aJg0MaBJ/yzJIwMVf1JWhAiP9cl8g7rENXrGv2E9RlKIf5ehzgU+0DQHWm8U5CAauvnnpqivn/p0nve+0GQAgYE3EyfYGnWUI9ryiL27AdGcfGQPspS961knRj3nE8yd+ZcvYTy6rwyiptY05WsJmcigQbxMRAlP3NQTXYHjPQJSrJq1gNEN664i/q5ocpbXxgDGB2VD7unMPp4tgGzhhkHTKwInvomDS13eZGl2iYfP8hE+8skwVtYLfEUMBSCzTpTnEyFQ4DZ7J8tkcA67/6FcnhrKLdS7qT2khlFJQiuelmWX8LCzqT7tLIBCYcev/XFV6gzXF3TnJ+6K7IFLsS01ttatFzuUP44BcDUcAtQ2EMhZ7O7ShDJEtRPWB8hfXOyr+bbq7u1955jvzG+uOVcq/GX0scj/UvmC/ZRsqgqiytAygjvAFeAnIddZ75Su2E4u0IUgDQTBw5Q1/t+LqW5Z5boYA7Ko2xI95Vv4lXzUysnEhImdqyjs7wpWi81mFkTu0wUqcmJQ1AWVM7ZIYypqQmFJQkpTs3vzboCNSV1H9/k8nqqpWCqc8WKHreE8f3rzQtBeIDeaAH3XZQxWq6igd7Q2V1R88ZmzE3OQ11Fj92sqGmh246cp7oMMEhHhdrtugVnvw6dkmPABs8ifeuxVu+qpqjOa6vevaGvf9tq35yLZudU+zkI+nKPB0+gh0LFLSxs/EKJYuI8z5qDuyeUFL3d71qqoVnd+Lrt+YqTAMUHvwmTntzZWuPZtj6R7dG52/vVh9roIje37kSH80I2/6kuwxN65SVW1Yz0sYgXvfc4dKIJAh7s8ZBdcuN32PPvH+Y8U6jLS5425dl5Y7TWt+mVjDqethsIRSM3Pm3vfIhlHFn5klXfgh2KN+6XbPAmP5AVTEOnu1rMqKtU5uY9XEf1iBf8WrGmgPqBF4cOrYvt0vPfmtOZEBZvwfCOk5iNH/2Zb0XCtRn5zBQAAXf7xGY+03jsk6Dht7Q9mGgxHHYG8rD160RR8XOH103+5Xn/mf84ea08ApPnawTuNWB9mvmOwk0wAwcNzoXJq8hnB8TTWvrWypl7/B6HvXIJD3Qyk64caoeyTDpPHMxgtGzr4MnDYwbmLqqlBKQUkwlFlkukNpg1lNqj/4ibHrxo8GAHxX+ZMX7koK5Wo/T7jOaw48UepWQkYaAAYHDQAXx+Q9GYbYxprXH+6UiQej1MGggFfW+FlZ+df+wK0+Mw0A3sFNAwAE8s1/h3j/MarPJnZFTvMnBK34lfcIfCHgAzKRn1WWr9DBWN8p1sEzAO3Rr9haTRmIHqYU1iiI9Y3hY5UvPfHAnOZ6/QJ5xBgkNHx8S1IoPUv2dK2jsIwAoi73CXWxWCWBPN6EAAwG9qsl/MVb0JaI9/ZsLYFHg/WZVntj/bEKHGOTgWO8GNpCAGxMusn6HQgYU+Kf+AfTrua5429bWzjloUMYSUlKzS/FLfqj5UJY28DdD65s2aNvWDX6iqV1ojNmxI2xqebPxu81EIJuhDpFg/wkmJ0kY+T0xRhBjl7QhrAobOOW+Aet4Xd4X7sIMN7UH/n9IlXVCkMBSKxiKjcLsENOkXvKelZCL1zsOWkjtwvAfR3PWoSd4lnJATPiJlL8C2GcnjO2CCP21iKELESs6gbK8Xz8DxGMgr0dRrwBPkhmz8er9T7ZZr83GJSZ9LEeUQF4Q3t7Y9iU+Aenj+3b/cbvHl1q75+doBD7gv2S4/li56x0ADgQbIPjFeC10zpM69gFog25C+xjlecD7fIzYU4QdfFZGeL8fq4nmaK7aDcAWB1kMwmO/I4bAoZ4HzeuIQgEuFEWTv7mLiniRecEnRy4KaOzgjwZ9oI62rEeMeWjpvyPQ+jIQHyaEp1uGs9o5Lww1nezh3lN+gGu9aaTbxmZAYazApBYBIY000ZZGALwrIThHPmn8DzEsxGG8OglNWvynWi3n5eFUx48NOqyBw/hWUvhT9zGGvl/fEvaiDFC/Fuj13IFXiFsrZrCErgQyj0580SbTKqnxK4UyUoQS9GMV7TjVWyHZHzy/eITXn3qO/ObDY+KH3j7t+t2/+nnK6UhIlq8y2z+ar9xTGgXL7LNalTHhBwA6jxhMxyjWGHNKiDWi/fJV7nSfk0Ylpk9pmj2vY9sQIubaDcAAFNzHfsZjv6TC+HmNQQRj84JOjkYVUZnZcS429bYC+pod3Ok2U3jmUnR5kfw3TD5X/9prHltpalrnbMCkFikreXwdlU0Cgzn8MbC8xDPRhjCo5e8ors3oN1+Xrqdc4qQHoQSL7nxW8vTcsYUydFviFVL0Fru+gIpjm1jAMpiHcS/FL7YRr0P28gRdbSr98hFlOVn9by/e9jZrq6ut363aln1obdd8aTc/erjK9/771+vlvsqdx/HrWL3sa/yGFCz9jmQYM0g0HNs9nmS68VibWy1y+MUC15Fa7cKl4CnxIixU0pLb/jWCtTdwogBAJ0/U3Md+5VTB381RxUJ+Ri8hs6PF4xnEG3YD1UlCho2Bw5GMOuOvMhQAEIGSXvLYVfDsggZIlJEmuSSK29fcEnpbV+DaEW2f0vMC4RYtea3F3UhfqXYVSP7MqYfbv9yQ4hd8fxSCQMheDHaLbcVdWkQEJujWZoCUBbs3fLEw++9/sxqfIIriH1488VHllW9u22j8v0X+6iksdpfHIeN3H8l7s/BrotjHZYojlWA84ZX+R6sx+eJFyt8IDDs0s/e8/ehlAzXDPBGDADA5FzHfkMIO46QkYvCa6hPur1gPINoMxW/7Sdo2BwcrQ37Npq61hkKQGINL+RmIcQ3BAKBSz4jxD/i1VFVYl6OXsOdXY5wi7pcKdowQg5PAAhhuS3ErVivRv7laD+2s40BYqWM9Rdby+2xTpTe+/OvVpe/8jP3QyjF7r7+m+WLTh/fVy4PBMei9lEeLzYRByDb7FAB8WodozpWsZEsi4K9ThoD8IpFrhPb4MMTrXOUkpKZc/m19xqZhrkvjBkAAEMBPg5GyBqqX3PVDYT4B1xDHGn+iPrjryzzivEMnU41jSIR0LA5NEw+LxkKQGKNptNvuzeqSIiPSM8eXVRY9JmZEKW24IVOlQtG+GU76hC+QsdCzcNYAFGrtpWvomB7AMipA5VBQYL3iPX2dnXH39+988VHlsqqB4icaazf8tSy+cjObx0TDtg+LgGOyX7FOruuxL08P73XiTf3vF+er4+q2AZvGn/FzNtVi3GMGgDQGTxV+fx8VY17IOQ4QkYGAq6husoN82lIEx28U2+WNZ/c6anY+8bq11ZgaihVjVvw3dCwOTRwrZsK+2EoAIk14EUTaa3eraqEkPOQO2ZKSY9ohUiHsIfQtwW7EqtyZBvbwSgA8AqjgNhEKmCsw7YQvrb4F80ytt6eFUAszaePVWz95T96Tgs21x+r2PLU0vntrc1hefxS3GNwH8eI/9Sx4h+ss49dHKtVjl6sbXrqomzPItBjOBHnJLdwSolbYQBGDQCAo2Q9dMNlmCNkZKBEWmvKw8dfWSaK8h4Sj6BjFz72J89Yj6NpOP7K0njueOLYG6t5j3cCk2E/DAUgsUb4+J/wnIwVpHbotRAyZHJGXTpN/piU+74UtxDzeMWikOIfyDaxICeArFqv8jMwym2/TywQv9hWvop1jXVHD738xDeMTfc3UOqOfbD7v57/wSKIc3mMEO04J/IYgHhF5kNRkrH8EP+CLmvlRyD/gVhjN0vRL7e0PlO+SuMCZhFxZ0pA4wYAgFGyODcCdCPJE4whqk7IgGip27uu7shmxJz3vu3EPBCYJw8+7VnPGeQDOHnwmTnxaASAV9Ppyufnd3W2h1UTGSLhE9LYZwSGApBYIlZmaEE41ZE9P0rovXScqSlXmxAyOAKBQFr2qAn29Hxy5N4e0RYN9gi/FPRKBEsxi9F/eASIuvWvVLdCVcoNJfa2liFg2LDOQHf39l8u+2KzR8W/zeG/bnnhrc2PLO3Zf+m9AM0ujgOvSGiIcwHjgN0m/pev4tThfcAyfqBd/GMbFPCC9+JVGVmSUjKy5IaGccUAAOLYCNCNuGXOi02GCowACKmJp3CAtqaqrRD/XheYthEgnpI2wuBRu3/NlfRqchZ4/DRUv2bkWYlQgMy86a4lJSLEafw+QwvE//nCqdpaqlyZ7pDEGEKG9ox0C10qBb7VbiFEak9dClcro3+Pl0D3MDm6Ld4kXjFNniVw5efZoQDiI/+y+ZF/rJOJ9rzPezueKkOCQhg67FkAes4LyjhuvKINx6lOlsz8j2O3T57czlowu4LlPCDq6rPk51nzLhrHNQMAiDIC2Oc01pEj/16LWyb+BXGONfufvDIOEgN2I6785CHvi38bGAFqxf7GwT2uu7l+7zo/GGb8SvOpt8pMXeOZhdcvT0otKFVVQnwN7sPIteTHZ+SFxD9ob+Z0h2SICB3aHD5RCcEaSLSMAPJV1OUihaoS83ab7M7g1erYSJEs6lbCQGTJt9rtqf+gevf86WcrP3j9aV9pn71/+unKg3/57Tp5jDgOZfCQxg1xOnrapJHAOjcfnSN1bqKWYTAO2HV5rrq7Oz/a1DiuGgAAjADxEM+Mhw+EGkf+idPI5Jqig9Ma3v+CqMbcddTZ2VYPrxmvxvxfDNzjEK4Ro54a0qOp/vDmhRT/+oCIMTnNZO7Y29aoIiG+x06e6ycjwMXEP2hvYRgpGTr1x/ftsVWoXOxeJIR8dII7GAGkxrVUqxT3WLAO26IsR/yj2kTp/dd/tXrvKz/1n8e3UPlvb/63ZXXH3z/Ha8E6duUVIMvW6D5A3WrDIv6JXqSxQJwfUZTnEnWxYf3xD/bgLaZx3QAAkOjoxPuPTYzRUcxuuC1DoMGVU7UR4ijSCFD13HwY02LoOpLXTu3+J6/0u9cMwjVgAFQzBMjng8/phsu/PCZ6NBnBZDxzaHhBSVbBdZzFgcQM6H/5xROgP+IfwDDY0R5myBUZEjWH3pKGJCnc1ai9HOVGXXoACIRYtUf60SCFLl6xKO8AueB90lBgbVd39L3db2/+V18O3gBMD7ht3dL5TXXHpJcEjhsj+ZZxA6dKHa86dpwn6dGPdrGpPIdqUZ4DVsgAzqdoq614a3uktcmVwRNPGAAABEzt/rVXqg6OPMd+xx65hNsy42KJCWBMQyfH70IT107dkc0LY+nawXHUi2OCN4DqhPry+7HvazX7f3EljZpmQTyzKU8ShgKQWEMayr39fOzur/i3aWvcv0kVCRkUEKDVh97eJrPaC2yhK+tylFohBKwc6VYCVy6IB5Bi1rqgPhK3oj96+ljF9l8u8f3U7y31xypeefzrc9rPNIaloE8U5wQHCEGPDVSeA8T34/i7kBxRrrDOkb0OLXLWACw4x6Lx4Nub18t2F/CMAQDAmhk+/selUd4A1gnzHzEzckn8hy00cR35zBDQDXGJmPlqse8tdXtduzHqBN4A1e//dKLPDAHnfDe8r7kDnpHII6Oq2mEoAIk1+jDEegLbsDoQ8Q9ohCVDRsjVv/7xPx6GXrXEv+iSKA0rFzVdHcStHPGW7Ur8Rot/jIwrMdx46mjFq48vmtPi8Yz//aWl7ljFa8qYIY896jz0GEPgIQGDSWKwZ3YAuY1a11PHuRXllvoTFYfe3kQDQDS4Qfuwgwws4X/w6Tkc9Sdu09sQ4OFrSV434eOvLIW4RMx8PMSTRxsC1GwB1vPEW8Tld+NlkPjT1OwSDAUgsYqcRefgr2SSVpefjUMaMIowDwBxAIQBfPDnp1ZbSfyEUBVC3koKKK4LCFuIWFv0Q/TKF1XHNlgwMo6RbqFvX39q8fyW+mMxpYFqDu7c+pff/pucHtDCOg92XQp9vOIfe8Rf0bNOeUzAJeCVxxfNlY0u4UkDgI3dQcZUZ17uIMNy23TyzTJb+Ptmfv+AuNA/OqdOL27T1z4NfbHOma+wDQG22ESyQPxmxSq3jkWeS3S60Pmyr5umkztXx6O4xH0OswXAUOMBY0AsfTf2OXR6cZ26oz1JJfvaP0eXtJHT/yEYyi4SZafp8+8NefHGPfrj++XM4jZ97ZNTi3HwbIRRE9OX4t6LvCai2cT+yL/hxIAR3hdlwBjqogUoQvkSH4s/gRfAKz99uCV8vEq6/gu9aocAyBFr0QD3fznKD+GPBWW0YXQbc+WjLP4VInlZ/bEPYtIz5YMdvyx7548/XYnzYX3h6rULpwRlceIg/qVnhL0Op8kqAxhZ/vv/fn+R2wYSyyThExJDWUWpWZfeMTznU/eHUgtLVLMbxwDRH+44U1Pe1rR/U0vdnvV+FC7iXM4LBJOzVdVRIs1V2wb7QBsqCcGU7JSsyfNU1VG6xffe2rB/o6r6muT0CbNSMyfdEUopnJY4vKAkKM6bWuXkNWXf8zATRmWk+ci2jrbaPeIcbjobYfKi85Egrsvk9KJZyWnjZuL7Sc6YMEutAk59PzH73SSnj5+lSbS6em+LRucx9qZT/B6cnHIslu/Rsfrb0/mdgTN1MlzNdex+ZmrG5DscfC7Ke62ufqNTvzl4F3Vr6MvieZYQTNXS14xV3HoGp40YWzz3gbVb0nLHFuFHK3/0+Ef1FnraBBjMDoj/ZGgAvASEsN31239dum/HL1erTWKWT9704IqpNz24XB47jB+d6hUnyD4fH52oYZZxoHtYe2tD/a6N/7q04u2Nroe4DuWG5iq4SUPAhNImzAyl5k+LMggAJ49L/uztG3dHW/We1sYDmzpaq8vpCktiiVCq6OyITkRSSn6JuL7GJyZlFwUSk7PRFtUJuiAQkt1CLXS2N1ae7aiv6uxorIy01uzh9TJ0or8f0aHKSkzKmSA7VskZsuOXFMrtswOI7wSv9vfS1dUaFiLi8NmOhsqzrTXl6GjwuyGEkI9zvudiQDT2dc9FX7Gr80y493OwvblqO++1xBcItXrlHf+8avJ19y1WLecgxWyn5WkVQEI7obia6w5XvPns9xbVHtwZNyEpxVfdueBTN357edqIMUUyZwKEPtz7JfL0iBuCaJXGke7umkM7t735n99zfeTfxrcGgN6gI5yUWlgibtbTgkmZRdGd44Tg8Oz+CBi7o9zV3iRu2uHK6E4yE60QAsNb36MMHM0nhBBCCIkN0nLHFH3ypoeWj/nk3Hmh1MxsWzFC/EPoQvCeFIK/4q0X1oklJpM29wcYAoo/c8f9BROnz5Tx/ZgFQIh+nK5Ia2O4YufG9UfffXWj14wjMWMA6C99CRiKF0IIIYQQQgg5l5wxl5UMzxldJA0Bgo62pnDNh29u63BpDnuvkjN6SkmSOEcdQvhjesVYS4RICCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIISTWGTbs/weu4URpsmtERgAAAABJRU5ErkJggg==" alt="Checkmarx logo" width="192" height="32"><div class="container"><div class="report-header-footer"><span class="title">KICS <span>REPORT</span></span><span class="timestamp">05/02/2022 17:48</span><a href="https://www.kics.io/" rel="noopener" target="_blank">KICS.IO</a></div><div class="run-info"><span style="flex-basis:100%" id="scan-paths"><strong>KICS development</strong></span>
 <span style="flex-basis:100%" id="scan-paths"><strong>Scanned paths:</strong> /path/e2e/fixtures/samples/positive.yaml</span>
-<span style="flex-basis:100%" id="scan-platforms"><strong>Platforms:</strong> CloudFormation</span><span id="scan-start-time"><strong>Start time:</strong> 11:01:46, Apr 28 2022</span>
-<span id="scan-end-time"><strong>End time:</strong> 11:02:01, Apr 28 2022</span></div><h2 style="margin-top:41px" class="kics-orange">Vulnerabilities:</h2><div class="counters"><div class="severity" onclick="filter('HIGH')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="badge" id="severity-count-high">4</span>
-<span class="caption">HIGH</span></div><div class="severity" onclick="filter('MEDIUM')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="badge" id="severity-count-medium">11</span>
+<span style="flex-basis:100%" id="scan-platforms"><strong>Platforms:</strong> CloudFormation</span><span id="scan-start-time"><strong>Start time:</strong> 17:48:43, May 02 2022</span>
+<span id="scan-end-time"><strong>End time:</strong> 17:48:52, May 02 2022</span></div><h2 style="margin-top:41px" class="kics-orange">Vulnerabilities:</h2><div class="counters"><div class="severity" onclick="filter('HIGH')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="badge" id="severity-count-high">6</span>
+<span class="caption">HIGH</span></div><div class="severity" onclick="filter('MEDIUM')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="badge" id="severity-count-medium">9</span>
 <span class="caption">MEDIUM</span></div><div class="severity" onclick="filter('LOW')"><div class="kics-purple icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="badge" id="severity-count-low">6</span>
 <span class="caption">LOW</span></div><div class="severity" onclick="filter('INFO')"><div class="kics-purple icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><rect fill="none" height="24" width="24"/></g><g><g/><g><path d="M21,5l-9-4L3,5v6c0,5.55,3.84,10.74,9,12c2.3-0.56,4.33-1.9,5.88-3.71l-3.12-3.12c-1.94,1.29-4.58,1.07-6.29-0.64 c-1.95-1.95-1.95-5.12,0-7.07c1.95-1.95,5.12-1.95,7.07,0c1.71,1.71,1.92,4.35,0.64,6.29l2.9,2.9C20.29,15.69,21,13.38,21,11V5z"/><circle cx="12" cy="12" r="3"/></g></g></svg></div><span class="badge" id="severity-count-info">0</span>
 <span class="caption">INFO</span></div><div class="severity" onclick="filter('TOTAL')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><rect fill="none" height="24" width="24"/></g><g><g/><g><path d="M21,5l-9-4L3,5v6c0,5.55,3.84,10.74,9,12c2.3-0.56,4.33-1.9,5.88-3.71l-3.12-3.12c-1.94,1.29-4.58,1.07-6.29-0.64 c-1.95-1.95-1.95-5.12,0-7.07c1.95-1.95,5.12-1.95,7.07,0c1.71,1.71,1.92,4.35,0.64,6.29l2.9,2.9C20.29,15.69,21,13.38,21,11V5z"/><circle cx="12" cy="12" r="3"/></g></g></svg></div><span class="badge" id="severity-count-total">21</span>
@@ -14,10 +14,15 @@
 <span>Line 48</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.NetworkMode' is set and is 'awsvpc'</span>
 <span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.NetworkMode' is undefined and defaults to 'bridge'</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">47</span><span class="code"> Type: AWS::ECS::TaskDefinition</span></div><div class="code-line error"><span class="code-line-counter">48</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">49</span><span class="code"> Family: !Join ['', [!Ref 'AWS::StackName', -ecs-demo-app]]</span></div></div></div></details></div></div><div data-type="severity" data-name="HIGH"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="query-name">Fully Open Ingress</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">ECS Service's security group should not allow unrestricted access to all ports from all IPv4 addresses</span><span><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group" rel="noopener" target="_blank">https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group</a></span></div></div><details><summary>Results (<span class="severity-partial-count-high">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
-<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports</span>
-<span><strong>Found:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 32</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports</span>
-<span><strong>Found:</strong> Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ALB Is Not Integrated With WAF</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Found:</strong> Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
+<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports</span>
+<span><strong>Found:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div></details></div></div><div data-type="severity" data-name="HIGH"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="query-name">Unrestricted Security Group Ingress</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Ingress CIDR should not be open to the world</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-high">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
+<span>Line 32</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
+<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ALB Is Not Integrated With WAF</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">All Application Load Balancers (ALB) must be protected with Web Application Firewall (WAF) service</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-medium">1</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 86</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.ECSALB' does not have an 'internal' scheme and has a 'WebACLAssociation' associated</span>
 <span><strong>Found:</strong> 'Resources.ECSALB' does not have an 'internal' scheme and a 'WebACLAssociation' associated</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">85</span><span class="code"> - Name: my-vol</span></div><div class="code-line error"><span class="code-line-counter">86</span><span class="code"> ECSALB:</span></div><div class="code-line"><span class="code-line-counter">87</span><span class="code"> Type: AWS::ElasticLoadBalancingV2::LoadBalancer</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Auto Scaling Group With No Associated ELB</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
@@ -37,30 +42,25 @@
 <span>Line 167</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.service.Properties.TaskDefinition' refers to a TaskDefinition with Role</span>
 <span><strong>Found:</strong> 'Resources.service.Properties.TaskDefinition' does not refer to a TaskDefinition with Role</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">166</span><span class="code"> Role: !Ref 'ECSServiceRole'</span></div><div class="code-line error"><span class="code-line-counter">167</span><span class="code"> TaskDefinition: !Ref 'TaskDefinition'</span></div><div class="code-line"><span class="code-line-counter">168</span><span class="code"> ECSServiceRole:</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Security Group Ingress With Port Range</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Ingress should have a single port</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-medium">3</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
+<span>Line 35</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is not equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">34</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">35</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">36</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 19</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.FromPort is equal to Resources.EcsSecurityGroupHTTPinbound02.Properties.ToPort</span>
