lib/pwn/sast/eval.rb in pwn-0.4.505 vs lib/pwn/sast/eval.rb in pwn-0.4.507

- old
+ new

@@ -46,11 +46,11 @@ else str = "1:Result larger than 64KB -> Size: #{str.to_s.length}. Please click the \"Path\" link for more details." if str.to_s.length >= 64_000 hash_line = { timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s, - test_case: nist_800_53_requirements, + security_requirements: security_requirements, filename: filename_arr.push(git_repo_root_uri: git_repo_root_uri, entry: entry), line_no_and_contents: '', raw_content: str, test_case_filter: test_case_filter } @@ -103,14 +103,16 @@ # Used primarily to map NIST 800-53 Revision 4 Security Controls # https://web.nvd.nist.gov/view/800-53/Rev4/impact?impactName=HIGH # to PWN Exploit & Static Code Anti-Pattern Matching Modules to # Determine the level of Testing Coverage w/ PWN. - public_class_method def self.nist_800_53_requirements + public_class_method def self.security_requirements { sast_module: self, section: 'MALICIOUS CODE PROTECTION', - nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3' + nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3', + cwe_id: '95', + cwe_uri: 'https://cwe.mitre.org/data/definitions/95.html' } rescue StandardError => e raise e end