Merge pull request #1981 from OWASP/capec-asvs5-2

sydseter · web-flow · commit 27af8db606e3 · 2025-12-19T15:39:10.000+01:00
Adding mapping between capec and asvs5 for the Crypography suite
diff --git a/source/webapp-cards-2.2-en.yaml b/source/webapp-cards-2.2-en.yaml
@@ -328,7 +328,7 @@ suits:
     id: "CR9"
     value: "9"
     url: "https://cornucopia.owasp.org/cards/CR9"
-    desc: "Andy can bypass random number generation, random GUID generation, hashing and encryption functions because they have been self-built and/or are weak"
+    desc: "Andy can bypass cryptographic controls because random-number, GUID, or hashing functions are self-built, risky or weak"
   -
     id: "CRX"
     value: "10"
diff --git a/source/webapp-cards-3.0-en.yaml b/source/webapp-cards-3.0-en.yaml
@@ -328,7 +328,7 @@ suits:
     id: "CR9"
     value: "9"
     url: "https://cornucopia.owasp.org/cards/CR9"
-    desc: "Andy can bypass random number generation, random GUID generation, hashing and encryption functions because they have been self-built and/or are weak"
+    desc: "Andy can bypass cryptographic controls because random-number, GUID, or hashing functions are self-built, risky or weak"
   -
     id: "CRX"
     value: "10"
diff --git a/source/webapp-mappings-2.2.yaml b/source/webapp-mappings-2.2.yaml
@@ -885,7 +885,7 @@ suits:
     owasp_asvs: [ 6.2.2 ]
     owasp_asvs_print: [ 6.2.2 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 39, 162 ]
+    capec: [ 39, 97, 162, 204 ]
     safecode: [ 21, 29 ]
     owasp_cre:
       owasp_asvs: [ 742-431 ]
@@ -901,7 +901,7 @@ suits:
     owasp_asvs: [ 10.2.3, 10.2.4, 10.2.5, 10.2.6, 10.3.1, 10.3.2, 14.1.1, 14.1.4, 14.1.5 ]
     owasp_asvs_print: [ 10.2.3-6, 10.3.1, 10.3.2, 14.1.1, 14.1.4, 14.1.5 ]
     owasp_appsensor: [ SE1, IE4 ]
-    capec: [ 31, 39, 68, 75, 94, 133, 145, 162, 184, 203, 233, 438, 439, 442, 444, 447, 594, 690 ]
+    capec: [ 39, 68, 75, 94, 145, 184, 438, 442, 475, 523, 594, 690 ]
     safecode: [ 12, 14 ]
     owasp_cre:
       owasp_asvs: [ 838-636, 838-636, 418-525, 265-800, 154-031, '028-254', 307-507, 253-452, 208-355, 347-352 ]
@@ -917,7 +917,7 @@ suits:
     owasp_asvs: [ 8.3.4, 9.1.1 ]
     owasp_asvs_print: [ 8.3.4, 9.1.1 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 117, 153, 185, 186, 187 ]
+    capec: [ 94, 117 ]
     safecode: [ 14, 29, 30 ]
     owasp_cre:
       owasp_asvs: [ 227-045, 745-045 ]
@@ -933,7 +933,7 @@ suits:
     owasp_asvs: [ 1.9.1, 6.2.1, 9.1.3, 9.2.2 ]
     owasp_asvs_print: [ 1.9.1, 6.2.1, 9.1.3, 9.2.2 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 212, 620 ]
+    capec: [ 24, 620 ]
     safecode: [ 21, 29 ]
     owasp_cre:
       owasp_asvs: [ 527-034, '036-810', 248-646, 636-854 ]
@@ -949,7 +949,7 @@ suits:
     owasp_asvs: [ 1.9.1, 2.2.5, 2.5.1, 8.3.4, 8.3.6, 9.1.3, 9.2.2 ]
     owasp_asvs_print: [ 1.9.1, 2.2.5, 2.5.1, 8.3.4, 8.3.6, 9.1.3, 9.2.2 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 31, 57, 94, 102, 157, 158, 384, 466, 546 ]
+    capec: [ 94, 102, 116, 117, 204 ]
     safecode: [ 29 ]
     owasp_cre:
       owasp_asvs: [ 527-034, 558-807, 270-634, 227-045, 715-304 , 248-646, 636-854 ]
@@ -997,7 +997,7 @@ suits:
     owasp_asvs: [ 6.2.2, 6.2.3, 6.3.1, 6.3.3 ]
     owasp_asvs_print: [ 6.2.2-3, 6.3.1, 6.3.3 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 97 ]
+    capec: [ 97, 112, 461, 473 ]
     safecode: [ 14, 21, 29, 32, 33 ]
     owasp_cre:
       owasp_asvs: [ 742-431, 674-425, 542-488, 664-571 ]
@@ -1013,7 +1013,7 @@ suits:
     owasp_asvs: [ 6.3.3 ]
     owasp_asvs_print: [ 6.3.3 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 97, 463 ]
+    capec: [ 97, 112, 463 ]
     safecode: [ 14, 21, 29, 31, 32, 33 ]
     owasp_cre:
       owasp_asvs: [ 664-571 ]
@@ -1029,7 +1029,7 @@ suits:
     owasp_asvs: [ 1.6.1, 1.6.2, 1.6.4, 2.10.4, 6.4.1, 6.4.2 ]
     owasp_asvs_print: [ 1.6.1-2, 1.6.4, 2.10.4, 6.4.1-2 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 116 ]
+    capec: [ 37, 57, 155, 204, 474, 639 ]
     safecode: [ 21, 29 ]
     owasp_cre:
       owasp_asvs: [ 287-305, 508-702, 232-325, 774-888, 340-375, '032-213' ]
@@ -1045,7 +1045,7 @@ suits:
     owasp_asvs: [ 1.6.1, 1.6.2, 1.6.3, 6.2.3, 8.3.6 ]
     owasp_asvs_print: [ 1.6.1-3, 6.2.3, 8.3.6 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 116, 117 ]
+    capec: [ 20, 37, 57, 97, 155, 204, 474, 639 ]
     safecode: [ 21, 29 ]
     owasp_cre:
       owasp_asvs: [ 287-305, 508-702, 821-832, 674-425, 715-304 ]
@@ -1061,7 +1061,7 @@ suits:
     owasp_asvs: [ 1.6.2, 6.2.5, 6.2.6, 6.2.7, 6.2.8 ]
     owasp_asvs_print: [ 1.6.2, 6.2.5-8 ]
     owasp_appsensor: [ "-" ]
-    capec: [ 94, 184, 207, 554 ]
+    capec: [ 184, 207, 444, 523 ]
     safecode: [ 14, 21, 29 ]
     owasp_cre:
       owasp_asvs: [ 508-702, 441-132, 433-122, 786-224, 878-880 ]
diff --git a/source/webapp-mappings-3.0.yaml b/source/webapp-mappings-3.0.yaml

Original file line number	Diff line number	Diff line change
`@@ -328,7 +328,7 @@ suits:`
`328`	`328`	`id: "CR9"`
`329`	`329`	`value: "9"`
`330`	`330`	`url: "https://cornucopia.owasp.org/cards/CR9"`
`331`		`- desc: "Andy can bypass random number generation, random GUID generation, hashing and encryption functions because they have been self-built and/or are weak"`
	`331`	`+ desc: "Andy can bypass cryptographic controls because random-number, GUID, or hashing functions are self-built, risky or weak"`
`332`	`332`	`-`
`333`	`333`	`id: "CRX"`
`334`	`334`	`value: "10"`