 <span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.FromPort is not equal to Resources.EcsSecurityGroupHTTPinbound02.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">18</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">19</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">20</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 27</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.FromPort is equal to Resources.EcsSecurityGroupSSHinbound.Properties.ToPort</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.FromPort is not equal to Resources.EcsSecurityGroupSSHinbound.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">26</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">27</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">28</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
-<span>Line 35</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is not equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">34</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">35</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">36</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Unrestricted Security Group Ingress</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
-<span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Ingress CIDR should not be open to the world</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-medium">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
-<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
-<span>Line 32</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ECS Task Definition HealthCheck Missing</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.FromPort is not equal to Resources.EcsSecurityGroupSSHinbound.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">26</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">27</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">28</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ECS Task Definition HealthCheck Missing</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Observability</span></span></div><div class="query-details"><span class="query-description-title">Amazon ECS must have the HealthCheck property defined to give more control over monitoring the health of tasks</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-low">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
-<span>Line 51</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' contains 'HealthCheck' property</span>
-<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">50</span><span class="code"> ContainerDefinitions:</span></div><div class="code-line error"><span class="code-line-counter">51</span><span class="code"> - Name: simple-app</span></div><div class="code-line"><span class="code-line-counter">52</span><span class="code"> Cpu: 10</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 67</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' contains 'HealthCheck' property</span>
-<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">66</span><span class="code"> - ContainerPort: 80</span></div><div class="code-line error"><span class="code-line-counter">67</span><span class="code"> - Name: busybox</span></div><div class="code-line"><span class="code-line-counter">68</span><span class="code"> Cpu: 10</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">IAM Access Analyzer Not Enabled</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">66</span><span class="code"> - ContainerPort: 80</span></div><div class="code-line error"><span class="code-line-counter">67</span><span class="code"> - Name: busybox</span></div><div class="code-line"><span class="code-line-counter">68</span><span class="code"> Cpu: 10</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
+<span>Line 51</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' contains 'HealthCheck' property</span>
+<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">50</span><span class="code"> ContainerDefinitions:</span></div><div class="code-line error"><span class="code-line-counter">51</span><span class="code"> - Name: simple-app</span></div><div class="code-line"><span class="code-line-counter">52</span><span class="code"> Cpu: 10</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">IAM Access Analyzer Not Enabled</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Best Practices</span></span></div><div class="query-details"><span class="query-description-title">IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions</span><span><a href="https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html" rel="noopener" target="_blank">https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-low">1</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 9</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'AWS::AccessAnalyzer::Analyzer' is set</span>
 <span><strong>Found:</strong> 'AWS::AccessAnalyzer::Analyzer' is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">8</span><span class="code"> Description: Select at two subnets in your selected VPC.</span></div><div class="code-line error"><span class="code-line-counter">9</span><span class="code">Resources:</span></div><div class="code-line"><span class="code-line-counter">10</span><span class="code"> ECSCluster:</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Security Group Rule Without Description</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Best Practices</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Rule should have description defined</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-low">3</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
-<span>Line 19</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is set</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">18</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">19</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">20</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 35</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupALBports.Properties.Description is set</span>
 <span><strong>Found:</strong> Resources.EcsSecurityGroupALBports.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">34</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">35</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">36</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
+<span>Line 19</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is set</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">18</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">19</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">20</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: fixtures\samples\positive.yaml</strong>
 <span>Line 27</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.Description is set</span>
 <span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">26</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">27</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">28</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div></details></div></div><hr class="separator"><div class="kics-message">KICS is open and will always stay such. Both the scanning engine and the security queries are clear and open for the software development community.</div><div class="love">Spread the love:</div><div class="social-networks"><a href="https://github.com/Checkmarx/kics/" rel="noopener" target="_blank"><div><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 20 20">
     <g fill="none" fill-rule="evenodd">
diff --git a/e2e/fixtures/E2E_CLI_032_RESULT.json b/e2e/fixtures/E2E_CLI_032_RESULT.json
index 381f612c11c..ddf4eddc295 100644
--- a/e2e/fixtures/E2E_CLI_032_RESULT.json
+++ b/e2e/fixtures/E2E_CLI_032_RESULT.json
@@ -10,16 +10,16 @@
 	"queries_failed_to_compute_similarity_id": 0,
 	"scan_id": "console",
 	"severity_counters": {
-		"HIGH": 4,
+		"HIGH": 6,
 		"INFO": 0,
 		"LOW": 6,
-		"MEDIUM": 11,
+		"MEDIUM": 9,
 		"TRACE": 0
 	},
 	"total_counter": 21,
 	"total_bom_resources": 0,
-	"start": "2022-04-28T10:58:03.6352751+01:00",
-	"end": "2022-04-28T10:58:19.1128347+01:00",
+	"start": "2022-05-02T18:02:33.235308751+01:00",
+	"end": "2022-05-02T18:02:43.883934141+01:00",
 	"paths": [
 		"/path/e2e/fixtures/samples/positive.yaml"
 	],
@@ -83,6 +83,17 @@
 			"description": "ECS Service's security group should not allow unrestricted access to all ports from all IPv4 addresses",
 			"description_id": "747f49ac",
 			"files": [
+				{
+					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
+					"similarity_id": "5f39aa8e63613a7e8bfd7641ccfb931fa0225e95b3449bc1210b50329d65d713",
+					"line": 32,
+					"issue_type": "IncorrectValue",
+					"search_key": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp",
+					"search_line": 0,
+					"search_value": "",
+					"expected_value": "Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports",
+					"actual_value": "Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports"
+				},
 				{
 					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
 					"similarity_id": "88653ab159ca0a15095afc685f98da24685fa547bb5f1ca7c95ef468f209387c",
@@ -93,17 +104,41 @@
 					"search_value": "",
 					"expected_value": "Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports",
 					"actual_value": "Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports"
-				},
+				}
+			]
+		},
+		{
+			"query_name": "Unrestricted Security Group Ingress",
+			"query_id": "4a1e6b34-1008-4e61-a5f2-1f7c276f8d14",
+			"query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html",
+			"severity": "HIGH",
+			"platform": "CloudFormation",
+			"cloud_provider": "AWS",
+			"category": "Networking and Firewall",
+			"description": "AWS Security Group Ingress CIDR should not be open to the world",
+			"description_id": "08256d31",
+			"files": [
 				{
 					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
-					"similarity_id": "5f39aa8e63613a7e8bfd7641ccfb931fa0225e95b3449bc1210b50329d65d713",
+					"similarity_id": "f1f15967fd4bd2b39610dcbe3c2d641068dc1b409821142f41d179dbc360b3aa",
 					"line": 32,
 					"issue_type": "IncorrectValue",
 					"search_key": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp",
 					"search_line": 0,
 					"search_value": "",
-					"expected_value": "Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports",
-					"actual_value": "Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports"
+					"expected_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)",
+					"actual_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)"
+				},
+				{
+					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
+					"similarity_id": "3c4976bcd6061315525a23a644cb6ed3bc4888794f21e8161a1cd38ea0495f30",
+					"line": 24,
+					"issue_type": "IncorrectValue",
+					"search_key": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp",
+					"search_line": 0,
+					"search_value": "",
+					"expected_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)",
+					"actual_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)"
 				}
 			]
 		},
@@ -262,17 +297,6 @@
 			"description": "AWS Security Group Ingress should have a single port",
 			"description_id": "5f2b65f3",
 			"files": [
-				{
-					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
-					"similarity_id": "000056cd0b9697e13f2f4561f1963e34c58c042b921c4d0fad0f2fa5214374eb",
-					"line": 35,
-					"issue_type": "IncorrectValue",
-					"search_key": "Resources.EcsSecurityGroupALBports.Properties",
-					"search_line": 0,
-					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupALBports.Properties.FromPort is equal to Resources.EcsSecurityGroupALBports.Properties.ToPort",
-					"actual_value": "Resources.EcsSecurityGroupALBports.Properties.FromPort is not equal to Resources.EcsSecurityGroupALBports.Properties.ToPort"
-				},
 				{
 					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
 					"similarity_id": "810487007189ac4de717dffc3204a05756e80e910b34f89ee08fd14f612328aa",
@@ -294,41 +318,17 @@
 					"search_value": "",
 					"expected_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.FromPort is equal to Resources.EcsSecurityGroupHTTPinbound02.Properties.ToPort",
 					"actual_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.FromPort is not equal to Resources.EcsSecurityGroupHTTPinbound02.Properties.ToPort"
-				}
-			]
-		},
-		{
-			"query_name": "Unrestricted Security Group Ingress",
-			"query_id": "4a1e6b34-1008-4e61-a5f2-1f7c276f8d14",
-			"query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html",
-			"severity": "MEDIUM",
-			"platform": "CloudFormation",
-			"cloud_provider": "AWS",
-			"category": "Networking and Firewall",
-			"description": "AWS Security Group Ingress CIDR should not be open to the world",
-			"description_id": "08256d31",
-			"files": [
-				{
-					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
-					"similarity_id": "f1f15967fd4bd2b39610dcbe3c2d641068dc1b409821142f41d179dbc360b3aa",
-					"line": 32,
-					"issue_type": "IncorrectValue",
-					"search_key": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp",
-					"search_line": 0,
-					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)",
-					"actual_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)"
 				},
 				{
 					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
-					"similarity_id": "3c4976bcd6061315525a23a644cb6ed3bc4888794f21e8161a1cd38ea0495f30",
-					"line": 24,
+					"similarity_id": "000056cd0b9697e13f2f4561f1963e34c58c042b921c4d0fad0f2fa5214374eb",
+					"line": 35,
 					"issue_type": "IncorrectValue",
-					"search_key": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp",
+					"search_key": "Resources.EcsSecurityGroupALBports.Properties",
 					"search_line": 0,
 					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)",
-					"actual_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)"
+					"expected_value": "Resources.EcsSecurityGroupALBports.Properties.FromPort is equal to Resources.EcsSecurityGroupALBports.Properties.ToPort",
+					"actual_value": "Resources.EcsSecurityGroupALBports.Properties.FromPort is not equal to Resources.EcsSecurityGroupALBports.Properties.ToPort"
 				}
 			]
 		},
@@ -404,25 +404,25 @@
 			"files": [
 				{
 					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
-					"similarity_id": "39fec612777f59fb4181dd2330ee465ec860c962acfebb07a4f1ee1f122d24e7",
-					"line": 35,
+					"similarity_id": "e96cf20cc6e1e11dce2d40d9e2b37446a00f00c3f541aa7dd13861059f6fcce8",
+					"line": 19,
 					"issue_type": "MissingAttribute",
-					"search_key": "Resources.EcsSecurityGroupALBports.Properties",
+					"search_key": "Resources.EcsSecurityGroupHTTPinbound02.Properties",
 					"search_line": 0,
 					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupALBports.Properties.Description is set",
-					"actual_value": "Resources.EcsSecurityGroupALBports.Properties.Description is undefined"
+					"expected_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is set",
+					"actual_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is undefined"
 				},
 				{
 					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
