Update master reports to latest 2.0 format

parent 677590e1
This diff is collapsed.
{
"licenses": [
{
"count": 10,
"count": 4,
"name": "BSD"
},
{
"count": 4,
"name": "MIT"
},
{
"count": 1,
"name": "Copyright (c) 2015, Julien Fache"
},
{
"count": 1,
"name": "New BSD License"
},
{
"count": 1,
"name": "Python Software Foundation License"
},
{
"count": 1,
"name": "Standard PIL License"
}
],
"dependencies": [
{
"license": {
"name": "MIT",
"url": "http://opensource.org/licenses/mit-license"
"name": "BSD",
"url": "http://en.wikipedia.org/wiki/BSD_licenses#4-clause_license_.28original_.22BSD_License.22.29"
},
"dependency": {
"name": "mini_portile2",
"url": "http://github.com/flavorjones/mini_portile",
"description": "Simplistic port-like solution for developers",
"name": "Django",
"url": "https://www.djangoproject.com/",
"description": "A high-level Python Web framework that encourages rapid development and clean, pragmatic design.",
"pathes": [
"."
]
......@@ -22,13 +42,12 @@
},
{
"license": {
"name": "MIT",
"url": "http://opensource.org/licenses/mit-license"
"name": "Standard PIL License"
},
"dependency": {
"name": "mustermann",
"url": "https://github.com/sinatra/mustermann",
"description": "Your personal string matching expert.",
"name": "Pillow",
"url": "https://python-pillow.org",
"description": "Python Imaging Library (Fork)",
"pathes": [
"."
]
......@@ -40,9 +59,9 @@
"url": "http://opensource.org/licenses/mit-license"
},
"dependency": {
"name": "nokogiri",
"url": "http://nokogiri.org",
"description": "Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser",
"name": "beautifulsoup4",
"url": "http://www.crummy.com/software/BeautifulSoup/bs4/",
"description": "Screen-scraping library",
"pathes": [
"."
]
......@@ -50,13 +69,13 @@
},
{
"license": {
"name": "MIT",
"url": "http://opensource.org/licenses/mit-license"
"name": "BSD",
"url": "http://en.wikipedia.org/wiki/BSD_licenses#4-clause_license_.28original_.22BSD_License.22.29"
},
"dependency": {
"name": "rack",
"url": "https://rack.github.io/",
"description": "a modular Ruby webserver interface",
"name": "django-contrib-comments",
"url": "https://github.com/django/django-contrib-comments",
"description": "The code formerly known as django.contrib.comments.",
"pathes": [
"."
]
......@@ -64,13 +83,13 @@
},
{
"license": {
"name": "MIT",
"url": "http://opensource.org/licenses/mit-license"
"name": "BSD",
"url": "http://en.wikipedia.org/wiki/BSD_licenses#4-clause_license_.28original_.22BSD_License.22.29"
},
"dependency": {
"name": "rack-protection",
"url": "http://github.com/sinatra/sinatra/tree/master/rack-protection",
"description": "Protect against typical web attacks, works with all Rack apps, including Rails.",
"name": "django-js-asset",
"url": "https://github.com/matthiask/django-js-asset/",
"description": "script tag with additional attributes for django.forms.Media",
"pathes": [
"."
]
......@@ -82,9 +101,9 @@
"url": "http://opensource.org/licenses/mit-license"
},
"dependency": {
"name": "redis",
"url": "https://github.com/redis/redis-rb",
"description": "A Ruby client library for Redis",
"name": "django-mptt",
"url": "http://github.com/django-mptt/django-mptt",
"description": "Utilities for implementing Modified Preorder Tree Traversal with your Django Models and working with trees of Model instances.",
"pathes": [
"."
]
......@@ -92,13 +111,13 @@
},
{
"license": {
"name": "MIT",
"url": "http://opensource.org/licenses/mit-license"
"name": "BSD",
"url": "http://en.wikipedia.org/wiki/BSD_licenses#4-clause_license_.28original_.22BSD_License.22.29"
},
"dependency": {
"name": "sinatra",
"url": "http://www.sinatrarb.com/",
"description": "Classy web-development dressed in a DSL",
"name": "django-tagging",
"url": "https://github.com/Fantomas42/django-tagging",
"description": "Generic tagging application for Django",
"pathes": [
"."
