semgrep · 0xDC0DE · Apr 11, 2023 · Apr 9, 2023
diff --git a/csharp/dotnet/security/mvc-missing-antiforgery.yaml b/csharp/dotnet/security/mvc-missing-antiforgery.yaml
@@ -14,7 +14,6 @@ rules:
     - 'CWE-352: Cross-Site Request Forgery (CSRF)'
     cwe2021-top25: true
     cwe2022-top25: true
-    license: MIT
     owasp:
     - A01:2021 - Broken Access Control
     references:

diff --git a/csharp/dotnet/security/razor-template-injection.yaml b/csharp/dotnet/security/razor-template-injection.yaml
@@ -11,7 +11,6 @@ rules:
     cwe:
     - "CWE-94: Improper Control of Generation of Code ('Code Injection')"
     cwe2022-top25: true
-    license: MIT
     owasp:
     - A03:2021 - Injection
     references:

diff --git a/csharp/dotnet/security/web-config-insecure-cookie-settings.yaml b/csharp/dotnet/security/web-config-insecure-cookie-settings.yaml
@@ -10,7 +10,6 @@ rules:
     category: security
     cwe:
     - "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute"
-    license: MIT
     owasp:
     - A05:2021 - Security Misconfiguration
     references:

diff --git a/csharp/lang/security/filesystem/unsafe-path-combine.yaml b/csharp/lang/security/filesystem/unsafe-path-combine.yaml
@@ -42,7 +42,6 @@ rules:
   metadata:
     category: security
     confidence: MEDIUM
-    license: MIT
     references:
     - https://www.praetorian.com/blog/pathcombine-security-issues-in-aspnet-applications/
     - https://docs.microsoft.com/en-us/dotnet/api/system.io.path.combine?view=net-6.0#remarks

diff --git a/csharp/lang/security/insecure-deserialization/newtonsoft.yaml b/csharp/lang/security/insecure-deserialization/newtonsoft.yaml
@@ -37,7 +37,6 @@ rules:
     - newtonsoft
     - json
     confidence: LOW
-    license: MIT
     cwe2022-top25: true
     cwe2021-top25: true
     subcategory:

diff --git a/csharp/lang/security/xxe/xmldocument-unsafe-parser-override.yaml b/csharp/lang/security/xxe/xmldocument-unsafe-parser-override.yaml
@@ -23,7 +23,6 @@ rules:
   severity: WARNING
   metadata:
     category: security
-    license: MIT
     references:
     - https://www.jardinesoftware.net/2016/05/26/xxe-and-net/
     - https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks

diff --git a/csharp/lang/security/xxe/xmlreadersettings-unsafe-parser-override.yaml b/csharp/lang/security/xxe/xmlreadersettings-unsafe-parser-override.yaml
@@ -23,7 +23,6 @@ rules:
   severity: WARNING
   metadata:
     category: security
-    license: MIT
     references:
     - https://www.jardinesoftware.net/2016/05/26/xxe-and-net/
     - https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks

diff --git a/csharp/lang/security/xxe/xmltextreader-unsafe-defaults.yaml b/csharp/lang/security/xxe/xmltextreader-unsafe-defaults.yaml
@@ -24,7 +24,6 @@ rules:
   severity: WARNING
   metadata:
     category: security
-    license: MIT
     references:
     - https://www.jardinesoftware.net/2016/05/26/xxe-and-net/
     - https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmldocument.xmlresolver?view=net-6.0#remarks

diff --git a/php/lang/security/deserialization.yaml b/php/lang/security/deserialization.yaml
@@ -15,7 +15,6 @@ rules:
   languages:
   - php
   metadata:
-    license: MIT
     category: security
     cwe:
     - 'CWE-502: Deserialization of Untrusted Data'

diff --git a/php/lang/security/openssl-cbc-static-iv.yaml b/php/lang/security/openssl-cbc-static-iv.yaml
@@ -23,7 +23,6 @@ rules:
     - php
     - openssl
     category: security
-    license: MIT
     subcategory:
     - vuln
     likelihood: HIGH