-					"similarity_id": "e96cf20cc6e1e11dce2d40d9e2b37446a00f00c3f541aa7dd13861059f6fcce8",
-					"line": 19,
+					"similarity_id": "39fec612777f59fb4181dd2330ee465ec860c962acfebb07a4f1ee1f122d24e7",
+					"line": 35,
 					"issue_type": "MissingAttribute",
-					"search_key": "Resources.EcsSecurityGroupHTTPinbound02.Properties",
+					"search_key": "Resources.EcsSecurityGroupALBports.Properties",
 					"search_line": 0,
 					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is set",
-					"actual_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is undefined"
+					"expected_value": "Resources.EcsSecurityGroupALBports.Properties.Description is set",
+					"actual_value": "Resources.EcsSecurityGroupALBports.Properties.Description is undefined"
 				},
 				{
 					"file_name": "/path/e2e/fixtures/samples/positive.yaml",
diff --git a/e2e/fixtures/E2E_CLI_036_RESULT.json b/e2e/fixtures/E2E_CLI_036_RESULT.json
index 8676038b06e..9579cfea2ad 100644
--- a/e2e/fixtures/E2E_CLI_036_RESULT.json
+++ b/e2e/fixtures/E2E_CLI_036_RESULT.json
@@ -10,16 +10,16 @@
 	"queries_failed_to_compute_similarity_id": 0,
 	"scan_id": "console",
 	"severity_counters": {
-		"HIGH": 4,
+		"HIGH": 6,
 		"INFO": 0,
 		"LOW": 5,
-		"MEDIUM": 11,
+		"MEDIUM": 9,
 		"TRACE": 0
 	},
 	"total_counter": 20,
 	"total_bom_resources": 0,
-	"start": "2022-01-14T11:46:45.5316185Z",
-	"end": "2022-01-14T11:47:12.2883534Z",
+	"start": "2022-05-03T10:09:59.560176214+01:00",
+	"end": "2022-05-03T10:09:59.95332487+01:00",
 	"paths": [
 		"/path/e2e/fixtures/samples/positive.yaml"
 	],
@@ -83,6 +83,17 @@
 			"description": "ECS Service's security group should not allow unrestricted access to all ports from all IPv4 addresses",
 			"description_id": "747f49ac",
 			"files": [
+				{
+					"file_name": "fixtures\\samples\\positive.yaml",
+					"similarity_id": "88653ab159ca0a15095afc685f98da24685fa547bb5f1ca7c95ef468f209387c",
+					"line": 24,
+					"issue_type": "IncorrectValue",
+					"search_key": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp",
+					"search_line": 0,
+					"search_value": "",
+					"expected_value": "Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports",
+					"actual_value": "Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports"
+				},
 				{
 					"file_name": "fixtures\\samples\\positive.yaml",
 					"similarity_id": "5f39aa8e63613a7e8bfd7641ccfb931fa0225e95b3449bc1210b50329d65d713",
@@ -93,17 +104,41 @@
 					"search_value": "",
 					"expected_value": "Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports",
 					"actual_value": "Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports"
-				},
+				}
+			]
+		},
+		{
+			"query_name": "Unrestricted Security Group Ingress",
+			"query_id": "4a1e6b34-1008-4e61-a5f2-1f7c276f8d14",
+			"query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html",
+			"severity": "HIGH",
+			"platform": "CloudFormation",
+			"cloud_provider": "AWS",
+			"category": "Networking and Firewall",
+			"description": "AWS Security Group Ingress CIDR should not be open to the world",
+			"description_id": "08256d31",
+			"files": [
 				{
 					"file_name": "fixtures\\samples\\positive.yaml",
-					"similarity_id": "88653ab159ca0a15095afc685f98da24685fa547bb5f1ca7c95ef468f209387c",
+					"similarity_id": "3c4976bcd6061315525a23a644cb6ed3bc4888794f21e8161a1cd38ea0495f30",
 					"line": 24,
 					"issue_type": "IncorrectValue",
 					"search_key": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp",
 					"search_line": 0,
 					"search_value": "",
-					"expected_value": "Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports",
-					"actual_value": "Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports"
+					"expected_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)",
+					"actual_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)"
+				},
+				{
+					"file_name": "fixtures\\samples\\positive.yaml",
+					"similarity_id": "f1f15967fd4bd2b39610dcbe3c2d641068dc1b409821142f41d179dbc360b3aa",
+					"line": 32,
+					"issue_type": "IncorrectValue",
+					"search_key": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp",
+					"search_line": 0,
+					"search_value": "",
+					"expected_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)",
+					"actual_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)"
 				}
 			]
 		},
@@ -297,41 +332,6 @@
 				}
 			]
 		},
-		{
-			"query_name": "Unrestricted Security Group Ingress",
-			"query_id": "4a1e6b34-1008-4e61-a5f2-1f7c276f8d14",
-			"query_url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html",
-			"severity": "MEDIUM",
-			"platform": "CloudFormation",
-			"cloud_provider": "AWS",
-			"category": "Networking and Firewall",
-			"description": "AWS Security Group Ingress CIDR should not be open to the world",
-			"description_id": "08256d31",
-			"files": [
-				{
-					"file_name": "fixtures\\samples\\positive.yaml",
-					"similarity_id": "f1f15967fd4bd2b39610dcbe3c2d641068dc1b409821142f41d179dbc360b3aa",
-					"line": 32,
-					"issue_type": "IncorrectValue",
-					"search_key": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp",
-					"search_line": 0,
-					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)",
-					"actual_value": "Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)"
-				},
-				{
-					"file_name": "fixtures\\samples\\positive.yaml",
-					"similarity_id": "3c4976bcd6061315525a23a644cb6ed3bc4888794f21e8161a1cd38ea0495f30",
-					"line": 24,
-					"issue_type": "IncorrectValue",
-					"search_key": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp",
-					"search_line": 0,
-					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)",
-					"actual_value": "Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)"
-				}
-			]
-		},
 		{
 			"query_name": "ECS Task Definition HealthCheck Missing",
 			"query_id": "d24389b4-b209-4ff0-8345-dc7a4569dcdd",
@@ -378,17 +378,6 @@
 			"description": "AWS Security Group Rule should have description defined",
 			"description_id": "f7c62b11",
 			"files": [
-				{
-					"file_name": "fixtures\\samples\\positive.yaml",
-					"similarity_id": "39fec612777f59fb4181dd2330ee465ec860c962acfebb07a4f1ee1f122d24e7",
-					"line": 35,
-					"issue_type": "MissingAttribute",
-					"search_key": "Resources.EcsSecurityGroupALBports.Properties",
-					"search_line": 0,
-					"search_value": "",
-					"expected_value": "Resources.EcsSecurityGroupALBports.Properties.Description is set",
-					"actual_value": "Resources.EcsSecurityGroupALBports.Properties.Description is undefined"
-				},
 				{
 					"file_name": "fixtures\\samples\\positive.yaml",
 					"similarity_id": "e96cf20cc6e1e11dce2d40d9e2b37446a00f00c3f541aa7dd13861059f6fcce8",
@@ -410,6 +399,17 @@
 					"search_value": "",
 					"expected_value": "Resources.EcsSecurityGroupSSHinbound.Properties.Description is set",
 					"actual_value": "Resources.EcsSecurityGroupSSHinbound.Properties.Description is undefined"
+				},
+				{
+					"file_name": "fixtures\\samples\\positive.yaml",
+					"similarity_id": "39fec612777f59fb4181dd2330ee465ec860c962acfebb07a4f1ee1f122d24e7",
+					"line": 35,
+					"issue_type": "MissingAttribute",
+					"search_key": "Resources.EcsSecurityGroupALBports.Properties",
+					"search_line": 0,
+					"search_value": "",
+					"expected_value": "Resources.EcsSecurityGroupALBports.Properties.Description is set",
+					"actual_value": "Resources.EcsSecurityGroupALBports.Properties.Description is undefined"
 				}
 			]
 		}
diff --git a/e2e/fixtures/E2E_CLI_040_RESULT.html b/e2e/fixtures/E2E_CLI_040_RESULT.html
index be87ce24868..330babeedb4 100755
--- a/e2e/fixtures/E2E_CLI_040_RESULT.html
+++ b/e2e/fixtures/E2E_CLI_040_RESULT.html
@@ -1,8 +1,8 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>KICS Scan Result</title><style>*{margin:0;padding:0;outline:0;box-sizing:border-box}body{font-family:sans-serif}.container{display:flex;align-items:center;flex-direction:column;margin:5px;border:1px solid #bebebe}.run-info{display:flex;flex-wrap:wrap;border:1px solid #bebebe;margin-top:10px;width:50vw}.run-info>span{flex-basis:50%;text-align:center}.counters{display:flex;flex-direction:row;margin:22px 0}.report-header-footer{display:flex;flex-direction:row;justify-content:space-between;border-bottom:1px solid #bebebe;width:100%;padding:15px 21px;background-color:#503e9e;height:50px;font-weight:700;font-size:14px;color:#fff;cursor:default;user-select:none}.report-header-footer>a{color:inherit;text-decoration:inherit}.report-header-footer>.title{font-size:18px}.report-header-footer>.title>span{color:#000}.report-header-footer>.timestamp{font-weight:400;font-style:italic;opacity:.5}.severity{display:flex;flex-direction:column;cursor:pointer;position:relative;margin:0 22px;align-items:center}.severity>.caption.selected{text-decoration:underline overline}.badge{color:#fff;border:2px solid #e8e8e8;border-radius:50%;cursor:default;user-select:none;padding:3px;font-size:10px;display:flex;align-items:center;justify-content:center;width:30px;height:30px;position:absolute;left:60%;top:50%}.kics-orange{color:#fc6e3a}.kics-orange>svg{fill:#fc6e3a}.kics-orange~.badge{background-color:#503e9e}.kics-purple{color:#503e9e}.kics-purple>svg{fill:#503e9e}.kics-purple~.badge{background-color:#fc6e3a}.severity>.icon>svg{width:80px;height:auto}.severity>.caption{font-size:16px;font-weight:bolder;user-select:none;cursor:default}.separator{border-top:1px solid #979797;opacity:.5;width:95%;margin:22px 0}.query{width:95vw}.query-title{display:flex;align-items:flex-start;flex-direction:column;width:100%}.query-title>h2{display:flex}.query-title>h2>div{width:20px;margin-right:12px;margin-left:-30px}.query>*{margin-left:30px}.query-info{display:flex;flex-direction:column;justify-content:space-between}.query-details{margin:12px 0;display:flex;flex-direction:column;text-align:justify}.query-details>span.query-description-title{font-size:18px;margin-top:5px}.query-details>span.cis-description-text{margin-top:5px}.query-details>span:last-child{font-size:14px}.vulnerable-info{border:1px #969696 solid;border-radius:2px;display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-header{display:flex;flex-direction:row;justify-content:space-between;margin:6px 9px}.vulnerable-info-details{display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-details>span>strong{width:5vw}.code-box{display:flex;flex-direction:column;background-color:#503e9e10}.code-line{display:flex;flex-direction:row;align-items:center;height:20px}.code-box>.error{background-color:#fc6e3a50}.code-line>.code-line-counter{font-size:10px;margin-left:9px;margin-right:10vw}.code-line>.code{font-family:monospace;font-size:16px}.kics-message{margin:24px 30vw;text-align:center}.love{color:#503e9d;font-style:italic}.social-networks{display:flex;flex-direction:row;align-items:center;justify-content:center;margin-bottom:24px}.social-networks>a{margin:0 15px}.social-networks>a>div>svg{width:20px;height:20px}.footer-text{font-style:italic;opacity:.5;font-weight:400;width:100%;display:flex;align-self:center;justify-content:center}a.checkmarx,a.checkmarx:visited,a.checkmarx:hover,a.checkmarx:active{cursor:pointer;font-weight:700;text-decoration:underline;color:#fff;opacity:.8}.hide{display:none}summary{cursor:pointer;user-select:none;font-size:18px;font-weight:700}</style><script>function filter(e){const t=document.querySelectorAll("[data-type='severity']");t.forEach(t=>e!=="TOTAL"&&e!==t.getAttribute("data-name")?t.classList.add("hide"):t.classList.remove("hide"));const n=document.querySelectorAll(".severity > .caption");n.forEach(t=>e&&e===t.innerText?t.classList.add("selected"):t.classList.remove("selected"))}</script></head><body><img src="data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAABAAAAACqCAYAAAAz1T0YAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAFLcSURBVHhe7b0LfFXVmffPyUlOEnIPIQn3BAuitpDYCtpRuamt9YZU27HWCrSd+lZnuMzbvjPv2xaw08//P1M/Ev5jp7VaLlVr59UiFNtqrVzEzihaCFgvgJCEaxIgObmR5IQk//Vbe+14iAFy2Wvtvc/5fXVz1lp7n5O99zl77/V71vM8axghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhJChEFCvJA5JzZo8LxBMzlZVR2lt2L+xu7M9rKqEEGIM3tsIIYQQQvqGBoA4pnDKgxVJydlFquooJ95/rPhspKFSVQkhxBj5E+/dmpxRNEtVHaX24NOz25urtqkqIYQQQoivSFCvhBBCCCGEEEIIiWFoACCEEEIIIYQQQuIAGgAIIYQQQgghhJA4gAYAQgghhBBCCCEkDojZJICJoawiZIFOSi0okfWkiye7O9sRrkR2567OtnBnpKEy1pPYMQkgISQWYRJAQgghhJC+8b0BIBBMyU5JHz9LCPwJyXhNKShxUtRGztSUd3aEKyOtNXvaW6q2RVpry7s722JiCigaAAghsQgNAIQQQgghfeNLAwCEfmrmpfOS0ybMDA23RvhN0t5Uua2t5fD21sZ9Gztaa8tVs++gAYAQEovQAEAIIYQQ0je+MQCEUgtKUjMn35GWd9WSYGJqtmp2nY72hsrW+j3rmuvfWd8ZCftK8NIAQAiJRWgAIIQQQkgskBlKyb7rE9Puvzy3sOTqURN6+jaNkbbw0eZw5R+r9m38zYd7ftk9bJj4v3943gCA0f6s/OuW6+rMOUlz3d51jTU7VvrFEEADACEkFqEBgBBCCCF+BsJ/0RUzFi+6fMaSzNCFB7+PNtdXPv/hnnWrd29/uD+GAM/OAgDhj05c/iX3aevIOU167tQFoy97sCJn3G1rgyE9wpoQQgghhBBCSGxyRe6o0t/f8Xe7l5TMWnEx8Q/GpucUYdvtdy0+OC49p1g1nxfPGQCQ1C+v6K4X/CT8e2MbArIKrluOmQhUMyGEEEIIIYQQ0icQ/8/efN8WiHrV1G/GZ2QXP/P5r716MSOApwwAaTlT7x815dsVqVmXzlNNviaz8PoVBZO+uZveAIQQQgghhBBCzoct/vsz6n8+bCPA2PTz609PGAAw6p8z+sZVueNvW+elBH9OkJScVWR7A6gmQgghhBBCCCFEglH7x+fevWEo4t8GRoBHrrt9rap+DNcNABgdz5/41a3pI6cvUU0xCbwBskffuEpVCSGEEEIIIYTEORD/g3X7Px/TC4tnXl3Ydzi9qwYAiP+RQvy7MZe/G2SMnL4ECQJVlRBCCCGEEEJInKJD/AMh8gOLS2b+QFXPwTUDgC3+4SKvmuICJAikEYAQQgghhBBC4pesUGqODvFvc9mIwhJMJ6iqPbhiAIhX8W9DIwAhhBBCCCGExCe6xT+A+O8rGaArBoC8CXe9EK/i3wZGACYGJIQQQgghhJD4ITAsEPj+9JsevTx3lPYweE94ACDbf7zE/F8MJAZMTp/QZ3IGQgghhBBCCCGxgxT/M2569K5JJQtUk3GMGgAy8qYvjvVs/wMlZ+xtawPB5Jia+pAQQgghhBBCyLksKZ25fNHlVxvTw0ebw5Wq2IMxAwDi/jMKrl2hqkSBUIgRzAdACCGEEEIIITHL0tJZKxaXzDQWAt4YaQu7agDIGX3DqmBiKke6+yA169J5DAUghBBCCCGEkNjDtPgH75+uLlfFczBiAEjLmboAIldVSR8gFEAVCSGEEEIIIYTEAHdPKl1gWvx3DRvW/fyHe9ap6jkYMQBkFFzPbPcXAaEAGXlXMT8CIYQQQgghhMQA1xQWz/7xtbcbH+g92hSu/M2H5b9U1XPQbgDA6H+8T/nXXzIKrlvOhICEEEIIIYQQ4m+uyB1V+vjcuzeoqjEw+r+6fPt5c+9pNwBw9L//IEcCDCaqSgghhBBCCCHEZ4xLzymG+M8Mmc2BB/G/5t03Vp9v9B8E1KsWIGZzx7sX2955tjXc0VpT3tZ0YOPZSEMVyl2dreGuzvaw2kQSSi0oCQRTssXrtNSMSfOSM4pcS8gXOVNTXnPgyVJV1UrhlAcrkpKztXhnnHj/sWJxzj+WdZIQQnSTP/Herbru47UHn57d3ly1TVUJIYQQQs4B4v/Zm+/bMjY9x6gXvIz7P1C+/ruvb1qomvpEqwGgcMpDQmCad/9va6rcBtHfUrdnfW+x3x8SgsnZSFqYkX/dcl0C+UKY6mDSAEAIiUVoACCEEEKIG7gp/jHy/y87X16qms6LthAAN2L/MeJfd2TzgpOHnpnddHLn6sGIf4D3tdTtXVf9wU+Kxect7Gj/+PyJOhmeM/V+VSSEEEIIIYQQ4nGyQqk5bon/1bu3reyP+AcaDQCfMipi4Tpfe+AXpUK4r1dNjgBDwKlDT8/uEJ+vmrSTmjlpnt+TAXL0nxBCCCGEEBIPuC3+V5dvX6maLooWA0AwlF1kMo4eoh9x87pEJz63Wny+08aF84FkgKmZl85TVd/R0U7xTwghhBBCCIl9AsMCge9Pv+nRy3NHlagmI0D8//DNl5cORPwDLQaAlLTxxsQ/Rv7h9q+qWsHfMeUJkJw+YaYq+o6uSD0NAIQQQgghhJCYRor/GTc9etekEqMzuUH8f2fHpoVr33tjtWrqN1oMAKbc/xGbf7rquTtV1Qi1CAcwkBMAYQCq6DsibbV7VJEQQgghhBDiMzJDKdl3fWLagh/M+FzZz+d+6YVf3/y1rVgeufaOtaL9/rHp5hOle5ElpTOXL7r86iWqaoRwpK3+nj+sn/2bD8sH5Z3u+CwAcP8ffdmDFaqqlVOVz93Z2rB/o6oaIzl9wqz8S766VVW1oTvbtK5ZAOqP/XFp86m3ylTVETBNYzCYnB0MZRUliHJfORI6VQgIXpmDwBkSxfnG64XOO7DPfVdnW7i7sz3M86+f/lwTIB6/G84CQJwilp890ceGRTWfg1+PzQvY5xe/Gfx2zneOQfR9+myksbJbvMoVJKZAn6o/v4f+0il+KzqeRxD+i66YsXjR5TOWXGwO++cPlK8rK9++8miz2YTpXmFp6awVi0tmLldVI9S3nam79+Wn5r5XVz1or3THDQCm5v5vrtu7rv7I5gvOcagTnR1Mm8bq11Y21OxYoaqOo8sAcKryuXmtDfs3qeqgSE4fPyslbcLMpNSCksSUgpLB7CfCQzo7wuLmeHhbpK16D17VKhIFOimh1PySUErhNPFAKhYPqAmDPefRwFOmKxKuhEeI6NxU4DuItNaWs2MzMJLEd4PrQHw/JTq/m1i6PmgAIIMB98IU8exJTpswK5SSPy1RXHfIyaNW9xs8e7o7W8NtLYe3t7dUbfPCfQ/Hlpo1aR7uI+L4ZgZDmUWDPTY+V88Foi4kfjeJSdlFwVD2hJC4Rw/2/EZj/47s+3RbS+X2DvFbUquJx8HvIjXz0jtwH3HqN9Gb9qbKbbWHnpmtqo5wdWHRLIz2X0z496asfNuKst0Di0P3O26I/8NN4YqvvLR+zlANLo4bAPKK7noBc+irqjbcnmfehBeAjgs7Gl0GgOr9T5QO5iEF0Y/kh8NzPnW/0zdJgOSE6Iydqd+zPt47Lfa5RifXZMJOgN81OjStjfs2svP4cexOA8KABitABkusfDfxYADAszYhQf9sMU2n3yobqkG3Nxj9ypvwxRdUddA48XyEME7PmXo/rjed90JcWy3176w707h/kyljgIljw/TLkZbD2+CN2VJvJlGy29jnFfdnnFuT92ic77OtNeWtjQc2+tEgkD36xjL0O1TVM3R0NFY6MaiI30Zm3lWLU+VU6M73r3vjtE5YUjpr+ZKSmYMeeHzuw/K139mxaZGqxjR3Typd8ONrb9c+4B2NU+IfOG4AGHPFsvoEzTdDt0f/bXR7AeBGf/zdR3NU1XF0GQCO7PnRgH5XGN3MGXXDKpNCFMaApprXVsRLhwXoNrAMBtso03zqzdXxPLJhutPQH/z83cS6ASBn9I2r0kdO1x5vCE+R6g9+UqyqjgEj16jLHhpyqOBQvgv7mkvLu2qJaQEH8dZYs2NlZ0SPy6xbx4Z7Rmv9nnXN9e+s13VsbmGLft2GooFi92XgbeKHc27Ce3awHP3rIzkIk1PVAYHw56yC61ak5U41OgW6kwaAm8ZfOu/nc/92SIZZJKX7/8q3rYx1T4ArcgtLf3fHt3apqhGqGusOwe3fqVCLoHp1BAiM9LxPP6Cq2qg78tuFXWdbqlXVNc52NFaJi11bxseEhKSU1sZ9m3Qda3redNE5SHG0c4CHUfOpnf3ORomObO7429YlGhY9OG54qgzPmbYAozEdbTUxmbgQnZaMEVd+K3fMzT/LLPjsPyWnjbkavyu12nXwPYRSC0rSR3z6ARgnhnWfbYvV76IvcM8cMfbWtbnjvvAzeBU5fT0OBT9/NwhF03VPgdHQjtd1Axxb1ug5/6+qagNC9eTB9dd0DbJDfCHgAZDhgAEj0lq9J3Lm+Buq2m9w3eUV3/OH4dmXzjN9P8Tfw3WF48d56Giv2+ekR0Bq5uR5Iy+5d2tq5ic+b/rYcM/AfSxF3C8Q+94uRKla5VvwW0E/JXv0DWX4vZjuq1wMuy+D3xNEaEdb7R4vh9npvDcPlbamQy8P5t6ekTd9ce74O36dnDb2atVkDBh9WurfGfJAFpL5/fusLz47ULf/3gTE/9MLi2Y2Rdoadp88NuB7sx+4IndU6bM3f21LctDM/RVGlb+ePr77rt+v/ZuTrc2O6UFHZwFAbJkqaiNy5kS5V0ajMPLQJTpJqqqFJAPn1En6OwUgHlQFk76x28Qo1oVISs4qggEiZ9xta8+XRM2PQPhnFVy3fNSUb1dkj7mxLGl4ged/RyGxj/guCqc8VCE6CUat6KZBpxIjIfmX3OfZ0ZBo4um78TJylGn0DatUVSsNJ/60xOtJ34ZnTr5DFftNprgv4rrDvV81uQZE28iJX90K0ayahgSEal7x3S+47eGFc5tZeP0K3C/wm1XNviL6Hg2B7RWvuQuRnjt1AZJwoz/j1/PuJgOdwhz9rJxxt6xFH8sPv48LsaT0+hVj03Mc+c0IYRn43ozPP4pcAqopZhiXnlP8+Ny7NwzVUNJfIP6fP1C+/t6XnprbGHHWsOeoAUDcMLXPXd98+m1Hs8sPFScsbxcCIwWq6AsQR6WK5wUPJnR6ICpUk+vgwVkw6Zu7Y+GhiREgGFfQAfPjQ8k2yiDGOdY6MTgePwn/3tjfjZ879n4G900T13TTqZ2rW+q8Hx6FGOyBGG4h/rPEfVFVPQGuKeQTgsFWNQ0KCBG3Deq9wbEVTFq0OyPvKk/t14WQom70jav8eo8G6M/gXkFj7cBITuu/hsHvJF+c4/Rcs/O+6wCj/3d9otTR3wqMAD+b++UNsTRNIMT/szfft8UpQ8nFsMX/d1/ftNBp8Q8cNQAkGhitbm+u8pRLme5EWU5ME2KSzki4ShX7xBb/6BioJs+AfZIdbJ8KG1tcYgTIi+d3oGDUBaMZfuo8Xgi4CaIz7NdOZTT4feG7GapoIf0HosTEdY24/8bq1zwlks8HjCGh1P71O7wo/qOBwXaw15MU/x4VIviOssfctMoP9wqM+nvBM9EJcK+IRe9GncCgqIoXxBb/XhrEGgpXFzrjgdSb7FBKzq8+f78QzP43Argh/lfv3rYS4l81OY5jBgDEsununMD932suiUiSpYpaSEop9Fy21AvR0VazWxU/hpfFvw32zY9GAKvjEhvisjfoPGYL8ePXToxtmIkFN8HeQLTg2PxqNPMLiJs1JUpOHXp6to64f130x23X6+LfZjBGAC+L/2hwbF425nopNMRJYsm7UTd4Pl8sHCfWxD+4PFff4O34jOzix+d8eUNmyDv5jQZKVig1xw3xv7pcbyJFxwwAmKtaFbURaTvpuUzUXUggd6ZG23757WF09jweAH4Q/za2EcAvgtPuuMSauIwGsbL5E8Ux+qwTgxku8FuKRcOMDY7Nj0Yzv4DzmlFwvZHRU2Sm93rcf28u5rbrF/FvMxCh7BfxbwNjrlP5DpzCjuP2029koPh1YMMNklLOr2ViUfyDy0cUaB1ovGJEYen3Z3zuUVX1FYFhgUAsin/gmAHARALAtsZ9G1XRU0TaqrVmxsaUSaroedLzZizGaDRulKrJV+LfBvs6YtxtRuf3HAx+69wOBTx0/dSJscT/vTE3otQX7GDqw9S9E9PrNvjE9T+aC+UB8Ov9EUIZ9w9V7RO/iX+bnLHecUm3BV0sxHFfDN6j+8f5DFSxKv5NcfcnShb6zQgA8f/ja29fc3nuKCPfOcT/d3ZsWmhC/APHpgEcnn3532KKMVXVQsOJrf/sRdfERHFDTcm85POq6jitjfs36Zh2Ssc0gEhamJY7bUFm/mf/Ca6ZSamFpVmFc/4fP4qgpJS8KZj27Gz76Q9Uk6dABzBz5IyYiI/vL/i9Yoqplvo964d1d7apZs9hi/9Y9srojf3d4H7l9jRUOqeaMjkNIAQsph5TVW0g7j98dPNCU89Xp6YBBHKqu66z7UHxjMF1Zy/pOdPux9SnajPfkZx+yee7uloboo+p59jyrlrsV9GK+0RS8ogpZ8Lv/adqco28CfOeTcnwlkeCTnDuk9MmzDrT8O5/uvX81HlvdoKExLTCzs7mmt7XXO6YL/zUi+LfiWkAb5pw6bxLskZOUVVtlIwce7VfpgeE+P/+jJsevXfKZ7RPbQ/Ckbb6f9j2m3terPirsftiQL0OGcSB6nRzxZzEx999NEdVPQXmyM4rvusFVXWc04c3LzxTv3edqjpG4ZQHK5I8fCP2Ah3tDZU1B54o7faY4SmeRv77or2pclvtoWdmq6qnQGch3sR/NLhmTh56ejY6JqrJODqfR7UHn56NKWBVVRvoKOeON+OFVLP/ydJIq75Qtt7Aq23UZQ9VqCqJQ0xdR+cjnp+hTSd3loWPv7JUVY2iWyvEG070hX4w/XNli664erGqagWj3A+8+uv5fzzsTY9um6Wls1YsLplpJPSuvu1M3b0vPzX3vbpqo2HuziUB1OxWdNZg52SgdLTp/dISmMHVNeC5kJnnrYzA8S7+AToQSAyoqp4B7pUjJrg/D7eb4JrJm6DPIBoP4HdkMu7fpPgnBGTlX+varAAwrsXzMxTeN17LxUDcw6TwFKIz8G/XzVujM/HgUDEp/g83hStu2/zEp02Lf+BcEkDNI8mRtlqtcfZDQXfSJIQYqCJxgbS8qxZ7JWYR+RXiXfzbeLET47dcF7qAq6QXDTR+wdTvKHKmptyPcf/E/8CI68b926RxzcsgF4MqkjjH9Gg8pgf82Zwvb/Di9ICmxf9XXlo/52izO96SjhgAkvo5D+9QOOuiO2l/QAylKjpOIJiSpYrEBTCam5I24YKZpk2AjkvO2Nv50I7CSwml4JlB8f8RHGUaHKZ+R3hmna567k5VJcQ4GXlXGXE7jiar4LoVvE9bnlo4F6pK4pjGSFv4+QO7h5RHYKB4cXrAuyeVLjAl/qsa6w65Kf6BIwaABKFMVFEbHW21ceuimBBM9mTug3jCC/MXs+PycXA+vBCiQc+MvskeRS+AgZCaOXmeqd9RU+2OFX6b8o/EFqE0zBhkzoALI3pa7tT7VTXu8ZJ3I3GXsvLXVjRGWo3musL0gDACqKqrXJFbWPrja80MsL1z+vguuP27Kf6BIwaAYJJ+N46uTrM/zIHSpdFDIZiQTA8Al4G7opsPSsQsut1xQSJOuAwj6Uz0gjasU5sZxwudGHpm9A1CAcRvlx3ufgBxkjX6JiMGE8T9t9TtNTriQ0hv4F2HJMqqqp0RY2/hfToKnP/hmZfeoaokjoEYLdv9mpHp56K5ZlTRbLenB7wid1Tpszd/bYuqagMJEP/7ROXWe196ai68LlSzazhiADAxT31Hq7c9ALq69GWJp4XWG5jsqPTGjZjFNiHuG4RQQLbmY399JAezcNQceLIUGWejF7RhHbbBtg3Vr62EUUB9jHbQickqcG/0PSNv+mJ6ZpyfrNE3lPEednGQONHE7wiu/4z7J14hOd1MeB0MbKazz+Naa23Yt7Hp5M7VeC6ePrJ5ob2gjgXrTT4ve5OW8ylfTidJnGfNe2+UPf+h2VAAsPDyq5csKTXjet+bcek5xY/PvXtDZkhv4maI/+cPlK+/56X1c7wg/oEj0wBmj76xLGPkdG2xXF6eAtAGmfoTgvp+QDpyIHAawIHRXLd3Xb14cKuqMSAws8fcWKaq2sFxnqnfu36oUzTBMJgphLkJzwXcI0588JNi09M1olPJxH8Xp/7YH5c2n3rL2G/Yb9MAmprZA9dJ7YFflLrt+s9pAImNqf5d7rjb1pl4FsFw3tZ0YGNrw/5NA+m3oQ+ZnF40C2FApr39jv71kRxTz05OA+gsTkwD2BuT0wLaQCB/d8emhc9/WG7MAAHx/+zN920Zm56jtf+GY1vz7hur/2Xny65MvXk+HDEA5I67VdxYp2m7YUXOnCivObCmVFWJQ9AAMDAwv3n1B48Vq6oREoIp2fmTvrHbhMBEx6X+6IsLnRYH6OznSZGs97fWiBGVmh1GRzbdnJIRHefWxgMbz7bVlIvvrArz7nf16sShUxkQv6FQasG0pJSCUrFMg1u+Wm0MHZ2UC+EnAwA6/HnFdxuZNrH++CtLm0/uNGaIOR80AJBoTrz/WLFuo1ThlIdEf0ffcxTPz8ba11c6cW8waTwHJg20NAA4i65n65KSWStMj8qHI231X/nD+jkmpsQzKf5X7962cnX5duPhFRfDEQOA7gvadOcxXvCCAQAPzY622j0RiJjWmnJbwNiWc0yBGC1iUjMmzXPz4WHSUg4Q+587Xv90PYgJ1u0WnCmEcpYQzKrqOG54CunuVPbFmYZ9G0VnbfVgO5roXKaPnL4kJWPyHSavfx0j5+fDLwYAkx4kbnkw9YUXDAC4X0RaDm9rFwsMaB3i+YN2+9lje/UFxb7CEAtDTSht/Ew/GM3het7WuH8TnqudQlhjQfv5nqvJaeNnISEfwqmw3jSnKp+bhxFzVXUcJGnNv+S+rarqOLqen7qfmTYm+9gZedOXJIrfnKo6xvDMSfMSXPr9RoNrD/eUzki46myHfk+r7s62sLh2tEzjt+jyq5f8YMbnjCbyNTE1XlYoNed3d3xzVzyLf+ALA4Do8G46Xfm8a/HXsYpbBgB0vJpPv726+eSbZb1HLPsDOi6pWZfOy8jHdFlm99+kiAEmBKYJ8W+ju0Nj8vsxZZyxcdpDAyJseO60BSY6mABxsOHjrxiZscEvBoCCSd/YbcIjA53S2gNPlg7mfqsDNw0AQx2pFYK5JF2IGLeTsvbGfq6eqdu7brAhg+KYFrjxXNU9Aq0zTFX38xPfSe44vc8ZN4znTuOmZwHuKS3hd9a3Nezb6JV7rFNcnltY8vO5X3pBt1iOBkaAW3/7+JU6YuUDwwIBiP/Lc0dpfe5C/P/wzZeXrn3vjdWqyXM4Mw1gSO/DQlxQ9apIfA6SylV/8JPiRvHAHOyNEu9rEZ0cfA4+TzUbIZhkbrQXSQdjSfwDfO8QgqrqOBilU0XtmEzMCNftk4eeme2kmyw+C99Hzf4nSyEQVbM2hud8ylOCyW0QPmIqHOPUoadnx1rHdKBII8jBp2fjOhqKASfSWlNed2TzAritm7hu+kPTqZ2r7efqYMU/sJ+rYXG/UU1GSEotdHxEOJpQSr6Wzzfx/MR3ovOZCeD5kZSabzw0zO9A+Nv3FBjeYvEeC3f8v/3DL2cfba43dq8bn5FdrGN6QIj/H197+xrd4h+hDN/ZsWmhl8U/cMQAoJvuzrYGVSQ+BRZm3CiHIvz7Ap8nOmPG3Fox+qOK2knL1SuY4BJsUvzbiE7TCl0dZ1MiU3RYS0y5/tcdeXGhzrhtCBoIRN1iBp3M5PQJroXveAm4JJvKHQGRoju+2utgykN4QDjpHYRzioSKHS5mcMdzFfeH8LFXljj5XBWCswyGwS7x+apJKwnBZK2jzzpGhnG/NPX8xDNT93eRlFJIA0A/sa+7oRoT/QLc8WEEeK/uhLF7ndPTA0L8f3/GTY/eNalE66wX9W1n6pDH4DcGkxkOFkcMAMGg3imeujq9MWUCGRxS/IuOkq4bJSzkpkYsAsGULFXUiow5zdI37SA6L0015ud8Bbie4cquqo5iaiQjI+8qI67sGPlvqduzTlW1ATFTV/X8nbo7mSlp4+PeAIC4/5yxtxsJHcEUY24Y+bwERscxYq9jdA73sloYz1wyApwSAkTX/UEaBqt+c6eqakWIT20eADDWqqKjNNWaSziL31nTqbe0jiaaHNzwM+jP6rzuvAqMAF/Y9PNSZLNXTdpxcnpAfA5yGqiqFhC6cO/LT801kcTQCZwJAfBA4g3iXRpO/GmJ7hEojFigs6uq2khKyjQy6qvblR2dFzdHBWEMQuIhVXWU5DT9o8yhNP1zV8NDw2TGdnT4ERutqlpIThtvZM5vLzNi7C1rTXiPwMhn2pXba8hzcExv3gmIs1NVzxkRytHAOIhrVlW1gPu0bvdz3SRqCNvD7wpeJapqBN1Z+pHsUhXJBThd9Zs7dV93XubhnS8vKdttJqmdEKiBfyiZtfyuT5QMybNzaemsFYtL9M5oYCcv9Iv4B74IAaAHgH+BiDH1oIRLlu4RzIBmbxeb1KzJd6ii47jReemLBk1iU7ebuQn3f7c8NGBI02WYAYlxPsqEuH9Tiap0TOnpNxDaoopawXluqDZ3vcqZQAwZB024nycEQ9qeqzo8wjraavaoojHQD9Z6b07KnKCK5DwgnCoeXP4vRln5thUPv2lmTnsYAb4343OrkIxQNQ2Ir19xzRJT4l/nzAU68IkBIL6TF/kZkyIGD8iW+ne0CttAcLgRAwCmZVJFxzHpungh8CDV0bHU6U4KTLixu+mhocswAxCigQzwqhpXmI77j/eOKozPJq8hU/OogwaDnh0m3M91Tj+IcDpVdAy3rq22lsPbVdFxTPVt/AqM8vEeThXNmvfeKLtl08+vNJEcMDuUkvOzOV/eMDZ9YAnn755UuuD702/SOo3hu6erd/tR/IMhGwB03FxJbGC6AwZaG/XMh2oSCAWdYTWi86KtEzFQxPfl+NzPGJ3X6amRmjlJm3cGcNtDQ5dhxiZkIETDawRDOcWm4v47InUV7KiaNT4D3SO0Nvgbpp+rZ+r3+jbeORAMIW9Pt5NLR1utK26+Ha36/q6ppLZ+xSsDJ17i3boTu+/5w1NC/Oo3AmBmgF99/v4tmaH+ac4rcgtLf3ytvmcupvl75/TxXff4VPwDBwwAZlyiif9oa9Qfk98b3eLFBCGN2XjdMMpciLbmw1o6zCFNiZ9AkmY39vYWPedkIOj0pIlHD4Cc0XMfNRL3L8T/qYO/mqOqcUvkzIlyN+5zrY0HHDdo9qYl/I5xMY5zCcOkqvqKllNvr649+PQcJ5eOVnfifDva/BNfHGt4aeDESxxprq+AEcDEDAH9nR7witxRpc/e/LUtquo4EP/PHyhff9tvn/h0Y8S/Ieq+CAEg/qTNpRumFwTUUEhO15coLdLiLbdgXfuTlKJnJgDE/+tOeurW7AzR6PSkCYay4yrWNLPguhU6Z/SIpqnmz3E/5R9obzniyrOnzcCzxy0hIu7VvhRASNiGgQEnF7fCUnX/3XgNz7oYbhkU/QKMALdseuJKEzMEXGx6wHHpOcWPz717Q2ZITz8N4h/H+d3XNxmbflwXNAAQLeCG2e3SQ1LcqKtU0ZckJg0szmkgnGnYp32EaiDgoarDYyMxpOcc6sgoHY1XOhodotOsy5PG1EwaXiAptaA0q/B6rQmIbJpOvVnmheSeXqC9pWqrKhqlM6J3lBxTkLl1f9Dpfk76BxNiu0Ok7SR/+xehe1h3t6kZAs43PSDE/7M337dlbHqOlj4GxP/q3dtW/stOMwkQdUMDANHC2Y5G10S4n6doQU6NpOF6XMzdNMpciE4N+xQIpiDu03GQn0EVteDWyGVv0NHsjDRqERoJIT0PZ3MEAv1ZEPc/YsLdF3VXdAK4/oeP/Smup/yL5mwk7MrzB9eNTlf5sy4+2zgCSuKVjtZq47M++BXMEPDDnS8vU1UtCOEqpwdcdPmMnileryksnm1C/K8uNzMFogloACBa6HSxs9DZ4c9YRaBjyiIbr4jL3nRpGDXTNcocSsnXOsOAWyOXfRFpY6enL/IvuXfLuGn/u+tiy+jLvn3IUGKtbsb9n4uro9UajawdHXqMcv3hbAcNACQ+6exoqFBF0g9+8e4bq3TPEAAjwA9mfH7V3nu/W//63f9QgZh/neL/h2++vDSWxD+gAYBoga5qgyOo0f2/o61mtyp6CtGxdHy0Ttcoc0JQb/y/W3kz+kLXiB+zTTtL/fFXlnF09iPgJq+KrtDVqe/vd7rk2QC6NR4XIV6mq7O9QRVJPzE1QwBi/XUJfwDx/50dmxaufU9/fgPT0ABAtOCmAcBN74OhojMJT0JCSm5y+oTZXlsSk7IcTwqXEAxpEeq6wjMAhIuXQjQw1VV7U9VWHYv6E2SIYFaP5pM7jc0/7we6hEpWRUIIIS5hcoYAHYQjbfX3/GH97N98WB6TuXUC6nXQIGZ5zCf/sV5VtXD68OaFfp6H1qsUTnmwIilZz4izm98ZRPSoyx7S4rLV0d5QWf3BY8Wq6jh5RXe9YCpjeKxzZM+Phnx/i0bn7wpgfu/aQ8/MVlUyBPIn3rs1OaNIa74Gt7Gn/PPj6L+f79EXQ+dvL1afq8Dp+3WsMm7a/+lWRcc58f5jxX71JtJ53dUefHo2Zn9QVTJAAsMCge9Pv2nVoiuuXqyaPA/E/1f+sH7Oe3WxO/XmkD0A6OpNiHMkJCRrdTEngyeo0TsDuBnfS/yHX8U/IYSQ+MHkDAFOcLgpXHHrpsevjGXxD3wRApAQpCgi8YHuGPN4wulwioQEvd+Nm/G9xF801uzgfP+EEEJ8g4kZAoYKxP9XXlo/52izf5OJ9xefGABSKIpIXBAMxc8c6X4joNkQSUFH+kNbU9XWhurXVqgqIcQYH5/uMzGUXYwlKTW/tK8cN04vakcI8SUmZggYLPEk/oEjMVc6Y8mB6OysbKzZwQ6PwzAHwMDRHV+qM74v3nA6njGz4LoVWYXXL1dVx2GcoXPEag4AP8f9R8McAIODOQBMA5FvHXsoffysUErBNFGegNl6YKwPJsaWxx5zAPQNn83OMy49p1jnvP0D5d3T1bvvEeK/MRI/Ye30ACDEI/B3Tgi5EA3HX+WUf4RoJRAIBFNzhudOXZgz7tY1o69YWjfqsgcPjRh325qMkdMXI0lvaHhBSayJf0JM4qUZAv7vgfJ18Sb+gTMGAM1TVwWCKVmqSEjMwlwX3gajQKqoBZ3zhxP/g7j/1ob9G1WVEOIogQBc7PMnfmXL2E8uq4PgT8+duoBCnxA9wAhwy6Ynrlzzrntz7EP8f/f1TQvjTfwDRwwA7LgSQrxGp89mKOnWbEgl/uZMw75NqkgIcY5AVsF1KzDSn3/JV7fEYugQIV7FzRkCynZvWwnxr6pxhyMGgLMdDVqzVyclMTEaIWRgUFCTWCJ37G1rVJEQMmSsEf/CKQ8dyiy8fjlH+glxD8wQYNII8FLV+xvLyrfHdW45f+QACHkjSUQ/QMIYXQshhJA4BXHHGKlUVULIIEGMf17RFzdgxD8pWW9oFyGkf6zes33lz3I/FV4z+uruNaOvGfbRq718VF8bVUd57ZjPikW0jZphtYnXnm1GRb1Pts/oXt8Uifukjs54ADAp0bDUzEvnFU558JCuJTVz8h3qTxFCLkLnWYYlkdgjLe+qxcFQjmsZ7gnxO0mpBaUFk76+C8n8VBMhxAN0dw8bVtvZGW5MGh5oTEod1pCYIpbk7sbE1GGoN4l2We9ZlyLbZTmYLBaxXShNbtOAbcU6+VmhVPF5altRr09M6W4LJsX9wKojBgDdrrZ+sNAmpeaXYEo9XQt9AAjpP12dERoASMwBN+URY7/AUABCBgFc/kdOvJej/oR4kMycwqKM7MKibiBbAsMCgQTxj1XuQiPqAuQOsMuYrROr0Ga9VdbtCjaQi70NPrX06vl/n5ySHtdhP44YAEwk29KdgdvrdHW2N6giIeQidEXqOVUaiUmQpCwj76olqkoI6QepmZPvhMs/Y/0J8R7JqRk5t3z5XzZItS+FvfUqVL6l5LGREPrAKottZDuEvWxXBgFb6Ktt1HpZl1j1jOzRE794f9mWzOzCuNWWjhgAOtpqtc/jGAxle/pL4hRhxAfY98V4WAiJWTIKrlvOUABC+geuFczpr6qEEA+RmTOq+J5v/WLXyMJJJV3dXUKfC5EehWUIsDt2EPtK1EuBL9rFe3o6fQHxZnuRdWv9R+/Di/g8wchRk0u/eP+quDUCWCdoiED8jrrsoQpV1cLpw5sXnqnfu05VPUf+xHu36pw+5sT7jxU7nWuhcMqDFTK8QANufl86f48d7Q2V1R88pqXjrXO/I2dqyptO73RtrlXTdEbCle3Nhx1N8pI9+sayjJHTF6uq41Tvf6K0o1W/MTUe0H0/9gLtTZXbag89M1tVfYVf79H9QedvL1afq+DInh850h/tDQaPRk786la6/V8cHf1MU+i87moPPj27vbkq7pPG6SBv1KTS+fev3pKSmpHd3SXFv6XclX5HWyBBCHa1DpYBuYk0DAQCEPLW5lYbKtHrsU6ithsmPkuUrToMCN1d3eGGExW///X3vniq+sO46n85dsMdc8Wy+gSNrlVNJ3euDh9/xbNuj4WTvrE7aXhBiao6jo6HIw0AA0d353LctP9j3aQcJnLmRHnNgTWlqkoGQWbBdSuyCq9frqqOw06Gc8SDAQCEj/1xadOpt8pU1TfQADA4aAAYOLnjbluXljv1flUlF4AGgL7hs1kPl5V+YcENt//TmmEJUUJdgVAAKfp7r+vqtgwC0gfAQnaabScAsT3a5Xtl3fISUO4DFtLLQG2o6Ozq7Przyz9ZVv7Gc3EzUObYNICdmhMBBsXDRxU9STCUqW3/mNGcDJVAcDjjHoeI7mSnwSSOUJGBwVAAQs5PWs7UBS6Kf0gOHQshvmfG7K+vuGHe/14rBbpQ4pYXPxS5tUDgDwti5F8Je2kQEGWh260GbCN0f896gTIWoMHexn4fUFXbC0BsYn0GloSEYMJ1n3to1YxZC7UN8ngNebKcIK/orhd0TqvitlX/QiQEU7LHfPIf61XVcXSN3tIDYODo/h3q/E50jbDEC8NFZ3LE+NvWqqrj1B/749JmH47mehGdo0HNdXvXdUbCVap6XkIphVNTsyffqara8GMoAD0ABgc9AAZG4ZSHxPPUmGG1GwmxO87UlHe0Ve+JtNXu6Yw0VGJR64cMBsLyL/nqVlV1HHoA9A09ABwkEAjccMc/r5lS+oUFctQ+aoRfeu53dkphLum1DnR3Wl4Bclul/bFKynm8yvVq1B8ghACGBLsddfGKdwai/z7+FY3wHNjz5nNlO17692WyPYZxzANA3DQu2iEaCriJB4LJnhzFxBSAqqgF3SOPxENo/K69ev34Bd3XYaLHE50SCyHA1jfW7FhxsaXu6OZFXZ1t2gzDNuj0clYAQs4Fo/+GxH93W1PVViES51S//9jEk4eenhM+/qelZ+r2roNoPBsJVzq1ILeN+puE+A5k+v/bB9buunTazfdDrXdDmGMFyhilRzkYDGDkXy5oV81dQsBb663Rewh6WRf0fIYsW5+FJissQNQ7xSs+V/0Ne70sw2iA94ptUIaRYNo1X176pW+t2YUpCbFdrOKYASDSWqM9eUIotVCr0B4soRS9+wVLsiqSGOdsh74HPEZwVJEMgrMdekdGAsGULFX0BGJ/shND2cU6Fny2+jMxixD/4bojLy5SVa0wFICQc0nL+ZR21/+OSF0FhD9EP8R+FwdrCOmTjJxRxV96YM2uEaMmlUjXftVuC3cgBXmvBYIcAh2j+Kj2tIm69AKQ77c/Q2xiGw4g9vF3UMYrPADwnmBQtmEbaz/kx1rvQ1m9N3/MpaXzF/z7llg2AjhnAGjR7x6TkjZei3vPUElOHz9TFbUAy68qkhhHiIYGVXScJM2GqlinW/NUnKGUkZ76fkKp+SWjLnvwkI4lq+C6FerPxDStDfs2tjdVaXPZtcHc5iPGfoHTnBEiQOZ/Xe7gNpHW6t21+9dcSddwQi5M3ujJpXf/j3W7MnPHFA3rkt76lgCH4LZH6SHAZRuwhHhPHe+BMLdqUvBbr+dijeyLdXDrl4JegDLaIfZhFMB2altr+6i6erW3Tc8dXXznon9/NQ9GixjEyRCAyi7NyeqS0/QK7cGSqFlYdbRxarB4Qec0cAkMARgSuu9x6LSqoidISNA3qwtGx1Ux5mEoACFmGZ45WVs+KoCR/5MHn57DEX9CLsyU0lsWfOmBdbtSUjKypcAOQpBbRgC5qHh8UREvGH2H2BdVuORDlEP4i/fIbe061tvb9rxHNErhjgz/ok1+JGwAoizj/K31PUYF8XdhHLDeLz5X7UfPtlgHI0DmqOK7H1j7l6nXfFnbFNBu4ZgBAHRGGrWOVKOD47U4ZnTadceZRVqraQCIE5BESBUdJym1cJoqkkGi8x6HUVzd+UQGgs59iScDAAxHjTU7HlZVrTAUgJBhw1IzJ92hilo4dfBXFP+EXISrZn9zxZz531srRbsQ+FJsywWIV2hxrFOiXOh4y0AAAQ6xrsS4jOEHcjuxoIYithXa3VppNUsjgLWNNCDIWQKwGUQ+jAr4LIh91LGd/BzlLYAdEA12XgDZLpZAQkLCtZ/7+1VXzf56TM0Q4KgBoK2larsqaiM1U99MA4NBd1gCpgBkEsD4QWcoTXLaBE+G0PiJSFu11nwcXvqOQqkF2gxG8dZ5bjq5s4yhAIToB7My6XT/xywgfs2UT4gRAoHA7PnfX/uZOYuW2+LcEvMKUZTCHGJbNckQACnIE2SbjNkXZQlEPUb5MWoPIOiFkG9rbwm/tX3Nw1s2/WjRB7t/v14KevWZcltUpfeAKOAz8D78HflqjfBLgwB2TbXJssT6LKsulmAwcNWcb6y49vP/8KhcHQM4agAwkQgw3UBil4GgO9HMWQPnlHgHnW7mXp5Jwy/oDNEAXvLSSEzSF5LQqTmhohcJn3jFyLRCDAUg8YxuL6rmU2+uVkXjBIL6wrIIcYLk1Myc2xf8ZAsy/UN4Q2Rbcf5ClOMVQjshEJBJ/VCG678S2bYxQNbFgsz/XaIq32dvj3bRBvH/3GNfK31ryy9W7Nv9+3VbNvzLgq0bfrRQfob99yDcYTgQdWlwkN4FaBdgtN/+THgGyF2wPl/ut9oOn9RTFp/xqb+5Z+ndD6zblZE9yvfJAZ31AGjcv1EVteGlMAATiWbaWg5r96og3kKnm7nXPGj8hu6Rn9TMSZ74fjCKljS8QGMIgN58MV4EBvKG6tdWqqpWGApA4hWdszJ1tIcrdRuBL0SC6HSqIiGeIyNndPH8b6/fNfqSK2f1iGuIaVG2Xep7jABieyx2rL0syzABJbbxfvUZ8n2qXSI237bxR4uawifO6Y99sPvFdW9t/cVK++/ByCBj+sWrNYsA/hd/WxoDoj4b+yA/XNQFcn/kfsqqfI8E24r2EaMml9y+EDME+NsI4KgBAHGduEGqqjYy86Z7YnTDRCbr9pbDzDAbZ+gMpUlOn+DJRJp+oV3zbCdw4RbfkethALpDEdzsRLtJ86m3ypBATFW1gd9Rzui5MeOqSEh/CWqc7rajrcbVKZl1TzlNyGAZMXpy6e2L/mNLZmbhBEs5Q2jDjV8JelvkwzXfjrW3hbYS4z0J+LBIAa4MBShjQVksb29b83DF+9v7HHB+e+svVr7zX/+5GtvDU8AW79gRfIL8EPH34F3QkxNAeSHIv4X12DZ6kR4C1ufIfRPvz8gZU3TrosdehTFArfAdjhoAQFvj/k2qqI20vKsWu+0FgNH/UJp+McUEgPGHzlAajDB7LQwgNWvyncNzpy50ctGVUd+EkTMr/1rXE82I70SbJ0LkzIm4vafh91N/5PeLVFUrqVmXzsO1paqExAWJoawJqug4nS7H/us0bhAyWKZceduCWxf9x6tpWYUThiVCzAshDb0s4/DxPypisUU2RtzRBOGPhHwQ5lghNLlMwAd/fbTLPACiAWW8TzS/teXJFW+LRVT7RnzEn/9QtvR41e7tPYYGuQjU35f7FAzKfZBx/2pkXxoalMDvaZP7iZ1Q78U6IPYpK3fMRExvOPWzf+vLkDvHDQCtBsIAMLqRVXC9q53ktJxPLdCd/b+9qXIbEwDGHzoTAeLaScuZukBVXQdCPa/o7g0jxt22xslFdAK1XZvi+9EaloOwIl0GjP6Av52WO1VbbpOzHY1VqhiXYN7wppNvlamqVnLG3romEEzOUVVCYp6EBH0GbrdnL0kxMOhEyED49Ny/W3H9F7+/NjmUnt0jsG3RDaksxbsoQ1CrhHuyHeLarsv3CLCNqNgJ/GQYAOoCJOGr2Ld941+2PHnxMDqx/Uu/+l/zmxuqq7rghQBhj8+T0l18JD4TRSnm1d9HGX9fbSux16t9lseBV+QVEKutsIZg4JrPL37003O+6bsZAhw3AKBzo3OubJuMkdOXJKcXzVZVoyC2MqtQvwGC8f/xCeLMdY4yD8+crHWKpIGgaxaNzoi+89fWrD8sJ7PgOtceJroTm3YwsemwxprXVgoxUa+q2pCzAoy7jbMCEOIAyI2iisaBYVZnXhZCBkQgELjmlmWrPj1XCF+I5sSgks1CJKMOFW0LZWuFFNQoQ93LFapuGQXwPrFpjzu+er8oBxISAg2njx7a/psf9dt7LtLaVP/bNd+e09RQU2VPLSj3RZSkQQF/QzSgbO8DgHdCT+JB7IPKSyCR24gF+40i3o/tRP0zc7+x4ppblvgq7M5xAwBoNRAGANwY3QgEU3NGTrx3i6pqpbVxn3ZvCuJNdIbSYITZLeNZb1KznDdGYOpMncn6TCQ7Tc+dusCN7widzOE507R6iDCviTWSWHfkRYYCEOIwCRq9pwLBlCxVNI6JnFOE9Adk+r/16/+x5ZN/c490fYdAlu76UtALZSxH/UWrfBXrILaxoRLhUmDb4h9lIaLlggryAGB7Jazx2hg+XvG7NQ/NbW9rGtDgclP98Yo/Pvu/5kfam8Ly87Bv9v6hrgS9jPEXJbnv0SJflOT+wBAh349trGWYygtgTU1ovWfqZ7+ydP6DT/tmhgAtBoCW+nfWqaJW4IKfP/G+LeaMAIHAiHG3rNHt+g/czjZL3EV3KE32qBtct1RCbEKcqKpj6J46E+IN4Tmqqg03DJzoZOq+vzGviUVrw76N7U1VW1VVK+q3xAzihAyBUMpIV0bg8aw0kXOKkIuBTP/zHnxq16iJn5Hemz3COVrQi6p0k5e6GP9Yrz11LBjtVyP8eC9EufwMbIft1ee1tTeHX3zi23OawscHNahz+vi+3f/1u7Jlcj/xN/H5Qszb+40R/wC8F6ydswwPOB61TRfeg5wFWGevx2dgvxVIWSCNGqItb8ylpbd+46dbMrJHe94IoMUAYCoMAISGF5TACKB7yiOM/OeM+8IaHYKlL0wkUyTeRfc1hOvG7REFXX/fROhMa+MB7dcnhPjICXdtsJ6W+skU34fO2H/AvCbnUnd08yJToQBu580hxARdGsO/QsNHlbhhSMvMu2qxiYEnQi7EiNGXln7hGz/D9HcTbCEPkSwFPEQz2lAUZTkFH9qihHP0glW2az6Q+huvajQedHZ1de3Y8MNFgxX/Nvv/8uLaXdt+8TD2swsfjv3F/sn9sI5BLtgHrLPbsF7so22kQD4BeVxoh1EA26EMsI0iI3dM8S3f+I8tXp8hQIsBADSdemu1KmoHYgZu+ZYRIOpbcAh8br74/PTcEmPJ05pP7TSSJIp4F93XUGbh9cvdCgVIy5m6UJfYNOFi3lK/d50JIyfCNXLG6fYECAQg/k3kNTlDw+Y5IFSlsWbHw6qqFTfz5hASK5iehjo5fcLsdHHtqiohrjD5ytsX3PJNIf5zMLIthK+QvXLBCLkA4rmnDXUljOU/SMSXIBRzMGiN9MMF3zYKyG0g2yC6LaEdCCTIdeVbf/Fw5XvbHPGG/cuWJ1a+8+dny/An5D7Jv2ntp+0ZIPdB7ROS+0kjAbZRS49RA+LfPm61z3hvl228EJ+VkTu2eP6DT+365N/csxhNXkSbAeCM6CCrohFgHR192bcPobPsjCFA/AaDqTkYpcTnwsigVmgHo2Q6Y5iJPzARaz5iwvwNur1nepOUWlCaNVpPCALi/+E9oaraQBiAqWR2yAdQMOmbu3R8T9KzSXwXJsQ/MPGb9htNJ3eWMRSAEGc429GgdZYRk9NQ456fM5ZJPIm7XDn3gRXX3b18bSglM1sKe1sYQ2ahjER5okGOiKMdixDJaJWCGKJfrhP/ScGt2iG45ctH70MZc/Tv2vrkyl2v/vziGf/7i/iTb/z+0WUnDu3aJg0MaBJ/yzJIwMVf1JWhAiP9cl8g7rENXrGv2E9RlKIf5ehzgU+0DQHWm8U5CAauvnnpqivn/p0nve+0GQAgYE3EyfYGnWUI9ryiL27AdGcfGQPspS961knRj3nE8yd+ZcvYTy6rwyiptY05WsJmcigQbxMRAlP3NQTXYHjPQJSrJq1gNEN664i/q5ocpbXxgDGB2VD7unMPp4tgGzhhkHTKwInvomDS13eZGl2iYfP8hE+8skwVtYLfEUMBSCzTpTnEyFQ4DZ7J8tkcA67/6FcnhrKLdS7qT2khlFJQiuelmWX8LCzqT7tLIBCYcev/XFV6gzXF3TnJ+6K7IFLsS01ttatFzuUP44BcDUcAtQ2EMhZ7O7ShDJEtRPWB8hfXOyr+bbq7u1955jvzG+uOVcq/GX0scj/UvmC/ZRsqgqiytAygjvAFeAnIddZ75Su2E4u0IUgDQTBw5Q1/t+LqW5Z5boYA7Ko2xI95Vv4lXzUysnEhImdqyjs7wpWi81mFkTu0wUqcmJQ1AWVM7ZIYypqQmFJQkpTs3vzboCNSV1H9/k8nqqpWCqc8WKHreE8f3rzQtBeIDeaAH3XZQxWq6igd7Q2V1R88ZmzE3OQ11Fj92sqGmh246cp7oMMEhHhdrtugVnvw6dkmPABs8ifeuxVu+qpqjOa6vevaGvf9tq35yLZudU+zkI+nKPB0+gh0LFLSxs/EKJYuI8z5qDuyeUFL3d71qqoVnd+Lrt+YqTAMUHvwmTntzZWuPZtj6R7dG52/vVh9roIje37kSH80I2/6kuwxN65SVW1Yz0sYgXvfc4dKIJAh7s8ZBdcuN32PPvH+Y8U6jLS5425dl5Y7TWt+mVjDqethsIRSM3Pm3vfIhlHFn5klXfgh2KN+6XbPAmP5AVTEOnu1rMqKtU5uY9XEf1iBf8WrGmgPqBF4cOrYvt0vPfmtOZEBZvwfCOk5iNH/2Zb0XCtRn5zBQAAXf7xGY+03jsk6Dht7Q9mGgxHHYG8rD160RR8XOH103+5Xn/mf84ea08ApPnawTuNWB9mvmOwk0wAwcNzoXJq8hnB8TTWvrWypl7/B6HvXIJD3Qyk64caoeyTDpPHMxgtGzr4MnDYwbmLqqlBKQUkwlFlkukNpg1lNqj/4ibHrxo8GAHxX+ZMX7koK5Wo/T7jOaw48UepWQkYaAAYHDQAXx+Q9GYbYxprXH+6UiQej1MGggFfW+FlZ+df+wK0+Mw0A3sFNAwAE8s1/h3j/MarPJnZFTvMnBK34lfcIfCHgAzKRn1WWr9DBWN8p1sEzAO3Rr9haTRmIHqYU1iiI9Y3hY5UvPfHAnOZ6/QJ5xBgkNHx8S1IoPUv2dK2jsIwAoi73CXWxWCWBPN6EAAwG9qsl/MVb0JaI9/ZsLYFHg/WZVntj/bEKHGOTgWO8GNpCAGxMusn6HQgYU+Kf+AfTrua5429bWzjloUMYSUlKzS/FLfqj5UJY28DdD65s2aNvWDX6iqV1ojNmxI2xqebPxu81EIJuhDpFg/wkmJ0kY+T0xRhBjl7QhrAobOOW+Aet4Xd4X7sIMN7UH/n9IlXVCkMBSKxiKjcLsENOkXvKelZCL1zsOWkjtwvAfR3PWoSd4lnJATPiJlL8C2GcnjO2CCP21iKELESs6gbK8Xz8DxGMgr0dRrwBPkhmz8er9T7ZZr83GJSZ9LEeUQF4Q3t7Y9iU+Aenj+3b/cbvHl1q75+doBD7gv2S4/li56x0ADgQbIPjFeC10zpM69gFog25C+xjlecD7fIzYU4QdfFZGeL8fq4nmaK7aDcAWB1kMwmO/I4bAoZ4HzeuIQgEuFEWTv7mLiniRecEnRy4KaOzgjwZ9oI62rEeMeWjpvyPQ+jIQHyaEp1uGs9o5Lww1nezh3lN+gGu9aaTbxmZAYazApBYBIY000ZZGALwrIThHPmn8DzEsxGG8OglNWvynWi3n5eFUx48NOqyBw/hWUvhT9zGGvl/fEvaiDFC/Fuj13IFXiFsrZrCErgQyj0580SbTKqnxK4UyUoQS9GMV7TjVWyHZHzy/eITXn3qO/ObDY+KH3j7t+t2/+nnK6UhIlq8y2z+ar9xTGgXL7LNalTHhBwA6jxhMxyjWGHNKiDWi/fJV7nSfk0Ylpk9pmj2vY9sQIubaDcAAFNzHfsZjv6TC+HmNQQRj84JOjkYVUZnZcS429bYC+pod3Ok2U3jmUnR5kfw3TD5X/9prHltpalrnbMCkFikreXwdlU0Cgzn8MbC8xDPRhjCo5e8ors3oN1+Xrqdc4qQHoQSL7nxW8vTcsYUydFviFVL0Fru+gIpjm1jAMpiHcS/FL7YRr0P28gRdbSr98hFlOVn9by/e9jZrq6ut363aln1obdd8aTc/erjK9/771+vlvsqdx/HrWL3sa/yGFCz9jmQYM0g0HNs9nmS68VibWy1y+MUC15Fa7cKl4CnxIixU0pLb/jWCtTdwogBAJ0/U3Md+5VTB381RxUJ+Ri8hs6PF4xnEG3YD1UlCho2Bw5GMOuOvMhQAEIGSXvLYVfDsggZIlJEmuSSK29fcEnpbV+DaEW2f0vMC4RYtea3F3UhfqXYVSP7MqYfbv9yQ4hd8fxSCQMheDHaLbcVdWkQEJujWZoCUBbs3fLEw++9/sxqfIIriH1488VHllW9u22j8v0X+6iksdpfHIeN3H8l7s/BrotjHZYojlWA84ZX+R6sx+eJFyt8IDDs0s/e8/ehlAzXDPBGDADA5FzHfkMIO46QkYvCa6hPur1gPINoMxW/7Sdo2BwcrQ37Npq61hkKQGINL+RmIcQ3BAKBSz4jxD/i1VFVYl6OXsOdXY5wi7pcKdowQg5PAAhhuS3ErVivRv7laD+2s40BYqWM9Rdby+2xTpTe+/OvVpe/8jP3QyjF7r7+m+WLTh/fVy4PBMei9lEeLzYRByDb7FAB8WodozpWsZEsi4K9ThoD8IpFrhPb4MMTrXOUkpKZc/m19xqZhrkvjBkAAEMBPg5GyBqqX3PVDYT4B1xDHGn+iPrjryzzivEMnU41jSIR0LA5NEw+LxkKQGKNptNvuzeqSIiPSM8eXVRY9JmZEKW24IVOlQtG+GU76hC+QsdCzcNYAFGrtpWvomB7AMipA5VBQYL3iPX2dnXH39+988VHlsqqB4icaazf8tSy+cjObx0TDtg+LgGOyX7FOruuxL08P73XiTf3vF+er4+q2AZvGn/FzNtVi3GMGgDQGTxV+fx8VY17IOQ4QkYGAq6husoN82lIEx28U2+WNZ/c6anY+8bq11ZgaihVjVvw3dCwOTRwrZsK+2EoAIk14EUTaa3eraqEkPOQO2ZKSY9ohUiHsIfQtwW7EqtyZBvbwSgA8AqjgNhEKmCsw7YQvrb4F80ytt6eFUAszaePVWz95T96Tgs21x+r2PLU0vntrc1hefxS3GNwH8eI/9Sx4h+ss49dHKtVjl6sbXrqomzPItBjOBHnJLdwSolbYQBGDQCAo2Q9dMNlmCNkZKBEWmvKw8dfWSaK8h4Sj6BjFz72J89Yj6NpOP7K0njueOLYG6t5j3cCk2E/DAUgsUb4+J/wnIwVpHbotRAyZHJGXTpN/piU+74UtxDzeMWikOIfyDaxICeArFqv8jMwym2/TywQv9hWvop1jXVHD738xDeMTfc3UOqOfbD7v57/wSKIc3mMEO04J/IYgHhF5kNRkrH8EP+CLmvlRyD/gVhjN0vRL7e0PlO+SuMCZhFxZ0pA4wYAgFGyODcCdCPJE4whqk7IgGip27uu7shmxJz3vu3EPBCYJw8+7VnPGeQDOHnwmTnxaASAV9Ppyufnd3W2h1UTGSLhE9LYZwSGApBYIlZmaEE41ZE9P0rovXScqSlXmxAyOAKBQFr2qAn29Hxy5N4e0RYN9gi/FPRKBEsxi9F/eASIuvWvVLdCVcoNJfa2liFg2LDOQHf39l8u+2KzR8W/zeG/bnnhrc2PLO3Zf+m9AM0ujgOvSGiIcwHjgN0m/pev4tThfcAyfqBd/GMbFPCC9+JVGVmSUjKy5IaGccUAAOLYCNCNuGXOi02GCowACKmJp3CAtqaqrRD/XheYthEgnpI2wuBRu3/NlfRqchZ4/DRUv2bkWYlQgMy86a4lJSLEafw+QwvE//nCqdpaqlyZ7pDEGEKG9ox0C10qBb7VbiFEak9dClcro3+Pl0D3MDm6Ld4kXjFNniVw5efZoQDiI/+y+ZF/rJOJ9rzPezueKkOCQhg67FkAes4LyjhuvKINx6lOlsz8j2O3T57czlowu4LlPCDq6rPk51nzLhrHNQMAiDIC2Oc01pEj/16LWyb+BXGONfufvDIOEgN2I6785CHvi38bGAFqxf7GwT2uu7l+7zo/GGb8SvOpt8pMXeOZhdcvT0otKFVVQnwN7sPIteTHZ+SFxD9ob+Z0h2SICB3aHD5RCcEaSLSMAPJV1OUihaoS83ab7M7g1erYSJEs6lbCQGTJt9rtqf+gevf86WcrP3j9aV9pn71/+unKg3/57Tp5jDgOZfCQxg1xOnrapJHAOjcfnSN1bqKWYTAO2HV5rrq7Oz/a1DiuGgAAjADxEM+Mhw+EGkf+idPI5Jqig9Ma3v+CqMbcddTZ2VYPrxmvxvxfDNzjEK4Ro54a0qOp/vDmhRT/+oCIMTnNZO7Y29aoIiG+x06e6ycjwMXEP2hvYRgpGTr1x/ftsVWoXOxeJIR8dII7GAGkxrVUqxT3WLAO26IsR/yj2kTp/dd/tXrvKz/1n8e3UPlvb/63ZXXH3z/Ha8E6duUVIMvW6D5A3WrDIv6JXqSxQJwfUZTnEnWxYf3xD/bgLaZx3QAAkOjoxPuPTYzRUcxuuC1DoMGVU7UR4ijSCFD13HwY02LoOpLXTu3+J6/0u9cMwjVgAFQzBMjng8/phsu/PCZ6NBnBZDxzaHhBSVbBdZzFgcQM6H/5xROgP+IfwDDY0R5myBUZEjWH3pKGJCnc1ai9HOVGXXoACIRYtUf60SCFLl6xKO8AueB90lBgbVd39L3db2/+V18O3gBMD7ht3dL5TXXHpJcEjhsj+ZZxA6dKHa86dpwn6dGPdrGpPIdqUZ4DVsgAzqdoq614a3uktcmVwRNPGAAABEzt/rVXqg6OPMd+xx65hNsy42KJCWBMQyfH70IT107dkc0LY+nawXHUi2OCN4DqhPry+7HvazX7f3EljZpmQTyzKU8ShgKQWEMayr39fOzur/i3aWvcv0kVCRkUEKDVh97eJrPaC2yhK+tylFohBKwc6VYCVy6IB5Bi1rqgPhK3oj96+ljF9l8u8f3U7y31xypeefzrc9rPNIaloE8U5wQHCEGPDVSeA8T34/i7kBxRrrDOkb0OLXLWACw4x6Lx4Nub18t2F/CMAQDAmhk+/selUd4A1gnzHzEzckn8hy00cR35zBDQDXGJmPlqse8tdXtduzHqBN4A1e//dKLPDAHnfDe8r7kDnpHII6Oq2mEoAIk1+jDEegLbsDoQ8Q9ohCVDRsjVv/7xPx6GXrXEv+iSKA0rFzVdHcStHPGW7Ur8Rot/jIwrMdx46mjFq48vmtPi8Yz//aWl7ljFa8qYIY896jz0GEPgIQGDSWKwZ3YAuY1a11PHuRXllvoTFYfe3kQDQDS4Qfuwgwws4X/w6Tkc9Sdu09sQ4OFrSV434eOvLIW4RMx8PMSTRxsC1GwB1vPEW8Tld+NlkPjT1OwSDAUgsYqcRefgr2SSVpefjUMaMIowDwBxAIQBfPDnp1ZbSfyEUBVC3koKKK4LCFuIWFv0Q/TKF1XHNlgwMo6RbqFvX39q8fyW+mMxpYFqDu7c+pff/pucHtDCOg92XQp9vOIfe8Rf0bNOeUzAJeCVxxfNlY0u4UkDgI3dQcZUZ17uIMNy23TyzTJb+Ptmfv+AuNA/OqdOL27T1z4NfbHOma+wDQG22ESyQPxmxSq3jkWeS3S60Pmyr5umkztXx6O4xH0OswXAUOMBY0AsfTf2OXR6cZ26oz1JJfvaP0eXtJHT/yEYyi4SZafp8+8NefHGPfrj++XM4jZ97ZNTi3HwbIRRE9OX4t6LvCai2cT+yL/hxIAR3hdlwBjqogUoQvkSH4s/gRfAKz99uCV8vEq6/gu9aocAyBFr0QD3fznKD+GPBWW0YXQbc+WjLP4VInlZ/bEPYtIz5YMdvyx7548/XYnzYX3h6rULpwRlceIg/qVnhL0Op8kqAxhZ/vv/fn+R2wYSyyThExJDWUWpWZfeMTznU/eHUgtLVLMbxwDRH+44U1Pe1rR/U0vdnvV+FC7iXM4LBJOzVdVRIs1V2wb7QBsqCcGU7JSsyfNU1VG6xffe2rB/o6r6muT0CbNSMyfdEUopnJY4vKAkKM6bWuXkNWXf8zATRmWk+ci2jrbaPeIcbjobYfKi85Egrsvk9KJZyWnjZuL7Sc6YMEutAk59PzH73SSnj5+lSbS6em+LRucx9qZT/B6cnHIslu/Rsfrb0/mdgTN1MlzNdex+ZmrG5DscfC7Ke62ufqNTvzl4F3Vr6MvieZYQTNXS14xV3HoGp40YWzz3gbVb0nLHFuFHK3/0+Ef1FnraBBjMDoj/ZGgAvASEsN31239dum/HL1erTWKWT9704IqpNz24XB47jB+d6hUnyD4fH52oYZZxoHtYe2tD/a6N/7q04u2Nroe4DuWG5iq4SUPAhNImzAyl5k+LMggAJ49L/uztG3dHW/We1sYDmzpaq8vpCktiiVCq6OyITkRSSn6JuL7GJyZlFwUSk7PRFtUJuiAQkt1CLXS2N1ae7aiv6uxorIy01uzh9TJ0or8f0aHKSkzKmSA7VskZsuOXFMrtswOI7wSv9vfS1dUaFiLi8NmOhsqzrTXl6GjwuyGEkI9zvudiQDT2dc9FX7Gr80y493OwvblqO++1xBcItXrlHf+8avJ19y1WLecgxWyn5WkVQEI7obia6w5XvPns9xbVHtwZNyEpxVfdueBTN357edqIMUUyZwKEPtz7JfL0iBuCaJXGke7umkM7t735n99zfeTfxrcGgN6gI5yUWlgibtbTgkmZRdGd44Tg8Oz+CBi7o9zV3iRu2uHK6E4yE60QAsNb36MMHM0nhBBCCIkN0nLHFH3ypoeWj/nk3Hmh1MxsWzFC/EPoQvCeFIK/4q0X1oklJpM29wcYAoo/c8f9BROnz5Tx/ZgFQIh+nK5Ia2O4YufG9UfffXWj14wjMWMA6C99CRiKF0IIIYQQQgg5l5wxl5UMzxldJA0Bgo62pnDNh29u63BpDnuvkjN6SkmSOEcdQvhjesVYS4RICCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIISTWGTbs/weu4URpsmtERgAAAABJRU5ErkJggg==" alt="Checkmarx logo" width="192" height="32"><div class="container"><div class="report-header-footer"><span class="title">KICS <span>REPORT</span></span><span class="timestamp">04/28/2022 11:02</span><a href="https://www.kics.io/" rel="noopener" target="_blank">KICS.IO</a></div><div class="run-info"><span style="flex-basis:100%" id="scan-paths"><strong>KICS development</strong></span>
+<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>KICS Scan Result</title><style>*{margin:0;padding:0;outline:0;box-sizing:border-box}body{font-family:sans-serif}.container{display:flex;align-items:center;flex-direction:column;margin:5px;border:1px solid #bebebe}.run-info{display:flex;flex-wrap:wrap;border:1px solid #bebebe;margin-top:10px;width:50vw}.run-info>span{flex-basis:50%;text-align:center}.counters{display:flex;flex-direction:row;margin:22px 0}.report-header-footer{display:flex;flex-direction:row;justify-content:space-between;border-bottom:1px solid #bebebe;width:100%;padding:15px 21px;background-color:#503e9e;height:50px;font-weight:700;font-size:14px;color:#fff;cursor:default;user-select:none}.report-header-footer>a{color:inherit;text-decoration:inherit}.report-header-footer>.title{font-size:18px}.report-header-footer>.title>span{color:#000}.report-header-footer>.timestamp{font-weight:400;font-style:italic;opacity:.5}.severity{display:flex;flex-direction:column;cursor:pointer;position:relative;margin:0 22px;align-items:center}.severity>.caption.selected{text-decoration:underline overline}.badge{color:#fff;border:2px solid #e8e8e8;border-radius:50%;cursor:default;user-select:none;padding:3px;font-size:10px;display:flex;align-items:center;justify-content:center;width:30px;height:30px;position:absolute;left:60%;top:50%}.kics-orange{color:#fc6e3a}.kics-orange>svg{fill:#fc6e3a}.kics-orange~.badge{background-color:#503e9e}.kics-purple{color:#503e9e}.kics-purple>svg{fill:#503e9e}.kics-purple~.badge{background-color:#fc6e3a}.severity>.icon>svg{width:80px;height:auto}.severity>.caption{font-size:16px;font-weight:bolder;user-select:none;cursor:default}.separator{border-top:1px solid #979797;opacity:.5;width:95%;margin:22px 0}.query{width:95vw}.query-title{display:flex;align-items:flex-start;flex-direction:column;width:100%}.query-title>h2{display:flex}.query-title>h2>div{width:20px;margin-right:12px;margin-left:-30px}.query>*{margin-left:30px}.query-info{display:flex;flex-direction:column;justify-content:space-between}.query-details{margin:12px 0;display:flex;flex-direction:column;text-align:justify}.query-details>span.query-description-title{font-size:18px;margin-top:5px}.query-details>span.cis-description-text{margin-top:5px}.query-details>span:last-child{font-size:14px}.vulnerable-info{border:1px #969696 solid;border-radius:2px;display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-header{display:flex;flex-direction:row;justify-content:space-between;margin:6px 9px}.vulnerable-info-details{display:flex;flex-direction:column;margin:6px 9px}.vulnerable-info-details>span>strong{width:5vw}.code-box{display:flex;flex-direction:column;background-color:#503e9e10}.code-line{display:flex;flex-direction:row;align-items:center;height:20px}.code-box>.error{background-color:#fc6e3a50}.code-line>.code-line-counter{font-size:10px;margin-left:9px;margin-right:10vw}.code-line>.code{font-family:monospace;font-size:16px}.kics-message{margin:24px 30vw;text-align:center}.love{color:#503e9d;font-style:italic}.social-networks{display:flex;flex-direction:row;align-items:center;justify-content:center;margin-bottom:24px}.social-networks>a{margin:0 15px}.social-networks>a>div>svg{width:20px;height:20px}.footer-text{font-style:italic;opacity:.5;font-weight:400;width:100%;display:flex;align-self:center;justify-content:center}a.checkmarx,a.checkmarx:visited,a.checkmarx:hover,a.checkmarx:active{cursor:pointer;font-weight:700;text-decoration:underline;color:#fff;opacity:.8}.hide{display:none}summary{cursor:pointer;user-select:none;font-size:18px;font-weight:700}</style><script>function filter(e){const t=document.querySelectorAll("[data-type='severity']");t.forEach(t=>e!=="TOTAL"&&e!==t.getAttribute("data-name")?t.classList.add("hide"):t.classList.remove("hide"));const n=document.querySelectorAll(".severity > .caption");n.forEach(t=>e&&e===t.innerText?t.classList.add("selected"):t.classList.remove("selected"))}</script></head><body><img src="data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAABAAAAACqCAYAAAAz1T0YAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAFLcSURBVHhe7b0LfFXVmffPyUlOEnIPIQn3BAuitpDYCtpRuamt9YZU27HWCrSd+lZnuMzbvjPv2xaw08//P1M/Ev5jp7VaLlVr59UiFNtqrVzEzihaCFgvgJCEaxIgObmR5IQk//Vbe+14iAFy2Wvtvc/5fXVz1lp7n5O99zl77/V71vM8axghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhJChEFCvJA5JzZo8LxBMzlZVR2lt2L+xu7M9rKqEEGIM3tsIIYQQQvqGBoA4pnDKgxVJydlFquooJ95/rPhspKFSVQkhxBj5E+/dmpxRNEtVHaX24NOz25urtqkqIYQQQoivSFCvhBBCCCGEEEIIiWFoACCEEEIIIYQQQuIAGgAIIYQQQgghhJA4gAYAQgghhBBCCCEkDojZJICJoawiZIFOSi0okfWkiye7O9sRrkR2567OtnBnpKEy1pPYMQkgISQWYRJAQgghhJC+8b0BIBBMyU5JHz9LCPwJyXhNKShxUtRGztSUd3aEKyOtNXvaW6q2RVpry7s722JiCigaAAghsQgNAIQQQgghfeNLAwCEfmrmpfOS0ybMDA23RvhN0t5Uua2t5fD21sZ9Gztaa8tVs++gAYAQEovQAEAIIYQQ0je+MQCEUgtKUjMn35GWd9WSYGJqtmp2nY72hsrW+j3rmuvfWd8ZCftK8NIAQAiJRWgAIIQQQkgskBlKyb7rE9Puvzy3sOTqURN6+jaNkbbw0eZw5R+r9m38zYd7ftk9bJj4v3943gCA0f6s/OuW6+rMOUlz3d51jTU7VvrFEEADACEkFqEBgBBCCCF+BsJ/0RUzFi+6fMaSzNCFB7+PNtdXPv/hnnWrd29/uD+GAM/OAgDhj05c/iX3aevIOU167tQFoy97sCJn3G1rgyE9wpoQQgghhBBCSGxyRe6o0t/f8Xe7l5TMWnEx8Q/GpucUYdvtdy0+OC49p1g1nxfPGQCQ1C+v6K4X/CT8e2MbArIKrluOmQhUMyGEEEIIIYQQ0icQ/8/efN8WiHrV1G/GZ2QXP/P5r716MSOApwwAaTlT7x815dsVqVmXzlNNviaz8PoVBZO+uZveAIQQQgghhBBCzoct/vsz6n8+bCPA2PTz609PGAAw6p8z+sZVueNvW+elBH9OkJScVWR7A6gmQgghhBBCCCFEglH7x+fevWEo4t8GRoBHrrt9rap+DNcNABgdz5/41a3pI6cvUU0xCbwBskffuEpVCSGEEEIIIYTEORD/g3X7Px/TC4tnXl3Ydzi9qwYAiP+RQvy7MZe/G2SMnL4ECQJVlRBCCCGEEEJInKJD/AMh8gOLS2b+QFXPwTUDgC3+4SKvmuICJAikEYAQQgghhBBC4pesUGqODvFvc9mIwhJMJ6iqPbhiAIhX8W9DIwAhhBBCCCGExCe6xT+A+O8rGaArBoC8CXe9EK/i3wZGACYGJIQQQgghhJD4ITAsEPj+9JsevTx3lPYweE94ACDbf7zE/F8MJAZMTp/QZ3IGQgghhBBCCCGxgxT/M2569K5JJQtUk3GMGgAy8qYvjvVs/wMlZ+xtawPB5Jia+pAQQgghhBBCyLksKZ25fNHlVxvTw0ebw5Wq2IMxAwDi/jMKrl2hqkSBUIgRzAdACCGEEEIIITHL0tJZKxaXzDQWAt4YaQu7agDIGX3DqmBiKke6+yA169J5DAUghBBCCCGEkNjDtPgH75+uLlfFczBiAEjLmboAIldVSR8gFEAVCSGEEEIIIYTEAHdPKl1gWvx3DRvW/fyHe9ap6jkYMQBkFFzPbPcXAaEAGXlXMT8CIYQQQgghhMQA1xQWz/7xtbcbH+g92hSu/M2H5b9U1XPQbgDA6H+8T/nXXzIKrlvOhICEEEIIIYQQ4m+uyB1V+vjcuzeoqjEw+r+6fPt5c+9pNwBw9L//IEcCDCaqSgghhBBCCCHEZ4xLzymG+M8Mmc2BB/G/5t03Vp9v9B8E1KsWIGZzx7sX2955tjXc0VpT3tZ0YOPZSEMVyl2dreGuzvaw2kQSSi0oCQRTssXrtNSMSfOSM4pcS8gXOVNTXnPgyVJV1UrhlAcrkpKztXhnnHj/sWJxzj+WdZIQQnSTP/Herbru47UHn57d3ly1TVUJIYQQQs4B4v/Zm+/bMjY9x6gXvIz7P1C+/ruvb1qomvpEqwGgcMpDQmCad/9va6rcBtHfUrdnfW+x3x8SgsnZSFqYkX/dcl0C+UKY6mDSAEAIiUVoACCEEEKIG7gp/jHy/y87X16qms6LthAAN2L/MeJfd2TzgpOHnpnddHLn6sGIf4D3tdTtXVf9wU+Kxect7Gj/+PyJOhmeM/V+VSSEEEIIIYQQ4nGyQqk5bon/1bu3reyP+AcaDQCfMipi4Tpfe+AXpUK4r1dNjgBDwKlDT8/uEJ+vmrSTmjlpnt+TAXL0nxBCCCGEEBIPuC3+V5dvX6maLooWA0AwlF1kMo4eoh9x87pEJz63Wny+08aF84FkgKmZl85TVd/R0U7xTwghhBBCCIl9AsMCge9Pv+nRy3NHlagmI0D8//DNl5cORPwDLQaAlLTxxsQ/Rv7h9q+qWsHfMeUJkJw+YaYq+o6uSD0NAIQQQgghhJCYRor/GTc9etekEqMzuUH8f2fHpoVr33tjtWrqN1oMAKbc/xGbf7rquTtV1Qi1CAcwkBMAYQCq6DsibbV7VJEQQgghhBDiMzJDKdl3fWLagh/M+FzZz+d+6YVf3/y1rVgeufaOtaL9/rHp5hOle5ElpTOXL7r86iWqaoRwpK3+nj+sn/2bD8sH5Z3u+CwAcP8ffdmDFaqqlVOVz93Z2rB/o6oaIzl9wqz8S766VVW1oTvbtK5ZAOqP/XFp86m3ylTVETBNYzCYnB0MZRUliHJfORI6VQgIXpmDwBkSxfnG64XOO7DPfVdnW7i7sz3M86+f/lwTIB6/G84CQJwilp890ceGRTWfg1+PzQvY5xe/Gfx2zneOQfR9+myksbJbvMoVJKZAn6o/v4f+0il+KzqeRxD+i66YsXjR5TOWXGwO++cPlK8rK9++8miz2YTpXmFp6awVi0tmLldVI9S3nam79+Wn5r5XVz1or3THDQCm5v5vrtu7rv7I5gvOcagTnR1Mm8bq11Y21OxYoaqOo8sAcKryuXmtDfs3qeqgSE4fPyslbcLMpNSCksSUgpLB7CfCQzo7wuLmeHhbpK16D17VKhIFOimh1PySUErhNPFAKhYPqAmDPefRwFOmKxKuhEeI6NxU4DuItNaWs2MzMJLEd4PrQHw/JTq/m1i6PmgAIIMB98IU8exJTpswK5SSPy1RXHfIyaNW9xs8e7o7W8NtLYe3t7dUbfPCfQ/Hlpo1aR7uI+L4ZgZDmUWDPTY+V88Foi4kfjeJSdlFwVD2hJC4Rw/2/EZj/47s+3RbS+X2DvFbUquJx8HvIjXz0jtwH3HqN9Gb9qbKbbWHnpmtqo5wdWHRLIz2X0z496asfNuKst0Di0P3O26I/8NN4YqvvLR+zlANLo4bAPKK7noBc+irqjbcnmfehBeAjgs7Gl0GgOr9T5QO5iEF0Y/kh8NzPnW/0zdJgOSE6Iydqd+zPt47Lfa5RifXZMJOgN81OjStjfs2svP4cexOA8KABitABkusfDfxYADAszYhQf9sMU2n3yobqkG3Nxj9ypvwxRdUddA48XyEME7PmXo/rjed90JcWy3176w707h/kyljgIljw/TLkZbD2+CN2VJvJlGy29jnFfdnnFuT92ic77OtNeWtjQc2+tEgkD36xjL0O1TVM3R0NFY6MaiI30Zm3lWLU+VU6M73r3vjtE5YUjpr+ZKSmYMeeHzuw/K139mxaZGqxjR3Typd8ONrb9c+4B2NU+IfOG4AGHPFsvoEzTdDt0f/bXR7AeBGf/zdR3NU1XF0GQCO7PnRgH5XGN3MGXXDKpNCFMaApprXVsRLhwXoNrAMBtso03zqzdXxPLJhutPQH/z83cS6ASBn9I2r0kdO1x5vCE+R6g9+UqyqjgEj16jLHhpyqOBQvgv7mkvLu2qJaQEH8dZYs2NlZ0SPy6xbx4Z7Rmv9nnXN9e+s13VsbmGLft2GooFi92XgbeKHc27Ce3awHP3rIzkIk1PVAYHw56yC61ak5U41OgW6kwaAm8ZfOu/nc/92SIZZJKX7/8q3rYx1T4ArcgtLf3fHt3apqhGqGusOwe3fqVCLoHp1BAiM9LxPP6Cq2qg78tuFXWdbqlXVNc52NFaJi11bxseEhKSU1sZ9m3Qda3redNE5SHG0c4CHUfOpnf3ORomObO7429YlGhY9OG54qgzPmbYAozEdbTUxmbgQnZaMEVd+K3fMzT/LLPjsPyWnjbkavyu12nXwPYRSC0rSR3z6ARgnhnWfbYvV76IvcM8cMfbWtbnjvvAzeBU5fT0OBT9/NwhF03VPgdHQjtd1Axxb1ug5/6+qagNC9eTB9dd0DbJDfCHgAZDhgAEj0lq9J3Lm+Buq2m9w3eUV3/OH4dmXzjN9P8Tfw3WF48d56Giv2+ekR0Bq5uR5Iy+5d2tq5ic+b/rYcM/AfSxF3C8Q+94uRKla5VvwW0E/JXv0DWX4vZjuq1wMuy+D3xNEaEdb7R4vh9npvDcPlbamQy8P5t6ekTd9ce74O36dnDb2atVkDBh9WurfGfJAFpL5/fusLz47ULf/3gTE/9MLi2Y2Rdoadp88NuB7sx+4IndU6bM3f21LctDM/RVGlb+ePr77rt+v/ZuTrc2O6UFHZwFAbJkqaiNy5kS5V0ajMPLQJTpJqqqFJAPn1En6OwUgHlQFk76x28Qo1oVISs4qggEiZ9xta8+XRM2PQPhnFVy3fNSUb1dkj7mxLGl4ged/RyGxj/guCqc8VCE6CUat6KZBpxIjIfmX3OfZ0ZBo4um78TJylGn0DatUVSsNJ/60xOtJ34ZnTr5DFftNprgv4rrDvV81uQZE28iJX90K0ayahgSEal7x3S+47eGFc5tZeP0K3C/wm1XNviL6Hg2B7RWvuQuRnjt1AZJwoz/j1/PuJgOdwhz9rJxxt6xFH8sPv48LsaT0+hVj03Mc+c0IYRn43ozPP4pcAqopZhiXnlP8+Ny7NwzVUNJfIP6fP1C+/t6XnprbGHHWsOeoAUDcMLXPXd98+m1Hs8sPFScsbxcCIwWq6AsQR6WK5wUPJnR6ICpUk+vgwVkw6Zu7Y+GhiREgGFfQAfPjQ8k2yiDGOdY6MTgePwn/3tjfjZ879n4G900T13TTqZ2rW+q8Hx6FGOyBGG4h/rPEfVFVPQGuKeQTgsFWNQ0KCBG3Deq9wbEVTFq0OyPvKk/t14WQom70jav8eo8G6M/gXkFj7cBITuu/hsHvJF+c4/Rcs/O+6wCj/3d9otTR3wqMAD+b++UNsTRNIMT/szfft8UpQ8nFsMX/d1/ftNBp8Q8cNQAkGhitbm+u8pRLme5EWU5ME2KSzki4ShX7xBb/6BioJs+AfZIdbJ8KG1tcYgTIi+d3oGDUBaMZfuo8Xgi4CaIz7NdOZTT4feG7GapoIf0HosTEdY24/8bq1zwlks8HjCGh1P71O7wo/qOBwXaw15MU/x4VIviOssfctMoP9wqM+nvBM9EJcK+IRe9GncCgqIoXxBb/XhrEGgpXFzrjgdSb7FBKzq8+f78QzP43Argh/lfv3rYS4l81OY5jBgDEsununMD932suiUiSpYpaSEop9Fy21AvR0VazWxU/hpfFvw32zY9GAKvjEhvisjfoPGYL8ePXToxtmIkFN8HeQLTg2PxqNPMLiJs1JUpOHXp6to64f130x23X6+LfZjBGAC+L/2hwbF425nopNMRJYsm7UTd4Pl8sHCfWxD+4PFff4O34jOzix+d8eUNmyDv5jQZKVig1xw3xv7pcbyJFxwwAmKtaFbURaTvpuUzUXUggd6ZG23757WF09jweAH4Q/za2EcAvgtPuuMSauIwGsbL5E8Ux+qwTgxku8FuKRcOMDY7Nj0Yzv4DzmlFwvZHRU2Sm93rcf28u5rbrF/FvMxCh7BfxbwNjrlP5DpzCjuP2029koPh1YMMNklLOr2ViUfyDy0cUaB1ovGJEYen3Z3zuUVX1FYFhgUAsin/gmAHARALAtsZ9G1XRU0TaqrVmxsaUSaroedLzZizGaDRulKrJV+LfBvs6YtxtRuf3HAx+69wOBTx0/dSJscT/vTE3otQX7GDqw9S9E9PrNvjE9T+aC+UB8Ov9EUIZ9w9V7RO/iX+bnLHecUm3BV0sxHFfDN6j+8f5DFSxKv5NcfcnShb6zQgA8f/ja29fc3nuKCPfOcT/d3ZsWmhC/APHpgEcnn3532KKMVXVQsOJrf/sRdfERHFDTcm85POq6jitjfs36Zh2Ssc0gEhamJY7bUFm/mf/Ca6ZSamFpVmFc/4fP4qgpJS8KZj27Gz76Q9Uk6dABzBz5IyYiI/vL/i9Yoqplvo964d1d7apZs9hi/9Y9srojf3d4H7l9jRUOqeaMjkNIAQsph5TVW0g7j98dPNCU89Xp6YBBHKqu66z7UHxjMF1Zy/pOdPux9SnajPfkZx+yee7uloboo+p59jyrlrsV9GK+0RS8ogpZ8Lv/adqco28CfOeTcnwlkeCTnDuk9MmzDrT8O5/uvX81HlvdoKExLTCzs7mmt7XXO6YL/zUi+LfiWkAb5pw6bxLskZOUVVtlIwce7VfpgeE+P/+jJsevXfKZ7RPbQ/Ckbb6f9j2m3terPirsftiQL0OGcSB6nRzxZzEx999NEdVPQXmyM4rvusFVXWc04c3LzxTv3edqjpG4ZQHK5I8fCP2Ah3tDZU1B54o7faY4SmeRv77or2pclvtoWdmq6qnQGch3sR/NLhmTh56ejY6JqrJODqfR7UHn56NKWBVVRvoKOeON+OFVLP/ydJIq75Qtt7Aq23UZQ9VqCqJQ0xdR+cjnp+hTSd3loWPv7JUVY2iWyvEG070hX4w/XNli664erGqagWj3A+8+uv5fzzsTY9um6Wls1YsLplpJPSuvu1M3b0vPzX3vbpqo2HuziUB1OxWdNZg52SgdLTp/dISmMHVNeC5kJnnrYzA8S7+AToQSAyoqp4B7pUjJrg/D7eb4JrJm6DPIBoP4HdkMu7fpPgnBGTlX+varAAwrsXzMxTeN17LxUDcw6TwFKIz8G/XzVujM/HgUDEp/g83hStu2/zEp02Lf+BcEkDNI8mRtlqtcfZDQXfSJIQYqCJxgbS8qxZ7JWYR+RXiXfzbeLET47dcF7qAq6QXDTR+wdTvKHKmptyPcf/E/8CI68b926RxzcsgF4MqkjjH9Gg8pgf82Zwvb/Di9ICmxf9XXlo/52izO96SjhgAkvo5D+9QOOuiO2l/QAylKjpOIJiSpYrEBTCam5I24YKZpk2AjkvO2Nv50I7CSwml4JlB8f8RHGUaHKZ+R3hmna567k5VJcQ4GXlXGXE7jiar4LoVvE9bnlo4F6pK4pjGSFv4+QO7h5RHYKB4cXrAuyeVLjAl/qsa6w65Kf6BIwaABKFMVFEbHW21ceuimBBM9mTug3jCC/MXs+PycXA+vBCiQc+MvskeRS+AgZCaOXmeqd9RU+2OFX6b8o/EFqE0zBhkzoALI3pa7tT7VTXu8ZJ3I3GXsvLXVjRGWo3musL0gDACqKqrXJFbWPrja80MsL1z+vguuP27Kf6BIwaAYJJ+N46uTrM/zIHSpdFDIZiQTA8Al4G7opsPSsQsut1xQSJOuAwj6Uz0gjasU5sZxwudGHpm9A1CAcRvlx3ufgBxkjX6JiMGE8T9t9TtNTriQ0hv4F2HJMqqqp0RY2/hfToKnP/hmZfeoaokjoEYLdv9mpHp56K5ZlTRbLenB7wid1Tpszd/bYuqagMJEP/7ROXWe196ai68LlSzazhiADAxT31Hq7c9ALq69GWJp4XWG5jsqPTGjZjFNiHuG4RQQLbmY399JAezcNQceLIUGWejF7RhHbbBtg3Vr62EUUB9jHbQickqcG/0PSNv+mJ6ZpyfrNE3lPEednGQONHE7wiu/4z7J14hOd1MeB0MbKazz+Naa23Yt7Hp5M7VeC6ePrJ5ob2gjgXrTT4ve5OW8ylfTidJnGfNe2+UPf+h2VAAsPDyq5csKTXjet+bcek5xY/PvXtDZkhv4maI/+cPlK+/56X1c7wg/oEj0wBmj76xLGPkdG2xXF6eAtAGmfoTgvp+QDpyIHAawIHRXLd3Xb14cKuqMSAws8fcWKaq2sFxnqnfu36oUzTBMJgphLkJzwXcI0588JNi09M1olPJxH8Xp/7YH5c2n3rL2G/Yb9MAmprZA9dJ7YFflLrt+s9pAImNqf5d7rjb1pl4FsFw3tZ0YGNrw/5NA+m3oQ+ZnF40C2FApr39jv71kRxTz05OA+gsTkwD2BuT0wLaQCB/d8emhc9/WG7MAAHx/+zN920Zm56jtf+GY1vz7hur/2Xny65MvXk+HDEA5I67VdxYp2m7YUXOnCivObCmVFWJQ9AAMDAwv3n1B48Vq6oREoIp2fmTvrHbhMBEx6X+6IsLnRYH6OznSZGs97fWiBGVmh1GRzbdnJIRHefWxgMbz7bVlIvvrArz7nf16sShUxkQv6FQasG0pJSCUrFMg1u+Wm0MHZ2UC+EnAwA6/HnFdxuZNrH++CtLm0/uNGaIOR80AJBoTrz/WLFuo1ThlIdEf0ffcxTPz8ba11c6cW8waTwHJg20NAA4i65n65KSWStMj8qHI231X/nD+jkmpsQzKf5X7962cnX5duPhFRfDEQOA7gvadOcxXvCCAQAPzY622j0RiJjWmnJbwNiWc0yBGC1iUjMmzXPz4WHSUg4Q+587Xv90PYgJ1u0WnCmEcpYQzKrqOG54CunuVPbFmYZ9G0VnbfVgO5roXKaPnL4kJWPyHSavfx0j5+fDLwYAkx4kbnkw9YUXDAC4X0RaDm9rFwsMaB3i+YN2+9lje/UFxb7CEAtDTSht/Ew/GM3het7WuH8TnqudQlhjQfv5nqvJaeNnISEfwqmw3jSnKp+bhxFzVXUcJGnNv+S+rarqOLqen7qfmTYm+9gZedOXJIrfnKo6xvDMSfMSXPr9RoNrD/eUzki46myHfk+r7s62sLh2tEzjt+jyq5f8YMbnjCbyNTE1XlYoNed3d3xzVzyLf+ALA4Do8G46Xfm8a/HXsYpbBgB0vJpPv726+eSbZb1HLPsDOi6pWZfOy8jHdFlm99+kiAEmBKYJ8W+ju0Nj8vsxZZyxcdpDAyJseO60BSY6mABxsOHjrxiZscEvBoCCSd/YbcIjA53S2gNPlg7mfqsDNw0AQx2pFYK5JF2IGLeTsvbGfq6eqdu7brAhg+KYFrjxXNU9Aq0zTFX38xPfSe44vc8ZN4znTuOmZwHuKS3hd9a3Nezb6JV7rFNcnltY8vO5X3pBt1iOBkaAW3/7+JU6YuUDwwIBiP/Lc0dpfe5C/P/wzZeXrn3vjdWqyXM4Mw1gSO/DQlxQ9apIfA6SylV/8JPiRvHAHOyNEu9rEZ0cfA4+TzUbIZhkbrQXSQdjSfwDfO8QgqrqOBilU0XtmEzMCNftk4eeme2kmyw+C99Hzf4nSyEQVbM2hud8ylOCyW0QPmIqHOPUoadnx1rHdKBII8jBp2fjOhqKASfSWlNed2TzAritm7hu+kPTqZ2r7efqYMU/sJ+rYXG/UU1GSEotdHxEOJpQSr6Wzzfx/MR3ovOZCeD5kZSabzw0zO9A+Nv3FBjeYvEeC3f8v/3DL2cfba43dq8bn5FdrGN6QIj/H197+xrd4h+hDN/ZsWmhl8U/cMQAoJvuzrYGVSQ+BRZm3CiHIvz7Ap8nOmPG3Fox+qOK2knL1SuY4BJsUvzbiE7TCl0dZ1MiU3RYS0y5/tcdeXGhzrhtCBoIRN1iBp3M5PQJroXveAm4JJvKHQGRoju+2utgykN4QDjpHYRzioSKHS5mcMdzFfeH8LFXljj5XBWCswyGwS7x+apJKwnBZK2jzzpGhnG/NPX8xDNT93eRlFJIA0A/sa+7oRoT/QLc8WEEeK/uhLF7ndPTA0L8f3/GTY/eNalE66wX9W1n6pDH4DcGkxkOFkcMAMGg3imeujq9MWUCGRxS/IuOkq4bJSzkpkYsAsGULFXUiow5zdI37SA6L0015ud8Bbie4cquqo5iaiQjI+8qI67sGPlvqduzTlW1ATFTV/X8nbo7mSlp4+PeAIC4/5yxtxsJHcEUY24Y+bwERscxYq9jdA73sloYz1wyApwSAkTX/UEaBqt+c6eqakWIT20eADDWqqKjNNWaSziL31nTqbe0jiaaHNzwM+jP6rzuvAqMAF/Y9PNSZLNXTdpxcnpAfA5yGqiqFhC6cO/LT801kcTQCZwJAfBA4g3iXRpO/GmJ7hEojFigs6uq2khKyjQy6qvblR2dFzdHBWEMQuIhVXWU5DT9o8yhNP1zV8NDw2TGdnT4ERutqlpIThtvZM5vLzNi7C1rTXiPwMhn2pXba8hzcExv3gmIs1NVzxkRytHAOIhrVlW1gPu0bvdz3SRqCNvD7wpeJapqBN1Z+pHsUhXJBThd9Zs7dV93XubhnS8vKdttJqmdEKiBfyiZtfyuT5QMybNzaemsFYtL9M5oYCcv9Iv4B74IAaAHgH+BiDH1oIRLlu4RzIBmbxeb1KzJd6ii47jReemLBk1iU7ebuQn3f7c8NGBI02WYAYlxPsqEuH9Tiap0TOnpNxDaoopawXluqDZ3vcqZQAwZB024nycEQ9qeqzo8wjraavaoojHQD9Z6b07KnKCK5DwgnCoeXP4vRln5thUPv2lmTnsYAb4343OrkIxQNQ2Ir19xzRJT4l/nzAU68IkBIL6TF/kZkyIGD8iW+ne0CttAcLgRAwCmZVJFxzHpungh8CDV0bHU6U4KTLixu+mhocswAxCigQzwqhpXmI77j/eOKozPJq8hU/OogwaDnh0m3M91Tj+IcDpVdAy3rq22lsPbVdFxTPVt/AqM8vEeThXNmvfeKLtl08+vNJEcMDuUkvOzOV/eMDZ9YAnn755UuuD702/SOo3hu6erd/tR/IMhGwB03FxJbGC6AwZaG/XMh2oSCAWdYTWi86KtEzFQxPfl+NzPGJ3X6amRmjlJm3cGcNtDQ5dhxiZkIETDawRDOcWm4v47InUV7KiaNT4D3SO0Nvgbpp+rZ+r3+jbeORAMIW9Pt5NLR1utK26+Ha36/q6ppLZ+xSsDJ17i3boTu+/5w1NC/Oo3AmBmgF99/v4tmaH+ac4rcgtLf3ytvmcupvl75/TxXff4VPwDBwwAZlyiif9oa9Qfk98b3eLFBCGN2XjdMMpciLbmw1o6zCFNiZ9AkmY39vYWPedkIOj0pIlHD4Cc0XMfNRL3L8T/qYO/mqOqcUvkzIlyN+5zrY0HHDdo9qYl/I5xMY5zCcOkqvqKllNvr649+PQcJ5eOVnfifDva/BNfHGt4aeDESxxprq+AEcDEDAH9nR7witxRpc/e/LUtquo4EP/PHyhff9tvn/h0Y8S/Ieq+CAEg/qTNpRumFwTUUEhO15coLdLiLbdgXfuTlKJnJgDE/+tOeurW7AzR6PSkCYay4yrWNLPguhU6Z/SIpqnmz3E/5R9obzniyrOnzcCzxy0hIu7VvhRASNiGgQEnF7fCUnX/3XgNz7oYbhkU/QKMALdseuJKEzMEXGx6wHHpOcWPz717Q2ZITz8N4h/H+d3XNxmbflwXNAAQLeCG2e3SQ1LcqKtU0ZckJg0szmkgnGnYp32EaiDgoarDYyMxpOcc6sgoHY1XOhodotOsy5PG1EwaXiAptaA0q/B6rQmIbJpOvVnmheSeXqC9pWqrKhqlM6J3lBxTkLl1f9Dpfk76BxNiu0Ok7SR/+xehe1h3t6kZAs43PSDE/7M337dlbHqOlj4GxP/q3dtW/stOMwkQdUMDANHC2Y5G10S4n6doQU6NpOF6XMzdNMpciE4N+xQIpiDu03GQn0EVteDWyGVv0NHsjDRqERoJIT0PZ3MEAv1ZEPc/YsLdF3VXdAK4/oeP/Smup/yL5mwk7MrzB9eNTlf5sy4+2zgCSuKVjtZq47M++BXMEPDDnS8vU1UtCOEqpwdcdPmMnileryksnm1C/K8uNzMFogloACBa6HSxs9DZ4c9YRaBjyiIbr4jL3nRpGDXTNcocSsnXOsOAWyOXfRFpY6enL/IvuXfLuGn/u+tiy+jLvn3IUGKtbsb9n4uro9UajawdHXqMcv3hbAcNACQ+6exoqFBF0g9+8e4bq3TPEAAjwA9mfH7V3nu/W//63f9QgZh/neL/h2++vDSWxD+gAYBoga5qgyOo0f2/o61mtyp6CtGxdHy0Ttcoc0JQb/y/W3kz+kLXiB+zTTtL/fFXlnF09iPgJq+KrtDVqe/vd7rk2QC6NR4XIV6mq7O9QRVJPzE1QwBi/XUJfwDx/50dmxaufU9/fgPT0ABAtOCmAcBN74OhojMJT0JCSm5y+oTZXlsSk7IcTwqXEAxpEeq6wjMAhIuXQjQw1VV7U9VWHYv6E2SIYFaP5pM7jc0/7we6hEpWRUIIIS5hcoYAHYQjbfX3/GH97N98WB6TuXUC6nXQIGZ5zCf/sV5VtXD68OaFfp6H1qsUTnmwIilZz4izm98ZRPSoyx7S4rLV0d5QWf3BY8Wq6jh5RXe9YCpjeKxzZM+Phnx/i0bn7wpgfu/aQ8/MVlUyBPIn3rs1OaNIa74Gt7Gn/PPj6L+f79EXQ+dvL1afq8Dp+3WsMm7a/+lWRcc58f5jxX71JtJ53dUefHo2Zn9QVTJAAsMCge9Pv2nVoiuuXqyaPA/E/1f+sH7Oe3WxO/XmkD0A6OpNiHMkJCRrdTEngyeo0TsDuBnfS/yHX8U/IYSQ+MHkDAFOcLgpXHHrpsevjGXxD3wRApAQpCgi8YHuGPN4wulwioQEvd+Nm/G9xF801uzgfP+EEEJ8g4kZAoYKxP9XXlo/52izf5OJ9xefGABSKIpIXBAMxc8c6X4joNkQSUFH+kNbU9XWhurXVqgqIcQYH5/uMzGUXYwlKTW/tK8cN04vakcI8SUmZggYLPEk/oEjMVc6Y8mB6OysbKzZwQ6PwzAHwMDRHV+qM74v3nA6njGz4LoVWYXXL1dVx2GcoXPEag4AP8f9R8McAIODOQBMA5FvHXsoffysUErBNFGegNl6YKwPJsaWxx5zAPQNn83OMy49p1jnvP0D5d3T1bvvEeK/MRI/Ye30ACDEI/B3Tgi5EA3HX+WUf4RoJRAIBFNzhudOXZgz7tY1o69YWjfqsgcPjRh325qMkdMXI0lvaHhBSayJf0JM4qUZAv7vgfJ18Sb+gTMGAM1TVwWCKVmqSEjMwlwX3gajQKqoBZ3zhxP/g7j/1ob9G1WVEOIogQBc7PMnfmXL2E8uq4PgT8+duoBCnxA9wAhwy6Ynrlzzrntz7EP8f/f1TQvjTfwDRwwA7LgSQrxGp89mKOnWbEgl/uZMw75NqkgIcY5AVsF1KzDSn3/JV7fEYugQIV7FzRkCynZvWwnxr6pxhyMGgLMdDVqzVyclMTEaIWRgUFCTWCJ37G1rVJEQMmSsEf/CKQ8dyiy8fjlH+glxD8wQYNII8FLV+xvLyrfHdW45f+QACHkjSUQ/QMIYXQshhJA4BXHHGKlUVULIIEGMf17RFzdgxD8pWW9oFyGkf6zes33lz3I/FV4z+uruNaOvGfbRq718VF8bVUd57ZjPikW0jZphtYnXnm1GRb1Pts/oXt8Uifukjs54ADAp0bDUzEvnFU558JCuJTVz8h3qTxFCLkLnWYYlkdgjLe+qxcFQjmsZ7gnxO0mpBaUFk76+C8n8VBMhxAN0dw8bVtvZGW5MGh5oTEod1pCYIpbk7sbE1GGoN4l2We9ZlyLbZTmYLBaxXShNbtOAbcU6+VmhVPF5altRr09M6W4LJsX9wKojBgDdrrZ+sNAmpeaXYEo9XQt9AAjpP12dERoASMwBN+URY7/AUABCBgFc/kdOvJej/oR4kMycwqKM7MKibiBbAsMCgQTxj1XuQiPqAuQOsMuYrROr0Ga9VdbtCjaQi70NPrX06vl/n5ySHtdhP44YAEwk29KdgdvrdHW2N6giIeQidEXqOVUaiUmQpCwj76olqkoI6QepmZPvhMs/Y/0J8R7JqRk5t3z5XzZItS+FvfUqVL6l5LGREPrAKottZDuEvWxXBgFb6Ktt1HpZl1j1jOzRE794f9mWzOzCuNWWjhgAOtpqtc/jGAxle/pL4hRhxAfY98V4WAiJWTIKrlvOUABC+geuFczpr6qEEA+RmTOq+J5v/WLXyMJJJV3dXUKfC5EehWUIsDt2EPtK1EuBL9rFe3o6fQHxZnuRdWv9R+/Di/g8wchRk0u/eP+quDUCWCdoiED8jrrsoQpV1cLpw5sXnqnfu05VPUf+xHu36pw+5sT7jxU7nWuhcMqDFTK8QANufl86f48d7Q2V1R88pqXjrXO/I2dqyptO73RtrlXTdEbCle3Nhx1N8pI9+sayjJHTF6uq41Tvf6K0o1W/MTUe0H0/9gLtTZXbag89M1tVfYVf79H9QedvL1afq+DInh850h/tDQaPRk786la6/V8cHf1MU+i87moPPj27vbkq7pPG6SBv1KTS+fev3pKSmpHd3SXFv6XclX5HWyBBCHa1DpYBuYk0DAQCEPLW5lYbKtHrsU6ithsmPkuUrToMCN1d3eGGExW///X3vniq+sO46n85dsMdc8Wy+gSNrlVNJ3euDh9/xbNuj4WTvrE7aXhBiao6jo6HIw0AA0d353LctP9j3aQcJnLmRHnNgTWlqkoGQWbBdSuyCq9frqqOw06Gc8SDAQCEj/1xadOpt8pU1TfQADA4aAAYOLnjbluXljv1flUlF4AGgL7hs1kPl5V+YcENt//TmmEJUUJdgVAAKfp7r+vqtgwC0gfAQnaabScAsT3a5Xtl3fISUO4DFtLLQG2o6Ozq7Przyz9ZVv7Gc3EzUObYNICdmhMBBsXDRxU9STCUqW3/mNGcDJVAcDjjHoeI7mSnwSSOUJGBwVAAQs5PWs7UBS6Kf0gOHQshvmfG7K+vuGHe/14rBbpQ4pYXPxS5tUDgDwti5F8Je2kQEGWh260GbCN0f896gTIWoMHexn4fUFXbC0BsYn0GloSEYMJ1n3to1YxZC7UN8ngNebKcIK/orhd0TqvitlX/QiQEU7LHfPIf61XVcXSN3tIDYODo/h3q/E50jbDEC8NFZ3LE+NvWqqrj1B/749JmH47mehGdo0HNdXvXdUbCVap6XkIphVNTsyffqara8GMoAD0ABgc9AAZG4ZSHxPPUmGG1GwmxO87UlHe0Ve+JtNXu6Yw0VGJR64cMBsLyL/nqVlV1HHoA9A09ABwkEAjccMc/r5lS+oUFctQ+aoRfeu53dkphLum1DnR3Wl4Bclul/bFKynm8yvVq1B8ghACGBLsddfGKdwai/z7+FY3wHNjz5nNlO17692WyPYZxzANA3DQu2iEaCriJB4LJnhzFxBSAqqgF3SOPxENo/K69ev34Bd3XYaLHE50SCyHA1jfW7FhxsaXu6OZFXZ1t2gzDNuj0clYAQs4Fo/+GxH93W1PVViES51S//9jEk4eenhM+/qelZ+r2roNoPBsJVzq1ILeN+puE+A5k+v/bB9buunTazfdDrXdDmGMFyhilRzkYDGDkXy5oV81dQsBb663Rewh6WRf0fIYsW5+FJissQNQ7xSs+V/0Ne70sw2iA94ptUIaRYNo1X176pW+t2YUpCbFdrOKYASDSWqM9eUIotVCr0B4soRS9+wVLsiqSGOdsh74HPEZwVJEMgrMdekdGAsGULFX0BGJ/shND2cU6Fny2+jMxixD/4bojLy5SVa0wFICQc0nL+ZR21/+OSF0FhD9EP8R+FwdrCOmTjJxRxV96YM2uEaMmlUjXftVuC3cgBXmvBYIcAh2j+Kj2tIm69AKQ77c/Q2xiGw4g9vF3UMYrPADwnmBQtmEbaz/kx1rvQ1m9N3/MpaXzF/z7llg2AjhnAGjR7x6TkjZei3vPUElOHz9TFbUAy68qkhhHiIYGVXScJM2GqlinW/NUnKGUkZ76fkKp+SWjLnvwkI4lq+C6FerPxDStDfs2tjdVaXPZtcHc5iPGfoHTnBEiQOZ/Xe7gNpHW6t21+9dcSddwQi5M3ujJpXf/j3W7MnPHFA3rkt76lgCH4LZH6SHAZRuwhHhPHe+BMLdqUvBbr+dijeyLdXDrl4JegDLaIfZhFMB2altr+6i6erW3Tc8dXXznon9/NQ9GixjEyRCAyi7NyeqS0/QK7cGSqFlYdbRxarB4Qec0cAkMARgSuu9x6LSqoidISNA3qwtGx1Ux5mEoACFmGZ45WVs+KoCR/5MHn57DEX9CLsyU0lsWfOmBdbtSUjKypcAOQpBbRgC5qHh8UREvGH2H2BdVuORDlEP4i/fIbe061tvb9rxHNErhjgz/ok1+JGwAoizj/K31PUYF8XdhHLDeLz5X7UfPtlgHI0DmqOK7H1j7l6nXfFnbFNBu4ZgBAHRGGrWOVKOD47U4ZnTadceZRVqraQCIE5BESBUdJym1cJoqkkGi8x6HUVzd+UQGgs59iScDAAxHjTU7HlZVrTAUgJBhw1IzJ92hilo4dfBXFP+EXISrZn9zxZz531srRbsQ+FJsywWIV2hxrFOiXOh4y0AAAQ6xrsS4jOEHcjuxoIYithXa3VppNUsjgLWNNCDIWQKwGUQ+jAr4LIh91LGd/BzlLYAdEA12XgDZLpZAQkLCtZ/7+1VXzf56TM0Q4KgBoK2larsqaiM1U99MA4NBd1gCpgBkEsD4QWcoTXLaBE+G0PiJSFu11nwcXvqOQqkF2gxG8dZ5bjq5s4yhAIToB7My6XT/xywgfs2UT4gRAoHA7PnfX/uZOYuW2+LcEvMKUZTCHGJbNckQACnIE2SbjNkXZQlEPUb5MWoPIOiFkG9rbwm/tX3Nw1s2/WjRB7t/v14KevWZcltUpfeAKOAz8D78HflqjfBLgwB2TbXJssT6LKsulmAwcNWcb6y49vP/8KhcHQM4agAwkQgw3UBil4GgO9HMWQPnlHgHnW7mXp5Jwy/oDNEAXvLSSEzSF5LQqTmhohcJn3jFyLRCDAUg8YxuL6rmU2+uVkXjBIL6wrIIcYLk1Myc2xf8ZAsy/UN4Q2Rbcf5ClOMVQjshEJBJ/VCG678S2bYxQNbFgsz/XaIq32dvj3bRBvH/3GNfK31ryy9W7Nv9+3VbNvzLgq0bfrRQfob99yDcYTgQdWlwkN4FaBdgtN/+THgGyF2wPl/ut9oOn9RTFp/xqb+5Z+ndD6zblZE9yvfJAZ31AGjcv1EVteGlMAATiWbaWg5r96og3kKnm7nXPGj8hu6Rn9TMSZ74fjCKljS8QGMIgN58MV4EBvKG6tdWqqpWGApA4hWdszJ1tIcrdRuBL0SC6HSqIiGeIyNndPH8b6/fNfqSK2f1iGuIaVG2Xep7jABieyx2rL0syzABJbbxfvUZ8n2qXSI237bxR4uawifO6Y99sPvFdW9t/cVK++/ByCBj+sWrNYsA/hd/WxoDoj4b+yA/XNQFcn/kfsqqfI8E24r2EaMml9y+EDME+NsI4KgBAHGduEGqqjYy86Z7YnTDRCbr9pbDzDAbZ+gMpUlOn+DJRJp+oV3zbCdw4RbfkethALpDEdzsRLtJ86m3ypBATFW1gd9Rzui5MeOqSEh/CWqc7rajrcbVKZl1TzlNyGAZMXpy6e2L/mNLZmbhBEs5Q2jDjV8JelvkwzXfjrW3hbYS4z0J+LBIAa4MBShjQVksb29b83DF+9v7HHB+e+svVr7zX/+5GtvDU8AW79gRfIL8EPH34F3QkxNAeSHIv4X12DZ6kR4C1ufIfRPvz8gZU3TrosdehTFArfAdjhoAQFvj/k2qqI20vKsWu+0FgNH/UJp+McUEgPGHzlAajDB7LQwgNWvyncNzpy50ctGVUd+EkTMr/1rXE82I70SbJ0LkzIm4vafh91N/5PeLVFUrqVmXzsO1paqExAWJoawJqug4nS7H/us0bhAyWKZceduCWxf9x6tpWYUThiVCzAshDb0s4/DxPypisUU2RtzRBOGPhHwQ5lghNLlMwAd/fbTLPACiAWW8TzS/teXJFW+LRVT7RnzEn/9QtvR41e7tPYYGuQjU35f7FAzKfZBx/2pkXxoalMDvaZP7iZ1Q78U6IPYpK3fMRExvOPWzf+vLkDvHDQCtBsIAMLqRVXC9q53ktJxPLdCd/b+9qXIbEwDGHzoTAeLaScuZukBVXQdCPa/o7g0jxt22xslFdAK1XZvi+9EaloOwIl0GjP6Av52WO1VbbpOzHY1VqhiXYN7wppNvlamqVnLG3romEEzOUVVCYp6EBH0GbrdnL0kxMOhEyED49Ny/W3H9F7+/NjmUnt0jsG3RDaksxbsoQ1CrhHuyHeLarsv3CLCNqNgJ/GQYAOoCJOGr2Ld941+2PHnxMDqx/Uu/+l/zmxuqq7rghQBhj8+T0l18JD4TRSnm1d9HGX9fbSux16t9lseBV+QVEKutsIZg4JrPL37003O+6bsZAhw3AKBzo3OubJuMkdOXJKcXzVZVoyC2MqtQvwGC8f/xCeLMdY4yD8+crHWKpIGgaxaNzoi+89fWrD8sJ7PgOtceJroTm3YwsemwxprXVgoxUa+q2pCzAoy7jbMCEOIAyI2iisaBYVZnXhZCBkQgELjmlmWrPj1XCF+I5sSgks1CJKMOFW0LZWuFFNQoQ93LFapuGQXwPrFpjzu+er8oBxISAg2njx7a/psf9dt7LtLaVP/bNd+e09RQU2VPLSj3RZSkQQF/QzSgbO8DgHdCT+JB7IPKSyCR24gF+40i3o/tRP0zc7+x4ppblvgq7M5xAwBoNRAGANwY3QgEU3NGTrx3i6pqpbVxn3ZvCuJNdIbSYITZLeNZb1KznDdGYOpMncn6TCQ7Tc+dusCN7widzOE507R6iDCviTWSWHfkRYYCEOIwCRq9pwLBlCxVNI6JnFOE9Adk+r/16/+x5ZN/c490fYdAlu76UtALZSxH/UWrfBXrILaxoRLhUmDb4h9lIaLlggryAGB7Jazx2hg+XvG7NQ/NbW9rGtDgclP98Yo/Pvu/5kfam8Ly87Bv9v6hrgS9jPEXJbnv0SJflOT+wBAh349trGWYygtgTU1ovWfqZ7+ydP6DT/tmhgAtBoCW+nfWqaJW4IKfP/G+LeaMAIHAiHG3rNHt+g/czjZL3EV3KE32qBtct1RCbEKcqKpj6J46E+IN4Tmqqg03DJzoZOq+vzGviUVrw76N7U1VW1VVK+q3xAzihAyBUMpIV0bg8aw0kXOKkIuBTP/zHnxq16iJn5Hemz3COVrQi6p0k5e6GP9Yrz11LBjtVyP8eC9EufwMbIft1ee1tTeHX3zi23OawscHNahz+vi+3f/1u7Jlcj/xN/H5Qszb+40R/wC8F6ydswwPOB61TRfeg5wFWGevx2dgvxVIWSCNGqItb8ylpbd+46dbMrJHe94IoMUAYCoMAISGF5TACKB7yiOM/OeM+8IaHYKlL0wkUyTeRfc1hOvG7REFXX/fROhMa+MB7dcnhPjICXdtsJ6W+skU34fO2H/AvCbnUnd08yJToQBu580hxARdGsO/QsNHlbhhSMvMu2qxiYEnQi7EiNGXln7hGz/D9HcTbCEPkSwFPEQz2lAUZTkFH9qihHP0glW2az6Q+huvajQedHZ1de3Y8MNFgxX/Nvv/8uLaXdt+8TD2swsfjv3F/sn9sI5BLtgHrLPbsF7so22kQD4BeVxoh1EA26EMsI0iI3dM8S3f+I8tXp8hQIsBADSdemu1KmoHYgZu+ZYRIOpbcAh8br74/PTcEmPJ05pP7TSSJIp4F93XUGbh9cvdCgVIy5m6UJfYNOFi3lK/d50JIyfCNXLG6fYECAQg/k3kNTlDw+Y5IFSlsWbHw6qqFTfz5hASK5iehjo5fcLsdHHtqiohrjD5ytsX3PJNIf5zMLIthK+QvXLBCLkA4rmnDXUljOU/SMSXIBRzMGiN9MMF3zYKyG0g2yC6LaEdCCTIdeVbf/Fw5XvbHPGG/cuWJ1a+8+dny/An5D7Jv2ntp+0ZIPdB7ROS+0kjAbZRS49RA+LfPm61z3hvl228EJ+VkTu2eP6DT+365N/csxhNXkSbAeCM6CCrohFgHR192bcPobPsjCFA/AaDqTkYpcTnwsigVmgHo2Q6Y5iJPzARaz5iwvwNur1nepOUWlCaNVpPCALi/+E9oaraQBiAqWR2yAdQMOmbu3R8T9KzSXwXJsQ/MPGb9htNJ3eWMRSAEGc429GgdZYRk9NQ456fM5ZJPIm7XDn3gRXX3b18bSglM1sKe1sYQ2ahjER5okGOiKMdixDJaJWCGKJfrhP/ScGt2iG45ctH70MZc/Tv2vrkyl2v/vziGf/7i/iTb/z+0WUnDu3aJg0MaBJ/yzJIwMVf1JWhAiP9cl8g7rENXrGv2E9RlKIf5ehzgU+0DQHWm8U5CAauvnnpqivn/p0nve+0GQAgYE3EyfYGnWUI9ryiL27AdGcfGQPspS961knRj3nE8yd+ZcvYTy6rwyiptY05WsJmcigQbxMRAlP3NQTXYHjPQJSrJq1gNEN664i/q5ocpbXxgDGB2VD7unMPp4tgGzhhkHTKwInvomDS13eZGl2iYfP8hE+8skwVtYLfEUMBSCzTpTnEyFQ4DZ7J8tkcA67/6FcnhrKLdS7qT2khlFJQiuelmWX8LCzqT7tLIBCYcev/XFV6gzXF3TnJ+6K7IFLsS01ttatFzuUP44BcDUcAtQ2EMhZ7O7ShDJEtRPWB8hfXOyr+bbq7u1955jvzG+uOVcq/GX0scj/UvmC/ZRsqgqiytAygjvAFeAnIddZ75Su2E4u0IUgDQTBw5Q1/t+LqW5Z5boYA7Ko2xI95Vv4lXzUysnEhImdqyjs7wpWi81mFkTu0wUqcmJQ1AWVM7ZIYypqQmFJQkpTs3vzboCNSV1H9/k8nqqpWCqc8WKHreE8f3rzQtBeIDeaAH3XZQxWq6igd7Q2V1R88ZmzE3OQ11Fj92sqGmh246cp7oMMEhHhdrtugVnvw6dkmPABs8ifeuxVu+qpqjOa6vevaGvf9tq35yLZudU+zkI+nKPB0+gh0LFLSxs/EKJYuI8z5qDuyeUFL3d71qqoVnd+Lrt+YqTAMUHvwmTntzZWuPZtj6R7dG52/vVh9roIje37kSH80I2/6kuwxN65SVW1Yz0sYgXvfc4dKIJAh7s8ZBdcuN32PPvH+Y8U6jLS5425dl5Y7TWt+mVjDqethsIRSM3Pm3vfIhlHFn5klXfgh2KN+6XbPAmP5AVTEOnu1rMqKtU5uY9XEf1iBf8WrGmgPqBF4cOrYvt0vPfmtOZEBZvwfCOk5iNH/2Zb0XCtRn5zBQAAXf7xGY+03jsk6Dht7Q9mGgxHHYG8rD160RR8XOH103+5Xn/mf84ea08ApPnawTuNWB9mvmOwk0wAwcNzoXJq8hnB8TTWvrWypl7/B6HvXIJD3Qyk64caoeyTDpPHMxgtGzr4MnDYwbmLqqlBKQUkwlFlkukNpg1lNqj/4ibHrxo8GAHxX+ZMX7koK5Wo/T7jOaw48UepWQkYaAAYHDQAXx+Q9GYbYxprXH+6UiQej1MGggFfW+FlZ+df+wK0+Mw0A3sFNAwAE8s1/h3j/MarPJnZFTvMnBK34lfcIfCHgAzKRn1WWr9DBWN8p1sEzAO3Rr9haTRmIHqYU1iiI9Y3hY5UvPfHAnOZ6/QJ5xBgkNHx8S1IoPUv2dK2jsIwAoi73CXWxWCWBPN6EAAwG9qsl/MVb0JaI9/ZsLYFHg/WZVntj/bEKHGOTgWO8GNpCAGxMusn6HQgYU+Kf+AfTrua5429bWzjloUMYSUlKzS/FLfqj5UJY28DdD65s2aNvWDX6iqV1ojNmxI2xqebPxu81EIJuhDpFg/wkmJ0kY+T0xRhBjl7QhrAobOOW+Aet4Xd4X7sIMN7UH/n9IlXVCkMBSKxiKjcLsENOkXvKelZCL1zsOWkjtwvAfR3PWoSd4lnJATPiJlL8C2GcnjO2CCP21iKELESs6gbK8Xz8DxGMgr0dRrwBPkhmz8er9T7ZZr83GJSZ9LEeUQF4Q3t7Y9iU+Aenj+3b/cbvHl1q75+doBD7gv2S4/li56x0ADgQbIPjFeC10zpM69gFog25C+xjlecD7fIzYU4QdfFZGeL8fq4nmaK7aDcAWB1kMwmO/I4bAoZ4HzeuIQgEuFEWTv7mLiniRecEnRy4KaOzgjwZ9oI62rEeMeWjpvyPQ+jIQHyaEp1uGs9o5Lww1nezh3lN+gGu9aaTbxmZAYazApBYBIY000ZZGALwrIThHPmn8DzEsxGG8OglNWvynWi3n5eFUx48NOqyBw/hWUvhT9zGGvl/fEvaiDFC/Fuj13IFXiFsrZrCErgQyj0580SbTKqnxK4UyUoQS9GMV7TjVWyHZHzy/eITXn3qO/ObDY+KH3j7t+t2/+nnK6UhIlq8y2z+ar9xTGgXL7LNalTHhBwA6jxhMxyjWGHNKiDWi/fJV7nSfk0Ylpk9pmj2vY9sQIubaDcAAFNzHfsZjv6TC+HmNQQRj84JOjkYVUZnZcS429bYC+pod3Ok2U3jmUnR5kfw3TD5X/9prHltpalrnbMCkFikreXwdlU0Cgzn8MbC8xDPRhjCo5e8ors3oN1+Xrqdc4qQHoQSL7nxW8vTcsYUydFviFVL0Fru+gIpjm1jAMpiHcS/FL7YRr0P28gRdbSr98hFlOVn9by/e9jZrq6ut363aln1obdd8aTc/erjK9/771+vlvsqdx/HrWL3sa/yGFCz9jmQYM0g0HNs9nmS68VibWy1y+MUC15Fa7cKl4CnxIixU0pLb/jWCtTdwogBAJ0/U3Md+5VTB381RxUJ+Ri8hs6PF4xnEG3YD1UlCho2Bw5GMOuOvMhQAEIGSXvLYVfDsggZIlJEmuSSK29fcEnpbV+DaEW2f0vMC4RYtea3F3UhfqXYVSP7MqYfbv9yQ4hd8fxSCQMheDHaLbcVdWkQEJujWZoCUBbs3fLEw++9/sxqfIIriH1488VHllW9u22j8v0X+6iksdpfHIeN3H8l7s/BrotjHZYojlWA84ZX+R6sx+eJFyt8IDDs0s/e8/ehlAzXDPBGDADA5FzHfkMIO46QkYvCa6hPur1gPINoMxW/7Sdo2BwcrQ37Npq61hkKQGINL+RmIcQ3BAKBSz4jxD/i1VFVYl6OXsOdXY5wi7pcKdowQg5PAAhhuS3ErVivRv7laD+2s40BYqWM9Rdby+2xTpTe+/OvVpe/8jP3QyjF7r7+m+WLTh/fVy4PBMei9lEeLzYRByDb7FAB8WodozpWsZEsi4K9ThoD8IpFrhPb4MMTrXOUkpKZc/m19xqZhrkvjBkAAEMBPg5GyBqqX3PVDYT4B1xDHGn+iPrjryzzivEMnU41jSIR0LA5NEw+LxkKQGKNptNvuzeqSIiPSM8eXVRY9JmZEKW24IVOlQtG+GU76hC+QsdCzcNYAFGrtpWvomB7AMipA5VBQYL3iPX2dnXH39+988VHlsqqB4icaazf8tSy+cjObx0TDtg+LgGOyX7FOruuxL08P73XiTf3vF+er4+q2AZvGn/FzNtVi3GMGgDQGTxV+fx8VY17IOQ4QkYGAq6husoN82lIEx28U2+WNZ/c6anY+8bq11ZgaihVjVvw3dCwOTRwrZsK+2EoAIk14EUTaa3eraqEkPOQO2ZKSY9ohUiHsIfQtwW7EqtyZBvbwSgA8AqjgNhEKmCsw7YQvrb4F80ytt6eFUAszaePVWz95T96Tgs21x+r2PLU0vntrc1hefxS3GNwH8eI/9Sx4h+ss49dHKtVjl6sbXrqomzPItBjOBHnJLdwSolbYQBGDQCAo2Q9dMNlmCNkZKBEWmvKw8dfWSaK8h4Sj6BjFz72J89Yj6NpOP7K0njueOLYG6t5j3cCk2E/DAUgsUb4+J/wnIwVpHbotRAyZHJGXTpN/piU+74UtxDzeMWikOIfyDaxICeArFqv8jMwym2/TywQv9hWvop1jXVHD738xDeMTfc3UOqOfbD7v57/wSKIc3mMEO04J/IYgHhF5kNRkrH8EP+CLmvlRyD/gVhjN0vRL7e0PlO+SuMCZhFxZ0pA4wYAgFGyODcCdCPJE4whqk7IgGip27uu7shmxJz3vu3EPBCYJw8+7VnPGeQDOHnwmTnxaASAV9Ppyufnd3W2h1UTGSLhE9LYZwSGApBYIlZmaEE41ZE9P0rovXScqSlXmxAyOAKBQFr2qAn29Hxy5N4e0RYN9gi/FPRKBEsxi9F/eASIuvWvVLdCVcoNJfa2liFg2LDOQHf39l8u+2KzR8W/zeG/bnnhrc2PLO3Zf+m9AM0ujgOvSGiIcwHjgN0m/pev4tThfcAyfqBd/GMbFPCC9+JVGVmSUjKy5IaGccUAAOLYCNCNuGXOi02GCowACKmJp3CAtqaqrRD/XheYthEgnpI2wuBRu3/NlfRqchZ4/DRUv2bkWYlQgMy86a4lJSLEafw+QwvE//nCqdpaqlyZ7pDEGEKG9ox0C10qBb7VbiFEak9dClcro3+Pl0D3MDm6Ld4kXjFNniVw5efZoQDiI/+y+ZF/rJOJ9rzPezueKkOCQhg67FkAes4LyjhuvKINx6lOlsz8j2O3T57czlowu4LlPCDq6rPk51nzLhrHNQMAiDIC2Oc01pEj/16LWyb+BXGONfufvDIOEgN2I6785CHvi38bGAFqxf7GwT2uu7l+7zo/GGb8SvOpt8pMXeOZhdcvT0otKFVVQnwN7sPIteTHZ+SFxD9ob+Z0h2SICB3aHD5RCcEaSLSMAPJV1OUihaoS83ab7M7g1erYSJEs6lbCQGTJt9rtqf+gevf86WcrP3j9aV9pn71/+unKg3/57Tp5jDgOZfCQxg1xOnrapJHAOjcfnSN1bqKWYTAO2HV5rrq7Oz/a1DiuGgAAjADxEM+Mhw+EGkf+idPI5Jqig9Ma3v+CqMbcddTZ2VYPrxmvxvxfDNzjEK4Ro54a0qOp/vDmhRT/+oCIMTnNZO7Y29aoIiG+x06e6ycjwMXEP2hvYRgpGTr1x/ftsVWoXOxeJIR8dII7GAGkxrVUqxT3WLAO26IsR/yj2kTp/dd/tXrvKz/1n8e3UPlvb/63ZXXH3z/Ha8E6duUVIMvW6D5A3WrDIv6JXqSxQJwfUZTnEnWxYf3xD/bgLaZx3QAAkOjoxPuPTYzRUcxuuC1DoMGVU7UR4ijSCFD13HwY02LoOpLXTu3+J6/0u9cMwjVgAFQzBMjng8/phsu/PCZ6NBnBZDxzaHhBSVbBdZzFgcQM6H/5xROgP+IfwDDY0R5myBUZEjWH3pKGJCnc1ai9HOVGXXoACIRYtUf60SCFLl6xKO8AueB90lBgbVd39L3db2/+V18O3gBMD7ht3dL5TXXHpJcEjhsj+ZZxA6dKHa86dpwn6dGPdrGpPIdqUZ4DVsgAzqdoq614a3uktcmVwRNPGAAABEzt/rVXqg6OPMd+xx65hNsy42KJCWBMQyfH70IT107dkc0LY+nawXHUi2OCN4DqhPry+7HvazX7f3EljZpmQTyzKU8ShgKQWEMayr39fOzur/i3aWvcv0kVCRkUEKDVh97eJrPaC2yhK+tylFohBKwc6VYCVy6IB5Bi1rqgPhK3oj96+ljF9l8u8f3U7y31xypeefzrc9rPNIaloE8U5wQHCEGPDVSeA8T34/i7kBxRrrDOkb0OLXLWACw4x6Lx4Nub18t2F/CMAQDAmhk+/selUd4A1gnzHzEzckn8hy00cR35zBDQDXGJmPlqse8tdXtduzHqBN4A1e//dKLPDAHnfDe8r7kDnpHII6Oq2mEoAIk1+jDEegLbsDoQ8Q9ohCVDRsjVv/7xPx6GXrXEv+iSKA0rFzVdHcStHPGW7Ur8Rot/jIwrMdx46mjFq48vmtPi8Yz//aWl7ljFa8qYIY896jz0GEPgIQGDSWKwZ3YAuY1a11PHuRXllvoTFYfe3kQDQDS4Qfuwgwws4X/w6Tkc9Sdu09sQ4OFrSV434eOvLIW4RMx8PMSTRxsC1GwB1vPEW8Tld+NlkPjT1OwSDAUgsYqcRefgr2SSVpefjUMaMIowDwBxAIQBfPDnp1ZbSfyEUBVC3koKKK4LCFuIWFv0Q/TKF1XHNlgwMo6RbqFvX39q8fyW+mMxpYFqDu7c+pff/pucHtDCOg92XQp9vOIfe8Rf0bNOeUzAJeCVxxfNlY0u4UkDgI3dQcZUZ17uIMNy23TyzTJb+Ptmfv+AuNA/OqdOL27T1z4NfbHOma+wDQG22ESyQPxmxSq3jkWeS3S60Pmyr5umkztXx6O4xH0OswXAUOMBY0AsfTf2OXR6cZ26oz1JJfvaP0eXtJHT/yEYyi4SZafp8+8NefHGPfrj++XM4jZ97ZNTi3HwbIRRE9OX4t6LvCai2cT+yL/hxIAR3hdlwBjqogUoQvkSH4s/gRfAKz99uCV8vEq6/gu9aocAyBFr0QD3fznKD+GPBWW0YXQbc+WjLP4VInlZ/bEPYtIz5YMdvyx7548/XYnzYX3h6rULpwRlceIg/qVnhL0Op8kqAxhZ/vv/fn+R2wYSyyThExJDWUWpWZfeMTznU/eHUgtLVLMbxwDRH+44U1Pe1rR/U0vdnvV+FC7iXM4LBJOzVdVRIs1V2wb7QBsqCcGU7JSsyfNU1VG6xffe2rB/o6r6muT0CbNSMyfdEUopnJY4vKAkKM6bWuXkNWXf8zATRmWk+ci2jrbaPeIcbjobYfKi85Egrsvk9KJZyWnjZuL7Sc6YMEutAk59PzH73SSnj5+lSbS6em+LRucx9qZT/B6cnHIslu/Rsfrb0/mdgTN1MlzNdex+ZmrG5DscfC7Ke62ufqNTvzl4F3Vr6MvieZYQTNXS14xV3HoGp40YWzz3gbVb0nLHFuFHK3/0+Ef1FnraBBjMDoj/ZGgAvASEsN31239dum/HL1erTWKWT9704IqpNz24XB47jB+d6hUnyD4fH52oYZZxoHtYe2tD/a6N/7q04u2Nroe4DuWG5iq4SUPAhNImzAyl5k+LMggAJ49L/uztG3dHW/We1sYDmzpaq8vpCktiiVCq6OyITkRSSn6JuL7GJyZlFwUSk7PRFtUJuiAQkt1CLXS2N1ae7aiv6uxorIy01uzh9TJ0or8f0aHKSkzKmSA7VskZsuOXFMrtswOI7wSv9vfS1dUaFiLi8NmOhsqzrTXl6GjwuyGEkI9zvudiQDT2dc9FX7Gr80y493OwvblqO++1xBcItXrlHf+8avJ19y1WLecgxWyn5WkVQEI7obia6w5XvPns9xbVHtwZNyEpxVfdueBTN357edqIMUUyZwKEPtz7JfL0iBuCaJXGke7umkM7t735n99zfeTfxrcGgN6gI5yUWlgibtbTgkmZRdGd44Tg8Oz+CBi7o9zV3iRu2uHK6E4yE60QAsNb36MMHM0nhBBCCIkN0nLHFH3ypoeWj/nk3Hmh1MxsWzFC/EPoQvCeFIK/4q0X1oklJpM29wcYAoo/c8f9BROnz5Tx/ZgFQIh+nK5Ia2O4YufG9UfffXWj14wjMWMA6C99CRiKF0IIIYQQQgg5l5wxl5UMzxldJA0Bgo62pnDNh29u63BpDnuvkjN6SkmSOEcdQvhjesVYS4RICCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIISTWGTbs/weu4URpsmtERgAAAABJRU5ErkJggg==" alt="Checkmarx logo" width="192" height="32"><div class="container"><div class="report-header-footer"><span class="title">KICS <span>REPORT</span></span><span class="timestamp">05/03/2022 09:29</span><a href="https://www.kics.io/" rel="noopener" target="_blank">KICS.IO</a></div><div class="run-info"><span style="flex-basis:100%" id="scan-paths"><strong>KICS development</strong></span>
 <span style="flex-basis:100%" id="scan-paths"><strong>Scanned paths:</strong> /path/e2e/fixtures/samples/positive.yaml</span>
-<span style="flex-basis:100%" id="scan-platforms"><strong>Platforms:</strong> CloudFormation</span><span id="scan-start-time"><strong>Start time:</strong> 11:01:46, Apr 28 2022</span>
-<span id="scan-end-time"><strong>End time:</strong> 11:02:01, Apr 28 2022</span></div><h2 style="margin-top:41px" class="kics-orange">Vulnerabilities:</h2><div class="counters"><div class="severity" onclick="filter('HIGH')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="badge" id="severity-count-high">4</span>
-<span class="caption">HIGH</span></div><div class="severity" onclick="filter('MEDIUM')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="badge" id="severity-count-medium">11</span>
+<span style="flex-basis:100%" id="scan-platforms"><strong>Platforms:</strong> CloudFormation</span><span id="scan-start-time"><strong>Start time:</strong> 09:29:15, May 03 2022</span>
+<span id="scan-end-time"><strong>End time:</strong> 09:29:20, May 03 2022</span></div><h2 style="margin-top:41px" class="kics-orange">Vulnerabilities:</h2><div class="counters"><div class="severity" onclick="filter('HIGH')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="badge" id="severity-count-high">6</span>
+<span class="caption">HIGH</span></div><div class="severity" onclick="filter('MEDIUM')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="badge" id="severity-count-medium">9</span>
 <span class="caption">MEDIUM</span></div><div class="severity" onclick="filter('LOW')"><div class="kics-purple icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="badge" id="severity-count-low">6</span>
 <span class="caption">LOW</span></div><div class="severity" onclick="filter('INFO')"><div class="kics-purple icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><rect fill="none" height="24" width="24"/></g><g><g/><g><path d="M21,5l-9-4L3,5v6c0,5.55,3.84,10.74,9,12c2.3-0.56,4.33-1.9,5.88-3.71l-3.12-3.12c-1.94,1.29-4.58,1.07-6.29-0.64 c-1.95-1.95-1.95-5.12,0-7.07c1.95-1.95,5.12-1.95,7.07,0c1.71,1.71,1.92,4.35,0.64,6.29l2.9,2.9C20.29,15.69,21,13.38,21,11V5z"/><circle cx="12" cy="12" r="3"/></g></g></svg></div><span class="badge" id="severity-count-info">0</span>
 <span class="caption">INFO</span></div><div class="severity" onclick="filter('TOTAL')"><div class="kics-orange icon"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><rect fill="none" height="24" width="24"/></g><g><g/><g><path d="M21,5l-9-4L3,5v6c0,5.55,3.84,10.74,9,12c2.3-0.56,4.33-1.9,5.88-3.71l-3.12-3.12c-1.94,1.29-4.58,1.07-6.29-0.64 c-1.95-1.95-1.95-5.12,0-7.07c1.95-1.95,5.12-1.95,7.07,0c1.71,1.71,1.92,4.35,0.64,6.29l2.9,2.9C20.29,15.69,21,13.38,21,11V5z"/><circle cx="12" cy="12" r="3"/></g></g></svg></div><span class="badge" id="severity-count-total">21</span>
@@ -14,10 +14,15 @@
 <span>Line 48</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.NetworkMode' is set and is 'awsvpc'</span>
 <span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.NetworkMode' is undefined and defaults to 'bridge'</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">47</span><span class="code"> Type: AWS::ECS::TaskDefinition</span></div><div class="code-line error"><span class="code-line-counter">48</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">49</span><span class="code"> Family: !Join ['', [!Ref 'AWS::StackName', -ecs-demo-app]]</span></div></div></div></details></div></div><div data-type="severity" data-name="HIGH"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="query-name">Fully Open Ingress</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">ECS Service's security group should not allow unrestricted access to all ports from all IPv4 addresses</span><span><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group" rel="noopener" target="_blank">https://docs.aws.amazon.com/AmazonECS/latest/developerguide/get-set-up-for-amazon-ecs.html#create-a-base-security-group</a></span></div></div><details><summary>Results (<span class="severity-partial-count-high">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
-<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports</span>
-<span><strong>Found:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 32</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports</span>
-<span><strong>Found:</strong> Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ALB Is Not Integrated With WAF</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Found:</strong> Resource name 'EcsSecurityGroupSSHinbound' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
+<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from all IPv4 adresses and to all available ports</span>
+<span><strong>Found:</strong> Resource name 'EcsSecurityGroupHTTPinbound02' of type 'AWS::EC2::SecurityGroupIngress' should not accept ingress connections from CIDR 0.0.0.0/0 to all available ports</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div></details></div></div><div data-type="severity" data-name="HIGH"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M13,16h-2v-2h2V16z M13,12h-2V7h2V12z"/></g></svg></div><span class="query-name">Unrestricted Security Group Ingress</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Ingress CIDR should not be open to the world</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-high">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
+<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
+<span>Line 32</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ALB Is Not Integrated With WAF</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">All Application Load Balancers (ALB) must be protected with Web Application Firewall (WAF) service</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-wafregional-webaclassociation.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-medium">1</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 86</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.ECSALB' does not have an 'internal' scheme and has a 'WebACLAssociation' associated</span>
 <span><strong>Found:</strong> 'Resources.ECSALB' does not have an 'internal' scheme and a 'WebACLAssociation' associated</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">85</span><span class="code"> - Name: my-vol</span></div><div class="code-line error"><span class="code-line-counter">86</span><span class="code"> ECSALB:</span></div><div class="code-line"><span class="code-line-counter">87</span><span class="code"> Type: AWS::ElasticLoadBalancingV2::LoadBalancer</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Auto Scaling Group With No Associated ELB</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
@@ -37,32 +42,27 @@
 <span>Line 167</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.service.Properties.TaskDefinition' refers to a TaskDefinition with Role</span>
 <span><strong>Found:</strong> 'Resources.service.Properties.TaskDefinition' does not refer to a TaskDefinition with Role</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">166</span><span class="code"> Role: !Ref 'ECSServiceRole'</span></div><div class="code-line error"><span class="code-line-counter">167</span><span class="code"> TaskDefinition: !Ref 'TaskDefinition'</span></div><div class="code-line"><span class="code-line-counter">168</span><span class="code"> ECSServiceRole:</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Security Group Ingress With Port Range</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Ingress should have a single port</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-medium">3</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
+<span>Line 35</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is not equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">34</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">35</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">36</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 19</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.FromPort is equal to Resources.EcsSecurityGroupHTTPinbound02.Properties.ToPort</span>
 <span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.FromPort is not equal to Resources.EcsSecurityGroupHTTPinbound02.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">18</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">19</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">20</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 27</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.FromPort is equal to Resources.EcsSecurityGroupSSHinbound.Properties.ToPort</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.FromPort is not equal to Resources.EcsSecurityGroupSSHinbound.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">26</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">27</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">28</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
-<span>Line 35</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupALBports.Properties.FromPort is not equal to Resources.EcsSecurityGroupALBports.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">34</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">35</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">36</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div></details></div></div><div data-type="severity" data-name="MEDIUM"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-orange"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Unrestricted Security Group Ingress</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
-<span><strong>Category:</strong> <span class="query-info-category">Networking and Firewall</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Ingress CIDR should not be open to the world</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-medium">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
-<span>Line 24</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">23</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">24</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">25</span><span class="code"> EcsSecurityGroupSSHinbound:</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
-<span>Line 32</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is not open to the world (0.0.0.0/0)</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.CidrIp is open to the world (0.0.0.0/0)</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">31</span><span class="code"> ToPort: 0</span></div><div class="code-line error"><span class="code-line-counter">32</span><span class="code"> CidrIp: 0.0.0.0/0</span></div><div class="code-line"><span class="code-line-counter">33</span><span class="code"> EcsSecurityGroupALBports:</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ECS Task Definition HealthCheck Missing</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.FromPort is not equal to Resources.EcsSecurityGroupSSHinbound.Properties.ToPort</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">26</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">27</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">28</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">ECS Task Definition HealthCheck Missing</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Observability</span></span></div><div class="query-details"><span class="query-description-title">Amazon ECS must have the HealthCheck property defined to give more control over monitoring the health of tasks</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-healthcheck.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-low">2</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
-<span>Line 51</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' contains 'HealthCheck' property</span>
-<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">50</span><span class="code"> ContainerDefinitions:</span></div><div class="code-line error"><span class="code-line-counter">51</span><span class="code"> - Name: simple-app</span></div><div class="code-line"><span class="code-line-counter">52</span><span class="code"> Cpu: 10</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 67</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' contains 'HealthCheck' property</span>
-<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">66</span><span class="code"> - ContainerPort: 80</span></div><div class="code-line error"><span class="code-line-counter">67</span><span class="code"> - Name: busybox</span></div><div class="code-line"><span class="code-line-counter">68</span><span class="code"> Cpu: 10</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">IAM Access Analyzer Not Enabled</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
+<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">66</span><span class="code"> - ContainerPort: 80</span></div><div class="code-line error"><span class="code-line-counter">67</span><span class="code"> - Name: busybox</span></div><div class="code-line"><span class="code-line-counter">68</span><span class="code"> Cpu: 10</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
+<span>Line 51</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' contains 'HealthCheck' property</span>
+<span><strong>Found:</strong> 'Resources.TaskDefinition.Properties.ContainerDefinitions' doesn't contain 'HealthCheck' property</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">50</span><span class="code"> ContainerDefinitions:</span></div><div class="code-line error"><span class="code-line-counter">51</span><span class="code"> - Name: simple-app</span></div><div class="code-line"><span class="code-line-counter">52</span><span class="code"> Cpu: 10</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">IAM Access Analyzer Not Enabled</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Best Practices</span></span></div><div class="query-details"><span class="query-description-title">IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions</span><span><a href="https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html" rel="noopener" target="_blank">https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-low">1</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 9</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> 'AWS::AccessAnalyzer::Analyzer' is set</span>
 <span><strong>Found:</strong> 'AWS::AccessAnalyzer::Analyzer' is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">8</span><span class="code"> Description: Select at two subnets in your selected VPC.</span></div><div class="code-line error"><span class="code-line-counter">9</span><span class="code">Resources:</span></div><div class="code-line"><span class="code-line-counter">10</span><span class="code"> ECSCluster:</span></div></div></div></details></div></div><div data-type="severity" data-name="LOW"><hr class="separator"><div class="query"><div class="query-info"><div class="query-title"><h2><div class="kics-purple"><svg xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 24 24" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><g><path d="M0,0h24v24H0V0z" fill="none"/></g><g><g><path d="M12,2L4,5v6.09c0,5.05,3.41,9.76,8,10.91c4.59-1.15,8-5.86,8-10.91V5L12,2z M18,11.09c0,4-2.55,7.7-6,8.83 c-3.45-1.13-6-4.82-6-8.83v-4.7l6-2.25l6,2.25V11.09z"/><rect height="2" width="2" x="11" y="14"/><rect height="5" width="2" x="11" y="7"/></g></g></svg></div><span class="query-name">Security Group Rule Without Description</span></h2><span><strong>Platform:</strong> <span class="query-info-platform">CloudFormation</span></span>
 <span><strong>Category:</strong> <span class="query-info-category">Best Practices</span></span></div><div class="query-details"><span class="query-description-title">AWS Security Group Rule should have description defined</span><span><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html" rel="noopener" target="_blank">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html</a></span></div></div><details><summary>Results (<span class="severity-partial-count-low">3</span>)</summary><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 19</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is set</span>
 <span><strong>Found:</strong> Resources.EcsSecurityGroupHTTPinbound02.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">18</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">19</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">20</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
-<span>Line 35</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupALBports.Properties.Description is set</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupALBports.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">34</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">35</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">36</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
 <span>Line 27</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.Description is set</span>
-<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">26</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">27</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">28</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div></details></div></div><hr class="separator"><div class="kics-message">KICS is open and will always stay such. Both the scanning engine and the security queries are clear and open for the software development community.</div><div class="love">Spread the love:</div><div class="social-networks"><a href="https://github.com/Checkmarx/kics/" rel="noopener" target="_blank"><div><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 20 20">
+<span><strong>Found:</strong> Resources.EcsSecurityGroupSSHinbound.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">26</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">27</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">28</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div><div class="vulnerable-info"><div class="vulnerable-info-header"><strong>File: /path/e2e/fixtures/samples/positive.yaml</strong>
+<span>Line 35</span></div><div class="vulnerable-info-details"><span><strong>Expected:</strong> Resources.EcsSecurityGroupALBports.Properties.Description is set</span>
+<span><strong>Found:</strong> Resources.EcsSecurityGroupALBports.Properties.Description is undefined</span></div><div class="code-box"><div class="code-line"><span class="code-line-counter">34</span><span class="code"> Type: AWS::EC2::SecurityGroupIngress</span></div><div class="code-line error"><span class="code-line-counter">35</span><span class="code"> Properties:</span></div><div class="code-line"><span class="code-line-counter">36</span><span class="code"> GroupId: !Ref 'EcsSecurityGroup'</span></div></div></div></details></div></div><hr class="separator"><div class="kics-message">KICS is open and will always stay such. Both the scanning engine and the security queries are clear and open for the software development community.</div><div class="love">Spread the love:</div><div class="social-networks"><a href="https://github.com/Checkmarx/kics/" rel="noopener" target="_blank"><div><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 20 20">
     <g fill="none" fill-rule="evenodd">
         <g fill="#626264" fill-rule="nonzero">
             <g>