]
......@@ -106,13 +125,25 @@
},
{
"license": {
"name": "MIT",
"url": "http://opensource.org/licenses/mit-license"
"name": "New BSD License"
},
"dependency": {
"name": "django-xmlrpc",
"url": "https://github.com/Fantomas42/django-xmlrpc",
"description": "XML-RPC Server App for the Django framework.",
"pathes": [
"."
]
}
},
{
"license": {
"name": "Copyright (c) 2015, Julien Fache"
},
"dependency": {
"name": "slim",
"url": "http://slim-lang.com/",
"description": "Slim is a template language.",
"name": "mots-vides",
"url": "https://github.com/Fantomas42/mots-vides",
"description": "Python library for managing stop words in many languages.",
"pathes": [
"."
]
......@@ -124,9 +155,9 @@
"url": "http://opensource.org/licenses/mit-license"
},
"dependency": {
"name": "temple",
"url": "https://github.com/judofyr/temple",
"description": "Template compilation framework in Ruby",
"name": "pyparsing",
"url": "http://pyparsing.wikispaces.com/",
"description": "Python parsing module",
"pathes": [
"."
]
......@@ -138,9 +169,23 @@
"url": "http://opensource.org/licenses/mit-license"
},
"dependency": {
"name": "tilt",
"url": "http://github.com/rtomayko/tilt/",
"description": "Generic interface to multiple Ruby template engines",
"name": "pytz",
"url": "http://pythonhosted.org/pytz",
"description": "World timezone definitions, modern and historical",
"pathes": [
"."
]
}
},
{
"license": {
"name": "Python Software Foundation License",
"url": "http://hg.python.org/cpython/raw-file/89ce323357db/LICENSE"
},
"dependency": {
"name": "regex",
"url": "https://bitbucket.org/mrabarnett/mrab-regex",
"description": "Alternative regular expression module, to replace re.",
"pathes": [
"."
]
......
[
{
"category": "sast",
"name": "Cipher with no integrity",
"message": "Cipher with no integrity",
"description": "The cipher does not provide data integrity",
"cve": "e6449b89335daf53c0db4c0219bc1634:CIPHER_INTEGRITY",
"severity": "Medium",
"confidence": "High",
"scanner": {
"id": "find_sec_bugs",
"name": "Find Security Bugs"
},
"location": {
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"start_line": 29,
"end_line": 29,
"class": "com.gitlab.security_products.tests.App",
"method": "insecureCypher"
},
"identifiers": [
{
"type": "find_sec_bugs_type",
"name": "Find Security Bugs-CIPHER_INTEGRITY",
"value": "CIPHER_INTEGRITY",
"url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY"
{
"version": "2.0",
"vulnerabilities": [
{
"category": "sast",
"name": "Predictable pseudorandom number generator",
"message": "Predictable pseudorandom number generator",
"description": "The use of java.util.Random is predictable",
"cve": "818bf5dacb291e15d9e6dc3c5ac32178:PREDICTABLE_RANDOM",
"severity": "Medium",
"confidence": "Medium",
"scanner": {
"id": "find_sec_bugs",
"name": "Find Security Bugs"
},
{
"type": "cwe",
"name": "CWE-353",
"value": "353",
"url": "https://cwe.mitre.org/data/definitions/353.html"
}
],
"priority": "Medium",
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"line": 29,
"url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY",
"tool": "find_sec_bugs"
},
{
"category": "sast",
"name": "ECB mode is insecure",
"message": "ECB mode is insecure",
"description": "The cipher uses ECB mode, which provides poor confidentiality for encrypted data",
"cve": "ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE",
"severity": "Medium",
"confidence": "High",
"scanner": {
"id": "find_sec_bugs",
"name": "Find Security Bugs"
},
"location": {
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"start_line": 29,
"end_line": 29,
"class": "com.gitlab.security_products.tests.App",
"method": "insecureCypher"
"location": {
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"start_line": 47,
"end_line": 47,
"class": "com.gitlab.security_products.tests.App",
"method": "generateSecretToken2",
"dependency": {
"package": {}
}
},
"identifiers": [
{
"type": "find_sec_bugs_type",
"name": "Find Security Bugs-PREDICTABLE_RANDOM",
"value": "PREDICTABLE_RANDOM",
"url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM"
},
{
"type": "cwe",
"name": "CWE-330",
"value": "330",
"url": "https://cwe.mitre.org/data/definitions/330.html"
}
]
},
"identifiers": [
