Skip to content

Commit

Permalink
RSPEC update (#8553)
Browse files Browse the repository at this point in the history
  • Loading branch information
cristian-ambrosini-sonarsource authored Jan 17, 2024
1 parent c7847c0 commit e3e67e0
Show file tree
Hide file tree
Showing 119 changed files with 534 additions and 514 deletions.
4 changes: 2 additions & 2 deletions analyzers/rspec/cs/S106.html
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ <h3>Code examples</h3>
</pre>
<h2>Resources</h2>
<ul>
<li> <a href="https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/">OWASP Top 10 2021 Category A9</a> - Security Logging and
Monitoring Failures </li>
<li> OWASP - <a href="https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/">Top 10 2021 Category A9 - Security Logging and
Monitoring Failures</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1104.html
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,6 @@ <h3>Pitfalls</h3>
<p>Please be aware that changing a field by a property in a software that uses serialization could lead to binary incompatibility.</p>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/493">MITRE, CWE-493</a> - Critical Public Variable Without Final Modifier </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/493">CWE-493 - Critical Public Variable Without Final Modifier</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S112.html
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,6 @@ <h4>Compliant solution</h4>
<h2>Resources</h2>
<h3>Standards</h3>
<ul>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/397">397 Declaration of Throws for Generic Exception</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/397">CWE-397 Declaration of Throws for Generic Exception</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1121.html
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,6 @@ <h4>Compliant solution</h4>
</pre>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/481">MITRE, CWE-481</a> - Assigning instead of Comparing </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/481">CWE-481 - Assigning instead of Comparing</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1125.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ <h2>Why is this an issue?</h2>
variable or expression that evaluates to a boolean value is unnecessary and can make the code harder to read and understand. The more complex a
boolean expression is, the harder it will be for developers to understand its meaning and expected behavior, and it will favour the introduction of
new bugs.</p>
<h2>How to tix it</h2>
<h2>How to fix it</h2>
<p>Remove redundant boolean literals from expressions to improve readability and make the code more maintainable.</p>
<h3>Code examples</h3>
<h4>Noncompliant code example</h4>
Expand Down
2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1134.html
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,6 @@ <h2>Why is this an issue?</h2>
<h2>Resources</h2>
<h3>Documentation</h3>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/546">MITRE, CWE-546 - Suspicious Comment</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/546">CWE-546 - Suspicious Comment</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1135.html
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,6 @@ <h3>Noncompliant code example</h3>
</pre>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/546">MITRE, CWE-546</a> - Suspicious Comment </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/546">CWE-546 - Suspicious Comment</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1206.html
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ <h4>Compliant solution</h4>
<h2>Resources</h2>
<h3>Documentation</h3>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/581">MITRE, CWE-581</a> - Object Model Violation: Just One of Equals and Hashcode Defined </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/581">CWE-581 - Object Model Violation: Just One of Equals and Hashcode Defined</a> </li>
<li> <a href="https://learn.microsoft.com/en-us/dotnet/api/system.object.equals">Object.Equals Method</a> </li>
<li> <a href="https://learn.microsoft.com/en-us/dotnet/api/system.object.gethashcode">Object.GetHashCode Method</a> </li>
<li> <a href="https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable">Hashtable class</a> </li>
Expand Down
2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S131.html
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,6 @@ <h3>Compliant solution</h3>
</pre>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/478">MITRE, CWE-478</a> - Missing Default Case in Switch Statement </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/478">CWE-478 - Missing Default Case in Switch Statement</a> </li>
</ul>

6 changes: 3 additions & 3 deletions analyzers/rspec/cs/S1313.html
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,8 @@ <h2>Exceptions</h2>
</ul>
<h2>See</h2>
<ul>
<li> <a href="https://owasp.org/Top10/A01_2021-Broken_Access_Control/">OWASP Top 10 2021 Category A1</a> - Broken Access Control </li>
<li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
Exposure </li>
<li> OWASP - <a href="https://owasp.org/Top10/A01_2021-Broken_Access_Control/">Top 10 2021 Category A1 - Broken Access Control</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">Top 10 2017 Category A3 - Sensitive Data
Exposure</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1696.html
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ <h3>Compliant solution</h3>
</pre>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/395">MITRE, CWE-395</a> - Use of NullPointerException Catch to Detect NULL Pointer Dereference
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/395">CWE-395 - Use of NullPointerException Catch to Detect NULL Pointer Dereference</a>
</li>
</ul>

4 changes: 2 additions & 2 deletions analyzers/rspec/cs/S1698.html
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ <h3>Exceptions</h3>
in this case we want to ensure reference equality even if some <code>==</code> overload is present).</p>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/595">MITRE, CWE-595</a> - Comparison of Object References Instead of Object Contents </li>
<li> <a href="https://cwe.mitre.org/data/definitions/597">MITRE, CWE-597</a> - Use of Wrong Operator in String Comparison </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/595">CWE-595 - Comparison of Object References Instead of Object Contents</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/597">CWE-597 - Use of Wrong Operator in String Comparison</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S1854.html
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ <h4>Compliant solution</h4>
<h2>Resources</h2>
<h3>Standards</h3>
<ul>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/563">563 - Assignment to Variable without Use ('Unused Variable')</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/563">CWE-563 - Assignment to Variable without Use ('Unused Variable')</a> </li>
</ul>
<h3>Related rules</h3>
<ul>
Expand Down
4 changes: 2 additions & 2 deletions analyzers/rspec/cs/S1944.html
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ <h3>Documentation</h3>
<li> <a
href="https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/language-specification/conversions#1035-explicit-reference-conversions">Conversions - Explicit reference conversions in C#</a> </li>
</ul> </li>
<li> <a href="https://cwe.mitre.org/data/definitions/588">MITRE, CWE-588 - Attempt to Access Child of a Non-structure Pointer</a> </li>
<li> <a href="https://cwe.mitre.org/data/definitions/704">MITRE, CWE-704 - Incorrect Type Conversion or Cast</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/588">CWE-588 - Attempt to Access Child of a Non-structure Pointer</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/704">CWE-704 - Incorrect Type Conversion or Cast</a> </li>
</ul>

10 changes: 5 additions & 5 deletions analyzers/rspec/cs/S2053.html
Original file line number Diff line number Diff line change
Expand Up @@ -48,10 +48,10 @@ <h3>How does this work?</h3>
<h2>Resources</h2>
<h3>Standards</h3>
<ul>
<li> <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">OWASP</a> Top 10:2021 A02:2021 - Cryptographic Failures </li>
<li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP</a> - Top 10 2017 - A03:2017 - Sensitive Data
Exposure </li>
<li> <a href="https://cwe.mitre.org/data/definitions/759">CWE</a> - CWE-759: Use of a One-Way Hash without a Salt </li>
<li> <a href="https://cwe.mitre.org/data/definitions/760">CWE</a> - CWE-760: Use of a One-Way Hash with a Predictable Salt </li>
<li> OWASP - <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">Top 10 2021 Category A2 - Cryptographic Failures</a> </li>
<li> OWASP - <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">Top 10 2017 Category A3 - Sensitive Data
Exposure</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/759">CWE-759 - Use of a One-Way Hash without a Salt</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/760">CWE-760 - Use of a One-Way Hash with a Predictable Salt</a> </li>
</ul>

10 changes: 5 additions & 5 deletions analyzers/rspec/cs/S2068.html
Original file line number Diff line number Diff line change
Expand Up @@ -47,12 +47,12 @@ <h2>Exceptions</h2>
</ul>
<h2>See</h2>
<ul>
<li> <a href="https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/">OWASP Top 10 2021 Category A7</a> - Identification and
Authentication Failures </li>
<li> <a href="https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication">OWASP Top 10 2017 Category A2</a> - Broken Authentication
<li> OWASP - <a href="https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/">Top 10 2021 Category A7 - Identification and
Authentication Failures</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication">Top 10 2017 Category A2 - Broken Authentication</a>
</li>
<li> <a href="https://cwe.mitre.org/data/definitions/798">MITRE, CWE-798</a> - Use of Hard-coded Credentials </li>
<li> <a href="https://cwe.mitre.org/data/definitions/259">MITRE, CWE-259</a> - Use of Hard-coded Password </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/798">CWE-798 - Use of Hard-coded Credentials</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/259">CWE-259 - Use of Hard-coded Password</a> </li>
<li> Derived from FindSecBugs rule <a href="https://h3xstream.github.io/find-sec-bugs/bugs.htm#HARD_CODE_PASSWORD">Hard Coded Password</a> </li>
</ul>

9 changes: 4 additions & 5 deletions analyzers/rspec/cs/S2077.html
Original file line number Diff line number Diff line change
Expand Up @@ -48,11 +48,10 @@ <h2>Compliant Solution</h2>
</pre>
<h2>See</h2>
<ul>
<li> <a href="https://owasp.org/Top10/A03_2021-Injection/">OWASP Top 10 2021 Category A3</a> - Injection </li>
<li> <a href="https://owasp.org/www-project-top-ten/2017/A1_2017-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
<li> <a href="https://cwe.mitre.org/data/definitions/20">MITRE, CWE-20</a> - Improper Input Validation </li>
<li> <a href="https://cwe.mitre.org/data/definitions/89">MITRE, CWE-89</a> - Improper Neutralization of Special Elements used in an SQL Command
</li>
<li> OWASP - <a href="https://owasp.org/Top10/A03_2021-Injection/">Top 10 2021 Category A3 - Injection</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A1_2017-Injection">Top 10 2017 Category A1 - Injection</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/20">CWE-20 - Improper Input Validation</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/89">CWE-89 - Improper Neutralization of Special Elements used in an SQL Command</a> </li>
<li> Derived from FindSecBugs rules <a href="https://h3xstream.github.io/find-sec-bugs/bugs.htm#SQL_INJECTION_JPA">Potential SQL/JPQL Injection
(JPA)</a>, <a href="https://h3xstream.github.io/find-sec-bugs/bugs.htm#SQL_INJECTION_JDO">Potential SQL/JDOQL Injection (JDO)</a>, <a
href="https://h3xstream.github.io/find-sec-bugs/bugs.htm#SQL_INJECTION_HIBERNATE">Potential SQL/HQL Injection (Hibernate)</a> </li>
Expand Down
14 changes: 7 additions & 7 deletions analyzers/rspec/cs/S2092.html
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,12 @@ <h2>Compliant Solution</h2>
</ul>
<h2>See</h2>
<ul>
<li> <a href="https://owasp.org/Top10/A04_2021-Insecure_Design/">OWASP Top 10 2021 Category A4</a> - Insecure Design </li>
<li> <a href="https://owasp.org/Top10/A05_2021-Security_Misconfiguration/">OWASP Top 10 2021 Category A5</a> - Security Misconfiguration </li>
<li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
Exposure </li>
<li> <a href="https://cwe.mitre.org/data/definitions/311">MITRE, CWE-311</a> - Missing Encryption of Sensitive Data </li>
<li> <a href="https://cwe.mitre.org/data/definitions/315">MITRE, CWE-315</a> - Cleartext Storage of Sensitive Information in a Cookie </li>
<li> <a href="https://cwe.mitre.org/data/definitions/614">MITRE, CWE-614</a> - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute </li>
<li> OWASP - <a href="https://owasp.org/Top10/A04_2021-Insecure_Design/">Top 10 2021 Category A4 - Insecure Design</a> </li>
<li> OWASP - <a href="https://owasp.org/Top10/A05_2021-Security_Misconfiguration/">Top 10 2021 Category A5 - Security Misconfiguration</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">Top 10 2017 Category A3 - Sensitive Data
Exposure</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/311">CWE-311 - Missing Encryption of Sensitive Data</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/315">CWE-315 - Cleartext Storage of Sensitive Information in a Cookie</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/614">CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute</a> </li>
</ul>

14 changes: 7 additions & 7 deletions analyzers/rspec/cs/S2115.html
Original file line number Diff line number Diff line change
Expand Up @@ -186,12 +186,12 @@ <h2>Resources</h2>
</ul>
<h3>Standards</h3>
<ul>
<li> <a href="https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/">OWASP Top 10 2021 Category A7</a> - Identification and
Authentication Failures </li>
<li> <a href="https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication.html">OWASP Top 10 2017 Category A2</a> - Broken
Authentication </li>
<li> <a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
Exposure </li>
<li> <a href="https://cwe.mitre.org/data/definitions/521">MITRE, CWE-521</a> - Weak Password Requirements </li>
<li> OWASP - <a href="https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/">Top 10 2021 Category A7 - Identification and
Authentication Failures</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication">Top 10 2017 Category A2 - Broken Authentication</a>
</li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">Top 10 2017 Category A3 - Sensitive Data
Exposure</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/521">CWE-521 - Weak Password Requirements</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S2184.html
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,6 @@ <h3>Compliant solution</h3>
</pre>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/190">MITRE, CWE-190</a> - Integer Overflow or Wraparound </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/190">CWE-190 - Integer Overflow or Wraparound</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S2221.html
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,6 @@ <h3>Exceptions</h3>
</pre>
<h2>Resources</h2>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/396">MITRE, CWE-396</a> - Declaration of Catch for Generic Exception </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/396">CWE-396 - Declaration of Catch for Generic Exception</a> </li>
</ul>

2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S2222.html
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ <h2>Resources</h2>
<ul>
<li> <a
href="https://docs.microsoft.com/en-us/dotnet/standard/threading/overview-of-synchronization-primitives#synchronization-of-access-to-a-shared-resource">Synchronization of access to a shared resource</a> </li>
<li> <a href="https://cwe.mitre.org/data/definitions/459">MITRE, CWE-459 - Incomplete Cleanup</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/459">CWE-459 - Incomplete Cleanup</a> </li>
<li> <a href="https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/statements/lock"><code>lock</code> statement</a> </li>
<li> <a
href="https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/statements/exception-handling-statements#the-try-finally-statement">The
Expand Down
2 changes: 1 addition & 1 deletion analyzers/rspec/cs/S2225.html
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ <h2>Why is this an issue?</h2>
<h2>Resources</h2>
<h3>Documentation</h3>
<ul>
<li> <a href="https://cwe.mitre.org/data/definitions/476">MITRE, CWE-476</a> - NULL Pointer Dereference </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/476">CWE-476 - NULL Pointer Dereference</a> </li>
<li> <a href="https://learn.microsoft.com/en-us/dotnet/api/system.object.tostring">Object.ToString Method</a> </li>
<li> <a href="https://learn.microsoft.com/en-us/dotnet/csharp/programming-guide/classes-and-structs/how-to-override-the-tostring-method">How to
override the ToString method</a> </li>
Expand Down
20 changes: 10 additions & 10 deletions analyzers/rspec/cs/S2245.html
Original file line number Diff line number Diff line change
Expand Up @@ -44,18 +44,18 @@ <h2>Compliant Solution</h2>
</pre>
<h2>See</h2>
<ul>
<li> <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">OWASP Top 10 2021 Category A2</a> - Cryptographic Failures </li>
<li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
Exposure </li>
<li> OWASP - <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">Top 10 2021 Category A2 - Cryptographic Failures</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">Top 10 2017 Category A3 - Sensitive Data
Exposure</a> </li>
<li> <a href="https://mobile-security.gitbook.io/masvs/security-requirements/0x08-v3-cryptography_verification_requirements">Mobile AppSec
Verification Standard</a> - Cryptography Requirements </li>
<li> <a href="https://owasp.org/www-project-mobile-top-10/2016-risks/m5-insufficient-cryptography">OWASP Mobile Top 10 2016 Category M5</a> -
Insufficient Cryptography </li>
<li> <a href="https://cwe.mitre.org/data/definitions/338">MITRE, CWE-338</a> - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Verification Standard - Cryptography Requirements</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-mobile-top-10/2016-risks/m5-insufficient-cryptography">Mobile Top 10 2016 Category M5 -
Insufficient Cryptography</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/338">CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)</a>
</li>
<li> <a href="https://cwe.mitre.org/data/definitions/330">MITRE, CWE-330</a> - Use of Insufficiently Random Values </li>
<li> <a href="https://cwe.mitre.org/data/definitions/326">MITRE, CWE-326</a> - Inadequate Encryption Strength </li>
<li> <a href="https://cwe.mitre.org/data/definitions/1241">MITRE, CWE-1241</a> - Use of Predictable Algorithm in Random Number Generator </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/330">CWE-330 - Use of Insufficiently Random Values</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/326">CWE-326 - Inadequate Encryption Strength</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/1241">CWE-1241 - Use of Predictable Algorithm in Random Number Generator</a> </li>
<li> Derived from FindSecBugs rule <a href="https://h3xstream.github.io/find-sec-bugs/bugs.htm#PREDICTABLE_RANDOM">Predictable Pseudo Random Number
Generator</a> </li>
</ul>
Expand Down
8 changes: 4 additions & 4 deletions analyzers/rspec/cs/S2257.html
Original file line number Diff line number Diff line change
Expand Up @@ -35,10 +35,10 @@ <h2>Compliant Solution</h2>
</pre>
<h2>See</h2>
<ul>
<li> <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">OWASP Top 10 2021 Category A2</a> - Cryptographic Failures </li>
<li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
Exposure </li>
<li> <a href="https://cwe.mitre.org/data/definitions/327">MITRE, CWE-327</a> - Use of a Broken or Risky Cryptographic Algorithm </li>
<li> OWASP - <a href="https://owasp.org/Top10/A02_2021-Cryptographic_Failures/">Top 10 2021 Category A2 - Cryptographic Failures</a> </li>
<li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">Top 10 2017 Category A3 - Sensitive Data
Exposure</a> </li>
<li> CWE - <a href="https://cwe.mitre.org/data/definitions/327">CWE-327 - Use of a Broken or Risky Cryptographic Algorithm</a> </li>
<li> Derived from FindSecBugs rule <a href="https://h3xstream.github.io/find-sec-bugs/bugs.htm#CUSTOM_MESSAGE_DIGEST">MessageDigest is Custom</a>
</li>
</ul>
Expand Down
Loading

0 comments on commit e3e67e0

Please sign in to comment.