From 5f381f480407bc2896024daf2688e5ea2606b895 Mon Sep 17 00:00:00 2001 From: Lewis Date: Tue, 11 Apr 2023 00:01:35 -0700 Subject: [PATCH] Remove incorrect licenses (#2861) --- csharp/dotnet/security/mvc-missing-antiforgery.yaml | 1 - csharp/dotnet/security/razor-template-injection.yaml | 1 - csharp/dotnet/security/web-config-insecure-cookie-settings.yaml | 1 - csharp/lang/security/filesystem/unsafe-path-combine.yaml | 1 - csharp/lang/security/insecure-deserialization/newtonsoft.yaml | 1 - csharp/lang/security/xxe/xmldocument-unsafe-parser-override.yaml | 1 - .../security/xxe/xmlreadersettings-unsafe-parser-override.yaml | 1 - csharp/lang/security/xxe/xmltextreader-unsafe-defaults.yaml | 1 - php/lang/security/deserialization.yaml | 1 - php/lang/security/openssl-cbc-static-iv.yaml | 1 - 10 files changed, 10 deletions(-) diff --git a/csharp/dotnet/security/mvc-missing-antiforgery.yaml b/csharp/dotnet/security/mvc-missing-antiforgery.yaml index 298d9f3dff..48fc6b9d7f 100644 --- a/csharp/dotnet/security/mvc-missing-antiforgery.yaml +++ b/csharp/dotnet/security/mvc-missing-antiforgery.yaml @@ -14,7 +14,6 @@ rules: - 'CWE-352: Cross-Site Request Forgery (CSRF)' cwe2021-top25: true cwe2022-top25: true - license: MIT owasp: - A01:2021 - Broken Access Control references: diff --git a/csharp/dotnet/security/razor-template-injection.yaml b/csharp/dotnet/security/razor-template-injection.yaml index 674da55eb8..374f3cf0d3 100644 --- a/csharp/dotnet/security/razor-template-injection.yaml +++ b/csharp/dotnet/security/razor-template-injection.yaml @@ -11,7 +11,6 @@ rules: cwe: - "CWE-94: Improper Control of Generation of Code ('Code Injection')" cwe2022-top25: true - license: MIT owasp: - A03:2021 - Injection references: diff --git a/csharp/dotnet/security/web-config-insecure-cookie-settings.yaml b/csharp/dotnet/security/web-config-insecure-cookie-settings.yaml index b611a94bc8..dc7df820bf 100644 --- a/csharp/dotnet/security/web-config-insecure-cookie-settings.yaml +++ b/csharp/dotnet/security/web-config-insecure-cookie-settings.yaml @@ -10,7 +10,6 @@ rules: category: security cwe: - "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute" - license: MIT owasp: - A05:2021 - Security Misconfiguration references: diff --git a/csharp/lang/security/filesystem/unsafe-path-combine.yaml b/csharp/lang/security/filesystem/unsafe-path-combine.yaml index 37a741ebe9..112b3b4664 100644 --- a/csharp/lang/security/filesystem/unsafe-path-combine.yaml +++ b/csharp/lang/security/filesystem/unsafe-path-combine.yaml @@ -42,7 +42,6 @@ rules: metadata: category: security confidence: MEDIUM - license: MIT references: - https://www.praetorian.com/blog/pathcombine-security-issues-in-aspnet-applications/ - https://docs.microsoft.com/en-us/dotnet/api/system.io.path.combine?view=net-6.0#remarks diff --git a/csharp/lang/security/insecure-deserialization/newtonsoft.yaml b/csharp/lang/security/insecure-deserialization/newtonsoft.yaml index 17c6fe9dba..8f86fd2a5d 100644 --- a/csharp/lang/security/insecure-deserialization/newtonsoft.yaml +++ b/csharp/lang/security/insecure-deserialization/newtonsoft.yaml @@ -37,7 +37,6 @@ rules: - newtonsoft - json confidence: LOW - license: MIT cwe2022-top25: true cwe2021-top25: true subcategory: diff --git a/csharp/lang/security/xxe/xmldocument-unsafe-parser-override.yaml b/csharp/lang/security/xxe/xmldocument-unsafe-parser-override.yaml index 83095cbb73..624f6ee6aa 100644 --- a/csharp/lang/security/xxe/xmldocument-unsafe-parser-override.yaml +++ b/csharp/lang/security/xxe/xmldocument-unsafe-parser-override.yaml @@ -23,7 +23,6 @@ rules: severity: WARNING metadata: category: security - license: MIT references: - https://www.jardinesoftware.net/2016/05/26/xxe-and-net/ - https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks diff --git a/csharp/lang/security/xxe/xmlreadersettings-unsafe-parser-override.yaml b/csharp/lang/security/xxe/xmlreadersettings-unsafe-parser-override.yaml index 89ad328465..596a3a3334 100644 --- a/csharp/lang/security/xxe/xmlreadersettings-unsafe-parser-override.yaml +++ b/csharp/lang/security/xxe/xmlreadersettings-unsafe-parser-override.yaml @@ -23,7 +23,6 @@ rules: severity: WARNING metadata: category: security - license: MIT references: - https://www.jardinesoftware.net/2016/05/26/xxe-and-net/ - https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks diff --git a/csharp/lang/security/xxe/xmltextreader-unsafe-defaults.yaml b/csharp/lang/security/xxe/xmltextreader-unsafe-defaults.yaml index b158bc007b..f56ade6fac 100644 --- a/csharp/lang/security/xxe/xmltextreader-unsafe-defaults.yaml +++ b/csharp/lang/security/xxe/xmltextreader-unsafe-defaults.yaml @@ -24,7 +24,6 @@ rules: severity: WARNING metadata: category: security - license: MIT references: - https://www.jardinesoftware.net/2016/05/26/xxe-and-net/ - https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks diff --git a/php/lang/security/deserialization.yaml b/php/lang/security/deserialization.yaml index 3c1fd5a5a1..a35a4f8861 100644 --- a/php/lang/security/deserialization.yaml +++ b/php/lang/security/deserialization.yaml @@ -15,7 +15,6 @@ rules: languages: - php metadata: - license: MIT category: security cwe: - 'CWE-502: Deserialization of Untrusted Data' diff --git a/php/lang/security/openssl-cbc-static-iv.yaml b/php/lang/security/openssl-cbc-static-iv.yaml index 42e91e39c3..25061c1f16 100644 --- a/php/lang/security/openssl-cbc-static-iv.yaml +++ b/php/lang/security/openssl-cbc-static-iv.yaml @@ -23,7 +23,6 @@ rules: - php - openssl category: security - license: MIT subcategory: - vuln likelihood: HIGH