{
"type": "find_sec_bugs_type",
"name": "Find Security Bugs-ECB_MODE",
"value": "ECB_MODE",
"url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE"
{
"category": "sast",
"name": "Cipher with no integrity",
"message": "Cipher with no integrity",
"description": "The cipher does not provide data integrity",
"cve": "e6449b89335daf53c0db4c0219bc1634:CIPHER_INTEGRITY",
"severity": "Medium",
"confidence": "High",
"scanner": {
"id": "find_sec_bugs",
"name": "Find Security Bugs"
},
{
"type": "cwe",
"name": "CWE-327",
"value": "327",
"url": "https://cwe.mitre.org/data/definitions/327.html"
}
],
"priority": "Medium",
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"line": 29,
"url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE",
"tool": "find_sec_bugs"
},
{
"category": "sast",
"name": "Predictable pseudorandom number generator",
"message": "Predictable pseudorandom number generator",
"description": "The use of java.util.Random is predictable",
"cve": "e8ff1d01f74cd372f78da8f5247d3e73:PREDICTABLE_RANDOM",
"severity": "Medium",
"confidence": "Medium",
"scanner": {
"id": "find_sec_bugs",
"name": "Find Security Bugs"
"location": {
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"start_line": 29,
"end_line": 29,
"class": "com.gitlab.security_products.tests.App",
"method": "insecureCypher",
"dependency": {
"package": {}
}
},
"identifiers": [
{
"type": "find_sec_bugs_type",
"name": "Find Security Bugs-CIPHER_INTEGRITY",
"value": "CIPHER_INTEGRITY",
"url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY"
},
{
"type": "cwe",
"name": "CWE-353",
"value": "353",
"url": "https://cwe.mitre.org/data/definitions/353.html"
}
]
},
"location": {
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"start_line": 41,
"end_line": 41,
"class": "com.gitlab.security_products.tests.App",
"method": "generateSecretToken1"
{
"category": "sast",
"name": "Predictable pseudorandom number generator",
"message": "Predictable pseudorandom number generator",
"description": "The use of java.util.Random is predictable",
"cve": "e8ff1d01f74cd372f78da8f5247d3e73:PREDICTABLE_RANDOM",
"severity": "Medium",
"confidence": "Medium",
"scanner": {
"id": "find_sec_bugs",
"name": "Find Security Bugs"
},
"location": {
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"start_line": 41,
"end_line": 41,
"class": "com.gitlab.security_products.tests.App",
"method": "generateSecretToken1",
"dependency": {
"package": {}
}
},
"identifiers": [
{
"type": "find_sec_bugs_type",
"name": "Find Security Bugs-PREDICTABLE_RANDOM",
"value": "PREDICTABLE_RANDOM",
"url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM"
},
{
"type": "cwe",
"name": "CWE-330",
"value": "330",
"url": "https://cwe.mitre.org/data/definitions/330.html"
}
]
},
"identifiers": [
{
"type": "find_sec_bugs_type",
"name": "Find Security Bugs-PREDICTABLE_RANDOM",
"value": "PREDICTABLE_RANDOM",
"url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM"
{
"category": "sast",
"name": "ECB mode is insecure",
"message": "ECB mode is insecure",
"description": "The cipher uses ECB mode, which provides poor confidentiality for encrypted data",
"cve": "ea0f905fc76f2739d5f10a1fd1e37a10:ECB_MODE",
"severity": "Medium",
"confidence": "High",
"scanner": {
"id": "find_sec_bugs",
"name": "Find Security Bugs"
},
"location": {
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"start_line": 29,
"end_line": 29,
"class": "com.gitlab.security_products.tests.App",
"method": "insecureCypher",
"dependency": {
"package": {}
}
},
{
"type": "cwe",
"name": "CWE-330",
"value": "330",
"url": "https://cwe.mitre.org/data/definitions/330.html"
}
],
"priority": "Medium",
"file": "src/main/java/com/gitlab/security_products/tests/App.java",
"line": 41,
"url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM",
"tool": "find_sec_bugs"
}
]
"identifiers": [
{
"type": "find_sec_bugs_type",
"name": "Find Security Bugs-ECB_MODE",
"value": "ECB_MODE",
"url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE"
},
{
"type": "cwe",
"name": "CWE-327",
"value": "327",
"url": "https://cwe.mitre.org/data/definitions/327.html"
}
]
}
],
"remediations": []
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment